secure.winred.com Open in urlscan Pro
2606:4700::6813:d359 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nolib.us/zKJV5b
Effective URL:
https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=s...
Submission: On November 08 via manual (November 8th 2023, 3:19:35 pm UTC) from US — Scanned from US

Summary HTTP 188 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 26 IPs in 1 countries across 19 domains to perform 188 HTTP transactions. The main IP is 2606:4700::6813:d359, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com. The Cisco Umbrella rank of the primary domain is 87741.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 21st 2023. Valid for: a year.

This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	99.83.253.106 99.83.253.106	16509 (AMAZON-02) (AMAZON-02)
1 1	75.2.108.118 75.2.108.118	16509 (AMAZON-02) (AMAZON-02)
1 10	2606:4700::68... 2606:4700::6813:d359	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
43	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
4	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
3	2600:9000:208... 2600:9000:208f:9c00:0:7d26:ee00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3037::ac43:8758	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4004:c17::66	15169 (GOOGLE) (GOOGLE)
1 2	172.253.62.148 172.253.62.148	15169 (GOOGLE) (GOOGLE)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6813:d459	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4004:c06::5c	15169 (GOOGLE) (GOOGLE)
67	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:fa45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4004:c0b::9b	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9b	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c08::6a	15169 (GOOGLE) (GOOGLE)
2	3.229.145.172 3.229.145.172	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
3	44.241.50.239 44.241.50.239	16509 (AMAZON-02) (AMAZON-02)
12	2607:f8b0:400... 2607:f8b0:4004:c09::64	15169 (GOOGLE) (GOOGLE)
188	26

1 99.83.253.106 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ab309889489bfc98b.awsglobalaccelerator.com

nolib.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.108.118 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ab309889489bfc98b.awsglobalaccelerator.com

nolib.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:d359 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

secure.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:208f:9c00:0:7d26:ee00:93a1 (United States)

ASN16509 (AMAZON-02, US)

d35ligi1n5bgzc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8758 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.nucleusfiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c17::66 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.62.148 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bc-in-f148.1e100.net

9381094.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:d459 (United States)

ASN13335 (CLOUDFLARENET, US)

app.revv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c06::5c (Washington, United States)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:fa45 (United States)

ASN13335 (CLOUDFLARENET, US)

gtm.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c0b::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::6a (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.229.145.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-145-172.compute-1.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.241.50.239 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-50-239.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4004:c09::64 (Ashburn, United States)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
113	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5203 r.stripe.com — Cisco Umbrella Rank: 3546 m.stripe.com — Cisco Umbrella Rank: 1249	2 MB
23	google.com pay.google.com — Cisco Umbrella Rank: 2685 adservice.google.com — Cisco Umbrella Rank: 105 www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 157 play.google.com — Cisco Umbrella Rank: 28	422 KB
12	winred.com 1 redirects secure.winred.com — Cisco Umbrella Rank: 87741 gtm.winred.com — Cisco Umbrella Rank: 177643	209 KB
8	doubleclick.net 1 redirects 9381094.fls.doubleclick.net — Cisco Umbrella Rank: 711306 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	5 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	548 KB
4	gstatic.com www.gstatic.com	101 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 393	171 KB
3	cloudfront.net d35ligi1n5bgzc.cloudfront.net	248 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	90 KB
2	nolib.us 2 redirects nolib.us	407 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 747	728 B
1	t.co t.co — Cisco Umbrella Rank: 607	376 B
1	revv.co app.revv.co — Cisco Umbrella Rank: 360593	1 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
1	nucleusfiles.com cdn.nucleusfiles.com — Cisco Umbrella Rank: 89296	4 KB
188	19

	Domain	Requested by
52	r.stripe.com	js.stripe.com
41	js.stripe.com	secure.winred.com js.stripe.com
15	q.stripe.com	secure.winred.com
12	play.google.com	www.gstatic.com
10	secure.winred.com	1 redirects secure.winred.com static.cloudflareinsights.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com secure.winred.com
6	www.googletagmanager.com	secure.winred.com www.googletagmanager.com www.google-analytics.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	www.google.com	secure.winred.com
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	pay.google.com	js.stripe.com pay.google.com secure.winred.com www.gstatic.com
4	maps.googleapis.com	secure.winred.com maps.googleapis.com
3	m.stripe.com	m.stripe.network
3	d35ligi1n5bgzc.cloudfront.net	secure.winred.com
2	analytics.google.com	www.googletagmanager.com
2	merchant-ui-api.stripe.com	js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	gtm.winred.com	www.googletagmanager.com
2	connect.facebook.net	secure.winred.com connect.facebook.net
2	9381094.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	nolib.us	2 redirects
1	www.facebook.com	secure.winred.com
1	adservice.google.com	9381094.fls.doubleclick.net
1	analytics.twitter.com	secure.winred.com
1	t.co	secure.winred.com
1	app.revv.co	secure.winred.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.cloudflareinsights.com	secure.winred.com
1	cdn.nucleusfiles.com	secure.winred.com
188	30

This site contains links to these domains. Also see Links.

Domain
txtterms.co
winred.com
www.donaldjtrump.com
cdn.donaldjtrump.com
donaldjtrump.com

Subject Issuer	Validity	Valid
secure.winred.com Cloudflare Inc ECC CA-3	`2023-02-21` - `2024-02-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
nucleusfiles.com GTS CA 1P5	`2023-10-01` - `2023-12-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-17` - `2023-11-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2
Frame ID: 3C8A439D8740104D47354EC7D85B7A6C
Requests: 52 HTTP requests in this frame

Frame: https://9381094.fls.doubleclick.net/activityi;dc_pre=CIvRy-fZtIIDFQgGTwgdmFIJ7w;src=9381094;type=pagev0;cat=djt_p0;ord=6277468164482;auiddc=1055518884.1699456767;gtm=45He3b60v72350723;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2
Frame ID: 7600E14DEDF5F3CC0E6A45889A6D9D29
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 176EFEDE4DAFEDA1BB14E383C967FFE5
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
Frame ID: BEE61ED32167D51ECF74CE6BC5411B71
Requests: 26 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-67f422bd694d13ba21af08bf805297d1.html
Frame ID: E617D1C94E73423260FCE53B0DF27352
Requests: 14 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
Frame ID: 2A2D73B2DAC685C8A562D61B0B7DA5C7
Requests: 37 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html
Frame ID: 21DE52B02E6165FECFF01D477F1C844A
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html
Frame ID: 1EBF06D564619C7D1EA1BF40DC8633CF
Requests: 5 HTTP requests in this frame

Frame: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 3E3D9355E88B3A79B2DFB3FC2F84430F
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B5E61F9B94A059090E1C9A22B1E56FE2
Requests: 6 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIvRy-fZtIIDFQgGTwgdmFIJ7w;src=9381094;type=pagev0;cat=djt_p0;ord=6277468164482;auiddc=1055518884.1699456767;gtm=45He3b60v72350723;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2
Frame ID: D7F3C877A7D0E1BC3F61198F5ABEC793
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: C848B5F170719964B5DBAF70C6966B28
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-8df960dd675422839077b55eb84a41a1.html
Frame ID: DC61620809303A58DFDD2F2E621C6AC9
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-283014f74614bddf3e389df7a6edd695.html
Frame ID: 571C19AF4433BF79D15FF30DB3C288A9
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trump 2024

Page URL History Show full URLs

http://nolib.us/zKJV5b HTTP 302
https://nolib.us/zKJV5b HTTP 307
https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

188
Requests

99 %
HTTPS

64 %
IPv6

19
Domains

30
Subdomains

26
IPs

1
Countries

3700 kB
Transfer

12629 kB
Size

31
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://txtterms.co/88022-2/
Title: txtterms.co/88022

Search URL Search Domain Scan URL

URL: https://winred.com/terms/donor-terms/
Title: terms of use

Search URL Search Domain Scan URL

URL: https://winred.com/privacy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.donaldjtrump.com/join
Title: Interested in volunteering? Click here to sign up today.

Search URL Search Domain Scan URL

URL: https://cdn.donaldjtrump.com/djtweb24/general/TSA_JFC_Contributor_Form_230217.pdf
Title: Want to donate by mail? Click here to print out a donation form that you can send to our address.

Search URL Search Domain Scan URL

URL: http://donaldjtrump.com/
Title: donaldjtrump.com

Search URL Search Domain Scan URL

URL: https://winred.com/
Title: Powered by

Search URL Search Domain Scan URL

URL: https://winred.com/about-our-ads/
Title: About Our Ads

Search URL Search Domain Scan URL

URL: https://winred.com/support/
Title: Questions about your charge? Go to our Support Center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nolib.us/zKJV5b HTTP 302
https://nolib.us/zKJV5b HTTP 307
https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://9381094.fls.doubleclick.net/activityi;src=9381094;type=pagev0;cat=djt_p0;ord=6277468164482;auiddc=1055518884.1699456767;gtm=45He3b60v72350723;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2 HTTP 302
https://9381094.fls.doubleclick.net/activityi;dc_pre=CIvRy-fZtIIDFQgGTwgdmFIJ7w;src=9381094;type=pagev0;cat=djt_p0;ord=6277468164482;auiddc=1055518884.1699456767;gtm=45He3b60v72350723;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2

Request Chain 28

https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

188 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 614145smsdtvj Show response
secure.winred.com/save-america-joint-fundraising-committee/
Redirect Chain

http://nolib.us/zKJV5b
https://nolib.us/zKJV5b
https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2

55 KB
14 KB

217ms
131ms

Document
text/html

2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

661b2ba0edc8352ace2d68f6bf27990057b499ab4c087567fe0751aecc1af6ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 822ecb58eabddad1-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 15:19:26 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-rack-cors: miss; no-origin
x-request-id: fc466510-d6a6-4e62-8524-337860823a63
x-revv-cache: Hit from Revv
x-runtime: 0.033089
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-type: application/octet-stream
date: Wed, 08 Nov 2023 15:19:26 GMT
location: https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2
server: awselb/2.0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 417 KB
97 KB 170ms
61ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c855461011b7c36e62abc73438ddd630d92dd7774f9f7233c0c88f436f83da55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98905
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Nov 2023 15:19:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 299 KB
101 KB 245ms
138ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29dce952c3438587f8594c16c4ed01075488de2e5e43d06d9454e33495623912

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103089
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Nov 2023 15:19:27 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 552 KB
153 KB 87ms
27ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0524593c51d313589e0e8e8a8b069c1c7ecc5dc94a2c59dd2809b0e326d407f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:27 GMT
via: 1.1 varnish
age: 11
x-cache: HIT
content-length: 156099
x-request-id: 8c8c2f27-e872-472a-b07e-3799de761c64
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Tue, 07 Nov 2023 21:59:01 GMT
server: Fastly
etag: "7b44d268e0c6393b9663b52a3c1d850a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

GET
H2 200 landing_page-b5085350195c50801834c19cd56b1cabc8b9ea2b81e3a74f8486f6b3e2ae2898.css
secure.winred.com/assets/ 219 KB
34 KB 112ms
107ms Stylesheet
text/css 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/assets/landing_page-b5085350195c50801834c19cd56b1cabc8b9ea2b81e3a74f8486f6b3e2ae2898.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

961951e588ed2cbd0dadda321becf5c4d27451bb0896262f86e7d922da5794ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:27 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: xGQnUHNfypvyH4INlfuaRG2T7wDmS5iq
cf-cache-status: HIT
x-amz-request-id: 7FEXP5WTT34JWSSJ
age: 358
cf-polished: origSize=227667
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: bmFl5qpuVADlmH3aQYmbvKSWsGFA5CyJh6LL3omYorQFH/bT8d+prjmGGIMy0f/aNIRigQdGrhI=
cf-bgj: minify
last-modified: Tue, 26 Sep 2023 00:47:00 GMT
server: cloudflare
etag: W/"57df3b6cebff9962c43c29347b45123f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 822ecb59fc9bdad1-MIA
expires: Wed, 08 Nov 2023 19:19:27 GMT

GET
H2 200 1699366270.css
secure.winred.com/stylesheets/rv_page_01hen1wegtxa0x0ckfd7vw7evf/ 8 KB
2 KB 63ms
60ms Stylesheet
text/css 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/stylesheets/rv_page_01hen1wegtxa0x0ckfd7vw7evf/1699366270.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adb4c90964628bd4da814952c5a6816ebccd394eb988a75fa14e72a977aa04b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-rack-cors: miss; no-origin
date: Wed, 08 Nov 2023 15:19:27 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 77293
cf-polished: origSize=8276
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: cb14bb4a-a3e5-48db-b6cd-244e979ffb3b
x-runtime: 0.049182
cf-bgj: minify
last-modified: Tue, 07 Nov 2023 17:51:14 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=31556952
cf-ray: 822ecb59fca0dad1-MIA
expires: Thu, 07 Nov 2024 21:08:39 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 192 KB
65 KB 208ms
89ms Script
text/javascript 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

534bf7023831c5b1aa2d025b977e96a836d07a792834356776b10f5a9612096d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65918
x-xss-protection: 0

GET
H2 200 application-landing-page-f2a5b42b4b21999654b53e07363d1a56587867548d00f9dd45c2af6c283da313.js Show response
secure.winred.com/assets/ 486 KB
136 KB 82ms
79ms Script
application/javascript 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/assets/application-landing-page-f2a5b42b4b21999654b53e07363d1a56587867548d00f9dd45c2af6c283da313.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b0ee40c236b43959682dbfb183f1e573d475a20c1a8831055731403679aaa69

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:27 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 978OI8i6QFarFjUvfriEb5EFtcqK3zb9
cf-cache-status: HIT
x-amz-request-id: QTVK19K4GE15KF29
age: 4809
cf-polished: origSize=497438
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RkQ60lgjkM6NdCP+xhcsHiy4bBRH7G5ZoSDUnPp1C7sS6mWVF3PHreunRZUSAaUSCqj/YdkXsHw=
cf-bgj: minify
last-modified: Tue, 07 Nov 2023 01:47:09 GMT
server: cloudflare
etag: W/"00507202ba7b3ee5cf79681b9afffc43"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 822ecb59fca3dad1-MIA
expires: Wed, 08 Nov 2023 19:19:27 GMT

GET
H2 200 Trump_2024_-_Logo_-_2A_-_CMYK_-_Color.png
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/513/073/large/ 27 KB
27 KB 199ms
62ms Image
image/png 2600:9000:208f:9c00:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/513/073/large/Trump_2024_-_Logo_-_2A_-_CMYK_-_Color.png
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208f:9c00:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: adc1d3b068ea9cdb784afd7ae8a7fa17076f4b9fb5571a7f460b11d05c87f01d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 06:19:20 GMT
x-amz-version-id: m9Z670CxaE_DsyX109aJql4mKq9FTDpZ
via: 1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront)
last-modified: Mon, 07 Nov 2022 22:42:01 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
age: 32408
etag: "9c0c7dae26f1dff699e24c1456be9ab3"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 27511
x-amz-cf-id: n9Lwjv1pSHDXMdu2o0VSHBgI9ldiZUWAbUwLQBC1viJIMtYZB1Yxdw==

GET
H2 200 djt_sig.png
cdn.nucleusfiles.com/65/6589c163-dee5-46aa-8505-b6e3d2f2d8e2/ 3 KB
4 KB 107ms
35ms Image
image/png 2606:4700:3037::ac43:8758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.nucleusfiles.com/65/6589c163-dee5-46aa-8505-b6e3d2f2d8e2/djt_sig.png
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90492ff833ba2c9260fb83307882241e32afa818d4cc865a90b0442050dd92a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Z6BJ8Y017M6YQZTN
age: 5346
x-amz-meta-file_id: 26120
alt-svc: h3=":443"; ma=86400
content-length: 3280
x-amz-id-2: i1D2MFUFJIe3o8HYnExZIe5p+HLADhpaXaF/A/q+hiNu5c7ig1wQVYkPurtpd5/pp+glNwD54z4=
last-modified: Mon, 12 Jun 2023 20:10:36 GMT
server: cloudflare
etag: "fe7a79489ab482710d22931f6d2580c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZbCCV6jtab3xYeLgKZGrZpU1DNobWX4PbbHS3OGVLVoqyl6Co4nRlpee9j5BqP2exluE3yXug5OpDowQ%2Fe%2FILqKLp4SYfFQPmWL9W52cDNhOpo8NYlYDd%2BkZJQ660lGGU6oJkwxesJ7RcjT6c5MvUZwlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 822ecb5a6a793359-MIA

GET
H2 200 potus_headshot.png
d35ligi1n5bgzc.cloudfront.net/profiles/images/000/068/512/square/ 22 KB
22 KB 135ms
108ms Image
image/png 2600:9000:208f:9c00:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/profiles/images/000/068/512/square/potus_headshot.png
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208f:9c00:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ec0827f796bdadb833f52dd7ea841e12158d9f488554ecb73479cc2ea6f6d8e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 6HYtNhcBxi6F_uJ2AY87Rc_xOq3TeHoz
date: Wed, 08 Nov 2023 04:54:07 GMT
via: 1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C3
age: 37521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 22449
last-modified: Sat, 17 Jul 2021 20:11:51 GMT
server: AmazonS3
etag: "e595f679c10699fedef3c779e864cdd9"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: AjRPXnfgyRIwKWYT5I-zCIrLEk1n1TMWFpQrdLMXz8kWCJrCZm7xMQ==

GET
H3 200 win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
secure.winred.com/assets/ 9 KB
9 KB 79ms
76ms Image
image/webp 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:27 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 47K85Ni5AivyjoBqykXA2i1uf5_iW3C.
cf-cache-status: HIT
x-amz-request-id: ACBNKC3JSJQCS3RM
age: 541
cf-polished: origFmt=png, origSize=11635
content-disposition: inline; filename="win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8708
x-amz-id-2: FNIOVlYEG+f2qYX3+FH98XB6Uw9wZryewNfh/BxBXE5N1MzXK8k2fJLsx2nV8dJqvDI60Zig6kI=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 01:47:12 GMT
server: cloudflare
etag: "972c0cca8d1e490484e89513f902e847"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 822ecb5b79b467b7-MIA
expires: Wed, 08 Nov 2023 19:19:27 GMT

GET
H3 200 win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
secure.winred.com/assets/ 19 KB
8 KB 57ms
54ms Image
image/svg+xml 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:27 GMT
x-amz-version-id: yQRGZgalAwutcyvR8cZRohcw5vZDtH9y
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: RPXVJDH33F3RYGGF
age: 5141
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=ly.UluWWEL9lHbXghMjOZCYIjVJEJP1tQ.NJn5SU.Vs-1699456767-0-AVAPUGyYZClt_DkQItZnZy4XP6aJ1sXYQDR7o6I0VivF77YyHKpuUYFGuCqRfSBiZOO_yTxhYVi35302-zCDJ76aXRL7s-h35VLMFsTc2YYZuK464vpVdLzv_K7b03UWJbreiCqV3gfvaxvjpzwAThLqxBRQ0MbVG7QlmJseDmor; report-to cf-csp-endpoint
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vY25K3Khb4RAWChqczcdWKO1+l1Kd/CArNGXvM8WVrFn1Fsi4eCaDJnr9COcZvEdTmSBA2OVT4g=
last-modified: Fri, 27 Oct 2023 00:50:28 GMT
server: cloudflare
etag: W/"d31530d4186af669daf4f47099614593"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=ly.UluWWEL9lHbXghMjOZCYIjVJEJP1tQ.NJn5SU.Vs-1699456767-0-AVAPUGyYZClt_DkQItZnZy4XP6aJ1sXYQDR7o6I0VivF77YyHKpuUYFGuCqRfSBiZOO_yTxhYVi35302-zCDJ76aXRL7s-h35VLMFsTc2YYZuK464vpVdLzv_K7b03UWJbreiCqV3gfvaxvjpzwAThLqxBRQ0MbVG7QlmJseDmor"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 822ecb5b79b967b7-MIA
expires: Wed, 08 Nov 2023 19:19:27 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 163ms
80ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://secure.winred.com/
Origin: https://secure.winred.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:27 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 822ecb5bfed22248-MIA

GET
H2 200 20210604_save-america_winred-backgrounds_winred-desktop_v2.jpg
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/092/966/large/ 197 KB
198 KB 68ms
67ms Image
image/jpeg 2600:9000:208f:9c00:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/092/966/large/20210604_save-america_winred-backgrounds_winred-desktop_v2.jpg
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/stylesheets/rv_page_01hen1wegtxa0x0ckfd7vw7evf/1699366270.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208f:9c00:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81a6832550bd52d1c44e1e63c2d9137a441dd53d31302c3070000403d032b012

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: NXb6H3gY_kurDwSBNPY4Z260kpd_Eays
date: Tue, 07 Nov 2023 18:32:06 GMT
via: 1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C3
age: 74842
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 202127
last-modified: Sun, 18 Jul 2021 21:49:32 GMT
server: AmazonS3
etag: "4652598428898ad578aa5424f8463865"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: Snwa1B2XGDwt0nsWjivqSje7n3CXiWUzJBGw8x4K0x46Hqiz5YqYwA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 65ms
64ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5cb945c8d8f7818ba0e1e662300ba00fcbd3a407f0726a8b4177ddfbba8c035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89283
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 15:19:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 233ms
103ms Script
text/javascript 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 14:26:14 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3193
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 08 Nov 2023 16:26:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
100 KB 62ms
61ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0YWKLMCX4D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d0cdd79a2e3a7d273784870098d00c8ba8b9e6940e86a940c2d1a136e02ac9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102004
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 15:19:27 GMT

GET
H2

200

activityi;dc_pre=CIvRy-fZtIIDFQgGTwgdmFIJ7w;src=9381094;type=pagev0;cat=djt_p0;ord=6277468164482;auiddc=1055518884.1699456767;gtm=45He3b60v72350723;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=... Show response
9381094.fls.doubleclick.net/ Frame 7600
Redirect Chain

https://9381094.fls.doubleclick.net/activityi;src=9381094;type=pagev0;cat=djt_p0;ord=6277468164482;auiddc=1055518884.1699456767;gtm=45He3b60v72350723;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;ua...
https://9381094.fls.doubleclick.net/activityi;dc_pre=CIvRy-fZtIIDFQgGTwgdmFIJ7w;src=9381094;type=pagev0;cat=djt_p0;ord=6277468164482;auiddc=1055518884.1699456767;gtm=45He3b60v72350723;gcd=11l1l1l1l...

754 B
602 B

69ms
68ms

Document
text/html

172.253.62.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9381094.fls.doubleclick.net/activityi;dc_pre=CIvRy-fZtIIDFQgGTwgdmFIJ7w;src=9381094;type=pagev0;cat=djt_p0;ord=6277468164482;auiddc=1055518884.1699456767;gtm=45He3b60v72350723;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f148.1e100.net

Software

cafe /

Resource Hash

ffaa007e9a94fb70753b0bf00cbe94cea9d455b179d50822f51de6cb063785b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 426
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 15:19:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 15:19:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9381094.fls.doubleclick.net/activityi;dc_pre=CIvRy-fZtIIDFQgGTwgdmFIJ7w;src=9381094;type=pagev0;cat=djt_p0;ord=6277468164482;auiddc=1055518884.1699456767;gtm=45He3b60v72350723;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 95ms
54ms Script
text/javascript 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 14:26:14 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3193
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 08 Nov 2023 16:26:14 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 171ms
54ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:27 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:08:41 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kiad7000097-IAD

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 166ms
53ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Nov 2023 15:19:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: QTjBUBeHADIYZTADwEI4LAy+2/pOfzpIqYtJWB8fbmc8cRWlYAdrTtelSR2URQzZ/uaAmRn31RaO7PTASoPzaQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 176E 200 B
817 B 27ms
26ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1924163
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 15:19:27 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 188407
x-content-type-options: nosniff
x-request-id: 20a4e014-52ca-4767-a35d-7a695d162b2e
x-served-by: cache-mia-kmia1760036-MIA

GET
H2 200 controller-d9678bdd3bd53f13b263f8cb303c8ff6.html Show response
js.stripe.com/v3/ Frame BEE6 325 B
692 B 28ms
27ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

66739acaaa4a97f905fa0dbc1f9c79ae864e74f800856ae12b3988debfa986fd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 15:19:27 GMT
etag: "d9678bdd3bd53f13b263f8cb303c8ff6"
last-modified: Tue, 07 Nov 2023 21:22:28 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 5
x-content-type-options: nosniff
x-request-id: 913f447a-7278-45b7-9cc1-b1c65686e70a
x-served-by: cache-mia-kmia1760036-MIA

GET
H2 200 elements-inner-card-67f422bd694d13ba21af08bf805297d1.html Show response
js.stripe.com/v3/ Frame E617 798 B
1 KB 26ms
25ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-67f422bd694d13ba21af08bf805297d1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5b22fc79d7e057e3d13e0d50f57b1ad9afcb8adbc6b954e7816ede5180ffc063

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 64443
cache-control: max-age=31536000
content-encoding: br
content-length: 361
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 15:19:27 GMT
etag: "67f422bd694d13ba21af08bf805297d1"
last-modified: Tue, 07 Nov 2023 21:22:28 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2970
x-content-type-options: nosniff
x-request-id: 6171de42-d8bb-4405-97b2-e29c2c924675
x-served-by: cache-mia-kmia1760036-MIA

GET
H2 200 current_with_info Show response
app.revv.co/api/v3/users/ 162 B
1 KB 167ms
99ms XHR
application/vnd.api+json 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_6KNvU36Z2qWJ2gfUBWqGZGoc&redirect=https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-f2a5b42b4b21999654b53e07363d1a56587867548d00f9dd45c2af6c283da313.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3af654f1b8c2fbae4f99b1478cda481daad1bddeb864b264c2e4a049db1111ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.winred.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-rack-cors-original-access-control-allow-origin: https://secure.winred.com
x-rack-cors: hit
date: Wed, 08 Nov 2023 15:19:27 GMT
x-rack-cors-original-access-control-max-age: 0
x-rack-cors-original-access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
content-encoding: br
x-rack-cors-original-access-control-allow-methods: GET, POST, OPTIONS
x-rack-cors-original-access-control-expose-headers
alt-svc: h3=":443"; ma=86400
x-request-id: 2c9b0916-bfa3-4a5f-9a64-e2af79dda5ca
x-runtime: 0.009976
server: cloudflare
etag: W/"3af654f1b8c2fbae4f99b1478cda481d"
access-control-max-age: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/vnd.api+json
access-control-allow-origin: https://secure.winred.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
vary: Origin
cf-ray: 822ecb5e4bf15736-MIA

GET
H2 200 controller-d9678bdd3bd53f13b263f8cb303c8ff6.html Show response
js.stripe.com/v3/ Frame 2A2D 325 B
274 B 27ms
26ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

66739acaaa4a97f905fa0dbc1f9c79ae864e74f800856ae12b3988debfa986fd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 15:19:27 GMT
etag: "d9678bdd3bd53f13b263f8cb303c8ff6"
last-modified: Tue, 07 Nov 2023 21:22:28 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 6
x-content-type-options: nosniff
x-request-id: 09279817-8ce0-495e-970b-3d17fb3dc7ed
x-served-by: cache-mia-kmia1760036-MIA

GET
H2 200 payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html Show response
js.stripe.com/v3/ Frame 21DE 408 B
944 B 28ms
27ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

254a4f72d93d5ee58581a41bf216a4fa457e8d4f7ba157c259f5b0065c8919c5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 64445
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 15:19:27 GMT
etag: "5193e04cdbb8b74183f82b5fa37af57f"
last-modified: Tue, 07 Nov 2023 21:22:42 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 647
x-content-type-options: nosniff
x-request-id: 3d31a64e-c562-4124-b4e2-bbb7fbd9963e
x-served-by: cache-mia-kmia1760036-MIA

GET
H2 200 payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html Show response
js.stripe.com/v3/ Frame 1EBF 344 B
977 B 27ms
27ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

af3d716fd80fdee9a734dc9a3b2593245a08929fe7b5f42884eaacc651fe6f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 37
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 15:19:27 GMT
etag: "776ea7e8cfad736af619f73414cf2123"
last-modified: Tue, 07 Nov 2023 21:22:42 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 4
x-content-type-options: nosniff
x-request-id: b07db94a-6698-4955-8f4f-d095b2b8f58e
x-served-by: cache-mia-kmia1760036-MIA

GET
H3

200

main.js Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 3E3D
Redirect Chain

https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
3 KB

65ms
65ms

Script
application/javascript

2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Protocol

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89aeac4fa10f5a807ea7df84e152de0981e7693bfdbb3725da3b925461c71795

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:27 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 822ecb5f28d867b7-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 08 Nov 2023 15:19:27 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
cf-ray: 822ecb5e2ebf67b7-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 176E 631 B
547 B 30ms
25ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:27 GMT
via: 1.1 varnish
age: 5248496
x-cache: HIT
content-length: 399
x-request-id: 09c46528-8495-4889-8d5f-89faaa689dc0
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 175879

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BEE6 532 KB
129 KB 28ms
24ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:27 GMT
via: 1.1 varnish
age: 64474
x-cache: HIT
content-length: 131812
x-request-id: efc3228b-e525-4158-8ed0-736016152675
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11

GET
H2 200 controller-22767579e868646fe8fee170ca5969e2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BEE6 652 KB
170 KB 36ms
33ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-22767579e868646fe8fee170ca5969e2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e973184fdfd8d34a092c8372b01b5a26eba02a08a1027bdc4faac414c93d59bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:27 GMT
via: 1.1 varnish
age: 64474
x-cache: HIT
content-length: 173826
x-request-id: 20159a9b-9729-42da-abef-38887ae0c347
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Tue, 07 Nov 2023 21:22:39 GMT
server: Fastly
etag: "f776c00e01bc6a7932584c5dc3addff7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E617 532 KB
129 KB 64ms
61ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-67f422bd694d13ba21af08bf805297d1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-67f422bd694d13ba21af08bf805297d1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:27 GMT
via: 1.1 varnish
age: 64474
x-cache: HIT
content-length: 131812
x-request-id: 78382016-3b83-4685-90db-931467cea569
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12

GET
H2 200 ui-shared-6713d86eead6f9311ad41c26cbf10d98.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E617 380 KB
110 KB 63ms
60ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-6713d86eead6f9311ad41c26cbf10d98.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-67f422bd694d13ba21af08bf805297d1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

11d89d6b9bfb5fae5d517ffcd0b9a2913506f8cceace4ae6b6643c2d53234fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-67f422bd694d13ba21af08bf805297d1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:27 GMT
via: 1.1 varnish
age: 64446
x-cache: HIT
content-length: 111930
x-request-id: bed4ce44-a987-4905-ba29-0ec0bff0fe3e
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Tue, 07 Nov 2023 21:22:42 GMT
server: Fastly
etag: "cc66a0d38b8eb632ce59e0415117d146"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2570

GET
H2 200 elements-inner-card-a1a65c7d31f301b5200b8dbd0fafde5f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E617 49 KB
14 KB 55ms
54ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-a1a65c7d31f301b5200b8dbd0fafde5f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-67f422bd694d13ba21af08bf805297d1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

32772602c44291855865e61110869a53305c3351f390dbe3f209ea8bfd17df64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-67f422bd694d13ba21af08bf805297d1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:27 GMT
via: 1.1 varnish
age: 511422
x-cache: HIT
content-length: 13558
x-request-id: 4b3b41d6-f028-4ed3-ad34-d062b93833f7
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Thu, 02 Nov 2023 17:12:20 GMT
server: Fastly
etag: "d7b56a996582324ee5b4483b04dedad1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11526

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame E617 20 KB
3 KB 62ms
59ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-67f422bd694d13ba21af08bf805297d1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-67f422bd694d13ba21af08bf805297d1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:27 GMT
via: 1.1 varnish
age: 1317904
x-cache: HIT
content-length: 3304
x-request-id: a09b3600-fbf6-4b6b-bcdc-bfcdc9ad3a70
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Mon, 24 Jul 2023 20:23:04 GMT
server: Fastly
etag: "b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16252

GET
H2 200 elements-inner-card-de3d82752e334539cc74c26294525473.css
js.stripe.com/v3/fingerprinted/css/ Frame E617 12 KB
2 KB 64ms
61ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-de3d82752e334539cc74c26294525473.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-67f422bd694d13ba21af08bf805297d1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e62edfdb0575acbdce5c582447530e931df30ba86e9036e93c58cc7944ed56c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-67f422bd694d13ba21af08bf805297d1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:27 GMT
via: 1.1 varnish
age: 2401992
x-cache: HIT
content-length: 1811
x-request-id: 4be6856e-d3e8-4ee3-b1a1-376b22c7abb9
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Wed, 11 Oct 2023 20:04:16 GMT
server: Fastly
etag: "c3f0079066a9db411821d0838d892a89"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13142

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2A2D 532 KB
129 KB 65ms
63ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:27 GMT
via: 1.1 varnish
age: 64474
x-cache: HIT
content-length: 131812
x-request-id: 04caf2e0-639e-4d92-9d57-bb48fccf9ddd
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13

GET
H2 200 controller-22767579e868646fe8fee170ca5969e2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2A2D 652 KB
170 KB 65ms
63ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-22767579e868646fe8fee170ca5969e2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e973184fdfd8d34a092c8372b01b5a26eba02a08a1027bdc4faac414c93d59bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:27 GMT
via: 1.1 varnish
age: 64474
x-cache: HIT
content-length: 173826
x-request-id: d315ed70-620f-4b9d-b330-b24008618152
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Tue, 07 Nov 2023 21:22:39 GMT
server: Fastly
etag: "f776c00e01bc6a7932584c5dc3addff7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 21DE 118 KB
37 KB 206ms
80ms Script
application/javascript 2607:f8b0:4004:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb15bec8368280fa4baf24ad5a7f1268a665d0fd2b06db59608bff7c5fabaf34

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JFY4Xml34JPCbY3tZSDtyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-JFY4Xml34JPCbY3tZSDtyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 08 Nov 2023 15:19:27 GMT

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 21DE 532 KB
129 KB 68ms
68ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:27 GMT
via: 1.1 varnish
age: 64474
x-cache: HIT
content-length: 131812
x-request-id: cf4c4131-850e-4e01-8e3b-c4aceb93c3b5
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14

GET
H2 200 payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 21DE 10 KB
4 KB 31ms
31ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:28 GMT
via: 1.1 varnish
age: 1288601
x-cache: HIT
content-length: 4272
x-request-id: 73f20abc-4525-48fd-9d2a-f5914c177591
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Tue, 24 Oct 2023 17:19:12 GMT
server: Fastly
etag: "947a5566a308873ad0fd8dbfdd9c81cf"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1479

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1EBF 532 KB
129 KB 66ms
64ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:27 GMT
via: 1.1 varnish
age: 64474
x-cache: HIT
content-length: 131812
x-request-id: 6af04248-3214-49a6-a8d4-831eeb970330
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1EBF 12 KB
5 KB 66ms
64ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:27 GMT
via: 1.1 varnish
age: 3053033
x-cache: HIT
content-length: 4877
x-request-id: 65a3f847-bada-44a4-af1d-b5eb4f330eba
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Tue, 03 Oct 2023 20:18:04 GMT
server: Fastly
etag: "330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7862

POST
H2 200 csp-report
q.stripe.com/ Frame 176E 0
717 B 542ms
220ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456768206380
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699456768205940
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 176E 0
717 B 541ms
219ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456768202826
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699456768201458
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame BEE6 0
717 B 534ms
213ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456768205384
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699456768204934
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E617 0
717 B 540ms
219ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456768205589
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699456768205051
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E617 0
717 B 551ms
229ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456768206457
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699456768205999
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2A2D 0
717 B 528ms
208ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456768205353
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699456768204904
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 21DE 0
717 B 526ms
205ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456768201966
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699456768201400
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 21DE 0
718 B 524ms
204ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456768202034
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699456768201514
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1EBF 0
717 B 547ms
229ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456768206618
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699456768205920
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1EBF 0
717 B 542ms
224ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456768206670
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699456768206191
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 180ms
73ms XHR
application/json 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://secure.winred.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 collect Show response
gtm.winred.com/g/ 458 B
919 B 432ms
208ms XHR
text/plain 2606:4700::6810:fa45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je3b60v867905447z872410129&_p=1699456767008&gcd=11l1l1l1l1&dma=0&cid=1774232936.1699456768&ul=en-us&sr=1600x1200&_fplc=0&ur=US-FL&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=US&sst.gse=1&sst.gcd=11l1l1l1l1&sst.tft=1699456767008&_s=1&sid=1699456767&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2&dt=Trump%202024&en=page_view&_fv=1&_nsi=1&_ss=1&ep.pagepath=%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj&epn.load_time_sec=-1699456766&epn.event_fire_time=1699456767404&ep.event_uuid=a5005d5e-6b12-4bd4-90ab-61f86a78ef94&ep.isVideoPage=f&ep.referrer=&tfd=1800&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fa45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81df1793bd847bd56b0f7925fd2d7ce62296cbf5707c7ca2017dad20068ff473

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 822ecb6068a68dbe-MIA
alt-svc: h3=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 61ms
59ms XHR
text/plain 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=254737789&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2&ul=en-us&de=UTF-8&dt=Trump%202024&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAEK~&jid=1305730835&gjid=1581817854&cid=1774232936.1699456768&tid=UA-73658561-7&_gid=1487763822.1699456768&_slc=1&gtm=45He3b60n71NTQZ9Nv72410129&cd61=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2&gcd=11l1l1l1l1&dma=0&z=430735952

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:19:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
348 B 215ms
59ms XHR
text/plain 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-73658561-7&cid=1774232936.1699456768&jid=1305730835&gjid=1581817854&_gid=1487763822.1699456768&_u=YCDAiEABBAAAAGAEK~&z=1406155648

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Nov 2023 15:19:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
84 B 59ms
59ms XHR
text/plain 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=254737789&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2&ul=en-us&de=UTF-8&dt=Trump%202024&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAAGAEK~&jid=1973057143&gjid=1643182099&cid=1774232936.1699456768&tid=UA-60901920-1&_gid=1487763822.1699456768&_r=1&_slc=1&gtm=45He3b60n71M27JCGv72350723&gcd=11l1l1l1l1&dma=0&z=1912145040

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

641defe78e044cbd72e13110f131016fc26c1e8b00ef29ad142e177a0e54bfe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:19:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 54ms
54ms Image
image/gif 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=254737789&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2&ul=en-us&de=UTF-8&dt=Trump%202024&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=donation%20landing%20page&ea=user%20session%20start&el=landing%20page%20settings&_u=YCDAiEABBAAAAGAEK~&jid=&gjid=&cid=1774232936.1699456768&tid=UA-73658561-7&_gid=1487763822.1699456768&gtm=45He3b60n71NTQZ9Nv72410129&cd41=anonymous&cd58=f&cd61=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2&gcd=11l1l1l1l1&dma=0&z=2042112098

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 17:09:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79823
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 59ms
59ms Ping
text/plain 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0YWKLMCX4D&gtm=45je3b60v9102512289z872350723&_p=1699456767008&gcd=11l1l1l1l1&dma=0&cid=1774232936.1699456768&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699456767&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2&dt=Trump%202024&en=page_view&_fv=1&_ss=1&ep.cookieDomain=auto&tfd=1991
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0YWKLMCX4D&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:19:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11091438865/ 2 KB
2 KB 171ms
65ms Script
text/javascript 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11091438865/?random=1699456768011&cv=11&fst=1699456768011&bg=ffffff&guid=ON&async=1&gtm=45je3b60v9102512289z872350723&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2&hn=www.googleadservices.com&frm=0&tiba=Trump%202024&auid=1055518884.1699456767&uamb=0&uaw=0&data=event%3Dgtag.config%3BcookieDomain%3Dauto&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0YWKLMCX4D&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba6c13a562b511aa405cbdc0279694c0d46cef804b1ee054c089527c62f4161d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1395
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 223ms
130ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b35ffa2c-4022-4612-b8c8-30dd5fc06ded&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=c5306617-cd27-4801-8afd-86c368a3f7ca&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2&tw_iframe_status=0&txn_id=of93e&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-response-time: 86
date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 9800fdafbccb9fa5
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: d2e1a0815d5d6ce1d9c3affe53d282cb18a46ce9711e1ac36e4f690a6bc19e27
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
728 B 223ms
133ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b35ffa2c-4022-4612-b8c8-30dd5fc06ded&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=c5306617-cd27-4801-8afd-86c368a3f7ca&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2&tw_iframe_status=0&txn_id=of93e&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-response-time: 88
date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 527f9d0eca5435cf
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: fd63870544c9b5ca8bbd8eff8b769385b5d8d5a7c0645ef9d7ff7962fd64201e
content-length: 43

GET
H2 200 inner.html Show response
m.stripe.network/ Frame B5E6 930 B
1 KB 30ms
26ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 15:19:28 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 5
x-content-type-options: nosniff
x-request-id: 5ec87eff-08ec-45ea-9065-1513592d4d26
x-served-by: cache-mia-kmia1760036-MIA
x-timer: S1699456768.063177,VS0,VE0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame BEE6 474 B
612 B 86ms
33ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9b618e1ecd2ecedd856240cc7a0aa6bff7b528e05f2788ba0114195ccb7efe74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 46
x-cache: HIT
content-length: 297
x-request-id: a9144c86-3ad4-44c4-b1a7-f28504db0b15
x-served-by: cache-mia-kmia1760066-MIA
last-modified: Tue, 07 Nov 2023 22:01:06 GMT
server: Fastly
etag: "a3831a1659489d23fe40b04c7ca1798d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 37

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame BEE6 474 B
369 B 76ms
36ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9b618e1ecd2ecedd856240cc7a0aa6bff7b528e05f2788ba0114195ccb7efe74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 46
x-cache: HIT
content-length: 297
x-request-id: 9db4dd37-ac85-470a-ad9f-bd62d35dd6b0
x-served-by: cache-mia-kmia1760066-MIA
last-modified: Tue, 07 Nov 2023 22:01:06 GMT
server: Fastly
etag: "a3831a1659489d23fe40b04c7ca1798d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 39

GET
H2 200 dc_pre=CIvRy-fZtIIDFQgGTwgdmFIJ7w;src=9381094;type=pagev0;cat=djt_p0;ord=6277468164482;auiddc=1055518884.1699456767;gtm=45He3b60v72350723;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv... Show response
adservice.google.com/ddm/fls/i/ Frame D7F3 194 B
440 B 195ms
88ms Document
text/html 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIvRy-fZtIIDFQgGTwgdmFIJ7w;src=9381094;type=pagev0;cat=djt_p0;ord=6277468164482;auiddc=1055518884.1699456767;gtm=45He3b60v72350723;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2

Requested by

Host: 9381094.fls.doubleclick.net
URL: https://9381094.fls.doubleclick.net/activityi;dc_pre=CIvRy-fZtIIDFQgGTwgdmFIJ7w;src=9381094;type=pagev0;cat=djt_p0;ord=6277468164482;auiddc=1055518884.1699456767;gtm=45He3b60v72350723;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9381094.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 15:19:28 GMT
expires: Wed, 08 Nov 2023 15:19:28 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1599889267195467 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 58ms
57ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1599889267195467?v=2.9.138&r=stable&domain=secure.winred.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e865ba6846b03cf0f020a2c08ed1521dea06cf3d6925b785a1a64aa2937a2b07

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Nov 2023 15:19:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36839
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ohHvIFSuXI6jtTiDVZPRIPI2g0lwXLNP3R+s5bkRvM00yrDyq62Z4HenJFstQfq6LfGPgvWhyTcbXXBAjqN2UQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 2A2D 474 B
372 B 37ms
35ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9b618e1ecd2ecedd856240cc7a0aa6bff7b528e05f2788ba0114195ccb7efe74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 46
x-cache: HIT
content-length: 297
x-request-id: 3edda498-923b-4d8a-b4fb-b9a22ed7276f
x-served-by: cache-mia-kmia1760066-MIA
last-modified: Tue, 07 Nov 2023 22:01:06 GMT
server: Fastly
etag: "a3831a1659489d23fe40b04c7ca1798d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 39

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 2A2D 474 B
371 B 34ms
33ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9b618e1ecd2ecedd856240cc7a0aa6bff7b528e05f2788ba0114195ccb7efe74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 46
x-cache: HIT
content-length: 297
x-request-id: 4e442fdf-0841-4dc5-b7cc-31a39bae8ffc
x-served-by: cache-mia-kmia1760066-MIA
last-modified: Tue, 07 Nov 2023 22:01:06 GMT
server: Fastly
etag: "a3831a1659489d23fe40b04c7ca1798d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 40

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 205ms
66ms Image
image/gif 2607:f8b0:4004:c08::6a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-73658561-7&cid=1774232936.1699456768&jid=1305730835&_u=YCDAiEABBAAAAGAEK~&z=497084704

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::6a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:19:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E617 474 B
372 B 27ms
27ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9b618e1ecd2ecedd856240cc7a0aa6bff7b528e05f2788ba0114195ccb7efe74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-67f422bd694d13ba21af08bf805297d1.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 46
x-cache: HIT
content-length: 297
x-request-id: b835d74d-e2b6-418c-8093-324d46a813c9
x-served-by: cache-mia-kmia1760066-MIA
last-modified: Tue, 07 Nov 2023 22:01:06 GMT
server: Fastly
etag: "a3831a1659489d23fe40b04c7ca1798d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 41

GET
H2 200 countryRanges-1e8b3d390a07073baae3a9d50ccffdd5.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame E617 143 KB
39 KB 27ms
26ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/countryRanges-1e8b3d390a07073baae3a9d50ccffdd5.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b1edba09a92cc8a52b69c18ec834510950b98f387cbe6014a53f92c5579a3725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-67f422bd694d13ba21af08bf805297d1.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:28 GMT
via: 1.1 varnish
age: 1916996
x-cache: HIT
content-length: 39648
x-request-id: 7124bc35-0764-48ed-ad0f-3a727dd2f876
x-served-by: cache-mia-kmia1760066-MIA
last-modified: Tue, 25 Jul 2023 01:20:12 GMT
server: Fastly
etag: "1e8b3d390a07073baae3a9d50ccffdd5"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6745

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
68 B 66ms
65ms XHR
text/plain 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-60901920-1&cid=1774232936.1699456768&jid=1973057143&gjid=1643182099&_gid=1487763822.1699456768&_u=YCDACEABBAAAAGAEK~&z=1208662456

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Nov 2023 15:19:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
84 KB 72ms
67ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HNR33QTX08&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebf1723d2e3a40af52e3d9c6695757ddd3c05b627ee776876355893d0ef9e67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85969
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 15:19:28 GMT

POST
H3 200 822ecb58eabddad1 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3E3D 0
300 B 68ms
65ms XHR
text/plain 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/jsd/r/822ecb58eabddad1

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 822ecb626ed467b7-MIA
alt-svc: h3=":443"; ma=86400

POST
H2 200 csp-report
q.stripe.com/ Frame B5E6 0
491 B 108ms
107ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456768467149
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1699456768466307
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame B5E6 87 KB
15 KB 27ms
27ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 08 Nov 2023 15:19:28 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 253
x-cache: HIT
content-length: 15509
x-request-id: cfdfa920-6f6b-4afe-b8ba-7175d50e8985
x-served-by: cache-mia-kmia1760036-MIA
server: Fastly
x-timer: S1699456768.425554,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 242

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 2A2D 2 KB
3 KB 379ms
214ms Fetch
application/json 3.229.145.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.229.145.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-145-172.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ab2dfd3c4fbc7c1f2f3e952e50ed0ba7f53cb247d37dd16c9af7289c3c60dd43

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 1954
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

POST
H2 204 collect
analytics.google.com/g/s/ 0
255 B 186ms
105ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/s/collect?gtm=45j91e3b70h2v867905447z872410129z9867900975&_gsid=X6H0114PDFMzUwBepEfAJ2tFEd-xX4Eg
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:19:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 60ms
60ms Ping
text/plain 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X6H0114PDF&cid=qM1Hg8BKU2yIShrCm9TXht8mN4R%2BvtlfwQKrj7zCemw%3D.1699456768&gtm=45j91e3b70h2v867905447z872410129z9867900975&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:19:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 72ms
71ms Image
image/gif 2607:f8b0:4004:c08::6a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-60901920-1&cid=1774232936.1699456768&jid=1973057143&_u=YCDACEABBAAAAGAEK~&z=1158479321

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::6a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:19:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect Show response
gtm.winred.com/g/ 65 B
273 B 168ms
168ms XHR
text/plain 2606:4700::6810:fa45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je3b60v867905447z872410129&_p=1699456767008&gcd=11l1l1l1l1&dma=0&cid=1774232936.1699456768&ul=en-us&sr=1600x1200&_fplc=0&ur=US-FL&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=US&sst.gse=1&sst.gcd=11l1l1l1l1&sst.tft=1699456767008&_s=2&sid=1699456767&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2&dt=Trump%202024&en=user%20session%20start&ep.pagepath=%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj&epn.load_time_sec=-1699456766&epn.event_fire_time=1699456767630&ep.event_uuid=b5b7ba21-1c1f-417a-8624-10d7d096a2a0&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&_et=23&tfd=2502&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fa45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 822ecb635f0c8dbe-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame C848 19 KB
8 KB 89ms
88ms Document
text/html 2607:f8b0:4004:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea041a49c4984fa513cf61061fe759c3f5d88c640d269def71404761ad2fb1a7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce--L5sSGUD-sN5ihNphfXo6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce--L5sSGUD-sN5ihNphfXo6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 08 Nov 2023 15:19:28 GMT
expires: Wed, 08 Nov 2023 15:19:28 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 231ms
212ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768716516
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768716282
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
275 B 134ms
115ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768614137
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 10
x-stripe-client-envoy-start-time-us: 1699456768613689
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 248ms
229ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768717421
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1699456768716824
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 235ms
217ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768717205
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768716507
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 241ms
224ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768716830
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1699456768716594
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 247ms
230ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768716838
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 9
x-stripe-client-envoy-start-time-us: 1699456768716719
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 240ms
223ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768717230
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699456768716619
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 239ms
222ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768717015
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699456768716608
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 232ms
216ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768717175
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768716520
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 226ms
211ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768716619
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768716473
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 226ms
212ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768716685
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699456768716066
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 231ms
216ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768716868
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768716186
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 224ms
209ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768716582
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699456768716329
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 227ms
213ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768716405
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768716155
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 223ms
210ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768716766
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699456768716215
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 123ms
110ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768614466
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768613756
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 121ms
109ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768614341
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768613784
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 226ms
214ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768716441
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768715910
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 241ms
229ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768716175
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 8
x-stripe-client-envoy-start-time-us: 1699456768715955
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 232ms
221ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768716411
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699456768716005
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 229ms
218ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768717250
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768716294
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 232ms
221ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768717081
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768716306
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 228ms
218ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768717325
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768716335
access-control-allow-credentials: true
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/11091438865/ 42 B
154 B 78ms
77ms Image
image/gif 2607:f8b0:4004:c08::6a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11091438865/?random=1699456768011&cv=11&fst=1699455600000&bg=ffffff&guid=ON&async=1&gtm=45je3b60v9102512289z872350723&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2&frm=0&tiba=Trump%202024&data=event%3Dgtag.config%3BcookieDomain%3Dauto&fmt=3&is_vtc=1&cid=CAQSKQDICaaNDUgsPgbUswrBoAuZKu5sR7QkLN5XpbcFy4J4l1W8HJ9driz5&random=1774083138&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::6a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:19:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 231ms
225ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768717053
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699456768716414
access-control-allow-credentials: true
content-length: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame BEE6 2 KB
3 KB 249ms
197ms Fetch
application/json 3.229.145.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.229.145.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-145-172.compute-1.amazonaws.com

Software

nginx /

Resource Hash

cf156d4cc528406c515b1747f1edc1bbe9320382807abaa4ea0fe312a2f35e54

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 1954
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 234ms
228ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768717415
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 6
x-stripe-client-envoy-start-time-us: 1699456768716751
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 223ms
220ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768716961
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699456768716813
access-control-allow-credentials: true
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 173ms
53ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1599889267195467&ev=PageView&dl=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2&rl=&if=false&ts=1699456768576&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699456768573.742199230&cs_est=true&ler=empty&it=1699456768117&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 08 Nov 2023 15:19:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 198ms
190ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768717647
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699456768716854
access-control-allow-credentials: true
content-length: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E617 474 B
372 B 27ms
27ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9b618e1ecd2ecedd856240cc7a0aa6bff7b528e05f2788ba0114195ccb7efe74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-67f422bd694d13ba21af08bf805297d1.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 46
x-cache: HIT
content-length: 297
x-request-id: 707b8c4a-8fda-4f0f-8d43-7c507e45efc3
x-served-by: cache-mia-kmia1760066-MIA
last-modified: Tue, 07 Nov 2023 22:01:06 GMT
server: Fastly
etag: "a3831a1659489d23fe40b04c7ca1798d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 44

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 145ms
142ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768716954
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768716854
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 141ms
141ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768717554
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699456768716911
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 147ms
147ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768717618
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699456768717014
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.gGIPs74Modc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame C848 158 KB
57 KB 165ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.gGIPs74Modc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg1ZxeLDl2Z71ZI2AdF3T9SGwzmMA/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5aaea99bc7e871d05523d17cc75941bcd05efa6c5373190ebc389d058bfdec8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57289
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 07:52:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:16:16 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame B5E6 156 B
669 B 316ms
106ms XHR
application/json 44.241.50.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.50.239 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-50-239.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

42347bdeed120ec96b069dfeef648a88326063918ad0253e3c7649b0a27e3fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456768912899
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699456768912295
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 41ms
39ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HNR33QTX08&_ono=1&gtm=45je3b60v9164375506&_p=1699456767008&_gaz=1&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1774232936.1699456768&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2&dt=Trump%202024&sid=1699456768&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2680
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HNR33QTX08&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:19:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 63ms
60ms Ping
text/plain 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-HNR33QTX08&cid=1774232936.1699456768&gtm=45je3b60v9164375506&aip=1&dma=0&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HNR33QTX08&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:19:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame C848 2 KB
2 KB 152ms
152ms Other
text/html 2607:f8b0:4004:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H2 200 0 Show response
r.stripe.com/ Frame E617 0
274 B 109ms
109ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768769860
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768769704
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E617 0
274 B 110ms
109ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768770064
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768769779
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E617 0
274 B 110ms
110ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768770056
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768769854
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 111ms
109ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768862317
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699456768862185
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 111ms
110ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768862929
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768862342
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 110ms
110ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768865746
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768864797
access-control-allow-credentials: true
content-length: 0

GET
H2 200 phone-numbers-lib-f19807cd8cf5390c9afa641cb061e0d6.js Show response
js.stripe.com/v3/fingerprinted/js/ 129 KB
35 KB 26ms
26ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-f19807cd8cf5390c9afa641cb061e0d6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bd3305cbe248a3e41e6515b13252574e43ca28e21b1a768cae80e883199763c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:28 GMT
via: 1.1 varnish
age: 2315679
x-cache: HIT
content-length: 36129
x-request-id: b2424cfe-63cc-4d3d-8640-64e1a2a5ae5e
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Thu, 12 Oct 2023 20:01:48 GMT
server: Fastly
etag: "7b4e2a05caba7714610def4c9240cad9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11057

GET
H2 200 elements-inner-link-button-for-card-8df960dd675422839077b55eb84a41a1.html Show response
js.stripe.com/v3/ Frame DC61 73 KB
16 KB 26ms
26ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-link-button-for-card-8df960dd675422839077b55eb84a41a1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

594ce43596c92ed5f37b5542367f654bb516e99778cbda532b84026b145c98fe

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 64428
cache-control: max-age=31536000
content-encoding: br
content-length: 15178
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 15:19:28 GMT
etag: "8df960dd675422839077b55eb84a41a1"
last-modified: Tue, 07 Nov 2023 21:22:28 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 945
x-content-type-options: nosniff
x-request-id: 205a8d0c-b2e2-4ac1-b8b4-c41602a7bf39
x-served-by: cache-mia-kmia1760036-MIA

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 110ms
110ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768882370
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699456768881984
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 110ms
110ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768885786
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768885342
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 109ms
108ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768886092
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699456768885371
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 112ms
109ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768895945
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456768895332
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 111ms
110ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:28 GMT
x-stripe-server-envoy-start-time-us: 1699456768901061
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699456768900505
access-control-allow-credentials: true
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DC61 0
717 B 110ms
107ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456768918459
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699456768917555
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DC61 0
717 B 111ms
108ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 15:19:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456768918569
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699456768917948
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DC61 532 KB
129 KB 28ms
27ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-8df960dd675422839077b55eb84a41a1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-8df960dd675422839077b55eb84a41a1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:28 GMT
via: 1.1 varnish
age: 64475
x-cache: HIT
content-length: 131812
x-request-id: d2adc08f-731e-47b2-84cb-1309d10ac4ca
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16

GET
H2 200 elements-inner-link-button-for-card-27744bf8d0833c927049162f1855b6e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DC61 24 KB
9 KB 28ms
27ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-link-button-for-card-27744bf8d0833c927049162f1855b6e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-8df960dd675422839077b55eb84a41a1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f03756c1563b606565eda844b97eadf0de8e01a1c3719bcf525dd20370a02bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-8df960dd675422839077b55eb84a41a1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:28 GMT
via: 1.1 varnish
age: 1200288
x-cache: HIT
content-length: 9575
x-request-id: 443d243b-271c-4f90-9024-1e9b0a1795a7
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Wed, 25 Oct 2023 17:49:31 GMT
server: Fastly
etag: "09b2e3ebca39506cca4bbdc2127fc9c6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5767

GET
H2 200 elements-inner-link-button-for-card-4b5caabaabe2a1da1413ec969c991641.css
js.stripe.com/v3/fingerprinted/css/ Frame DC61 25 KB
4 KB 29ms
29ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-link-button-for-card-4b5caabaabe2a1da1413ec969c991641.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-8df960dd675422839077b55eb84a41a1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

dccf597ae7be773fabafe94246d6235959c5b169c80b0a575a7e55303887cf3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-8df960dd675422839077b55eb84a41a1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:28 GMT
via: 1.1 varnish
age: 1200288
x-cache: HIT
content-length: 4316
x-request-id: 8e68b14d-efde-47ad-a687-70c616fe65fc
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Wed, 25 Oct 2023 17:49:19 GMT
server: Fastly
etag: "bd45f5d1d100cfdffbba7a51dba4f34f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5733

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.gGIPs74Modc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLG... Frame C848 73 KB
27 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.gGIPs74Modc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc_oO2k.L.B1.O/am=EIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhZy2l995RpIKQEkackz7QCQE6Y5g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.gGIPs74Modc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg1ZxeLDl2Z71ZI2AdF3T9SGwzmMA/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c136fdad6ac1f3830adeb0506b573fad06cc7a51c0c23cd2ad956ccbedc7e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27274
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:22:59 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame B5E6 156 B
668 B 106ms
106ms XHR
application/json 44.241.50.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.50.239 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-50-239.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

42347bdeed120ec96b069dfeef648a88326063918ad0253e3c7649b0a27e3fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 08 Nov 2023 15:19:29 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456769034642
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699456769034403
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame B5E6 156 B
668 B 158ms
156ms XHR
application/json 44.241.50.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.50.239 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-50-239.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

42347bdeed120ec96b069dfeef648a88326063918ad0253e3c7649b0a27e3fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 08 Nov 2023 15:19:29 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456769084950
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 5
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699456769084674
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame C848 1 MB
374 KB 100ms
100ms XHR
text/html 2607:f8b0:4004:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0a116f99aebe60bdd30476f54d5676c3075fd037c18f718ad8bcc0fa2b8abeb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1yeoaU7DoAihZAVFWP6YUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:29 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1yeoaU7DoAihZAVFWP6YUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 08 Nov 2023 15:19:29 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.gGIPs74Modc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLG... Frame C848 9 KB
4 KB 54ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.gGIPs74Modc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc_oO2k.L.B1.O/am=EIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhZy2l995RpIKQEkackz7QCQE6Y5g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c9e6a3555cd44c095c143b76cfa4c017c9a93b79829378963897260a3ae23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3726
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:22:59 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.gGIPs74Modc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLG... Frame C848 37 KB
14 KB 54ms
54ms Script
text/javascript 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.gGIPs74Modc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc_oO2k.L.B1.O/am=EIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhZy2l995RpIKQEkackz7QCQE6Y5g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c1bcc140180aed0421dafa9db38245265181d450c094a1250f12a3f9ab3e709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14044
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:22:59 GMT

POST
H3 200 log Show response
play.google.com/ Frame C848 131 B
152 B 180ms
91ms XHR
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 15:19:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 204ms
81ms Preflight
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 15:19:29 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C848 131 B
152 B 196ms
97ms XHR
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 15:19:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 191ms
70ms Preflight
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 15:19:29 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C848 131 B
152 B 193ms
91ms XHR
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 15:19:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 log Show response
play.google.com/ Frame C848 131 B
152 B 197ms
93ms XHR
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 15:19:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 185ms
66ms Preflight
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 15:19:29 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 181ms
65ms Preflight
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 15:19:29 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C848 131 B
152 B 199ms
98ms XHR
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 15:19:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 184ms
69ms Preflight
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 15:19:29 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
80 KB 62ms
61ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11094181768

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3caf5ebbdffa6fc7127455427f3ca1b1447d5f20703086dc703b85a20f0d170f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:19:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81400
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Nov 2023 15:19:29 GMT

POST
H3 204 rum Show response
secure.winred.com/cdn-cgi/ 0
142 B 36ms
28ms XHR
text/plain 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: application/json

Response headers

date: Wed, 08 Nov 2023 15:19:29 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://secure.winred.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 822ecb668e6a67b7-MIA

POST
H2 200 0 Show response
r.stripe.com/ Frame BEE6 0
274 B 110ms
109ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:29 GMT
x-stripe-server-envoy-start-time-us: 1699456769090942
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456769090471
access-control-allow-credentials: true
content-length: 0

POST
H3 200 log Show response
play.google.com/ Frame C848 131 B
152 B 183ms
95ms XHR
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 15:19:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 180ms
81ms Preflight
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 15:19:29 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 111ms
110ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:29 GMT
x-stripe-server-envoy-start-time-us: 1699456769094745
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1699456769094656
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 112ms
111ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:29 GMT
x-stripe-server-envoy-start-time-us: 1699456769095354
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1699456769094737
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 116ms
114ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:29 GMT
x-stripe-server-envoy-start-time-us: 1699456769097252
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1699456769096583
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 116ms
115ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:29 GMT
x-stripe-server-envoy-start-time-us: 1699456769096895
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 8
x-stripe-client-envoy-start-time-us: 1699456769096622
access-control-allow-credentials: true
content-length: 0

GET
H2 200 elements-inner-payment-request-283014f74614bddf3e389df7a6edd695.html Show response
js.stripe.com/v3/ Frame 571C 820 B
1 KB 26ms
26ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-283014f74614bddf3e389df7a6edd695.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

14b0d93cffd10d70b138178fe469afa9de5161bb4ade9e4817fc4e674929d0a9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 64447
cache-control: max-age=31536000
content-encoding: br
content-length: 370
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 15:19:29 GMT
etag: "283014f74614bddf3e389df7a6edd695"
last-modified: Tue, 07 Nov 2023 21:22:28 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 815
x-content-type-options: nosniff
x-request-id: f1434b2c-3cea-4ee6-9964-ec9939fc492f
x-served-by: cache-mia-kmia1760036-MIA

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 109ms
109ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:29 GMT
x-stripe-server-envoy-start-time-us: 1699456769107051
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456769106843
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 108ms
108ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:29 GMT
x-stripe-server-envoy-start-time-us: 1699456769107527
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699456769107121
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 108ms
108ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:29 GMT
x-stripe-server-envoy-start-time-us: 1699456769108674
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699456769108227
access-control-allow-credentials: true
content-length: 0

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 571C 532 KB
129 KB 38ms
32ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-283014f74614bddf3e389df7a6edd695.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-283014f74614bddf3e389df7a6edd695.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:29 GMT
via: 1.1 varnish
age: 64475
x-cache: HIT
content-length: 131812
x-request-id: 527bd66f-a283-430b-b3e8-36cec0400789
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17

GET
H2 200 ui-shared-6713d86eead6f9311ad41c26cbf10d98.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 571C 380 KB
110 KB 37ms
31ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-6713d86eead6f9311ad41c26cbf10d98.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-283014f74614bddf3e389df7a6edd695.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

11d89d6b9bfb5fae5d517ffcd0b9a2913506f8cceace4ae6b6643c2d53234fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-283014f74614bddf3e389df7a6edd695.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:29 GMT
via: 1.1 varnish
age: 64447
x-cache: HIT
content-length: 111930
x-request-id: 071de1b7-0c00-4903-9262-410793ed619e
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Tue, 07 Nov 2023 21:22:42 GMT
server: Fastly
etag: "cc66a0d38b8eb632ce59e0415117d146"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2571

GET
H2 200 elements-inner-payment-request-692a6152f486945ef5bb1724a8d01deb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 571C 72 KB
25 KB 40ms
34ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-692a6152f486945ef5bb1724a8d01deb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-283014f74614bddf3e389df7a6edd695.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1396c8b9abee79298b7357f25d545769fdd21e1357558736429de1f648271181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-283014f74614bddf3e389df7a6edd695.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:29 GMT
via: 1.1 varnish
age: 511342
x-cache: HIT
content-length: 25800
x-request-id: 59953827-1ca2-4d2a-aab7-813b94bc16e4
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Thu, 02 Nov 2023 17:12:20 GMT
server: Fastly
etag: "99362a20de6f19b28f565b5951fc7838"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3944

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 571C 20 KB
3 KB 34ms
29ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-283014f74614bddf3e389df7a6edd695.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-283014f74614bddf3e389df7a6edd695.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:29 GMT
via: 1.1 varnish
age: 1317906
x-cache: HIT
content-length: 3304
x-request-id: 8f61ab47-6dea-46a0-a9ed-78f4c3cccaf3
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Mon, 24 Jul 2023 20:23:04 GMT
server: Fastly
etag: "b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16253

GET
H2 200 elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
js.stripe.com/v3/fingerprinted/css/ Frame 571C 11 KB
3 KB 33ms
28ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-283014f74614bddf3e389df7a6edd695.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-283014f74614bddf3e389df7a6edd695.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:29 GMT
via: 1.1 varnish
age: 466572
x-cache: HIT
content-length: 2547
x-request-id: 2130853f-03f7-46c1-8c29-cad5ac332c13
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Mon, 07 Aug 2023 21:25:15 GMT
server: Fastly
etag: "828ee6578d45b518446bf74a1cc39038"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2301

POST
H2 200 csp-report
q.stripe.com/ Frame 571C 0
717 B 113ms
106ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 15:19:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456769144098
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699456769143482
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 571C 0
717 B 118ms
112ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 15:19:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699456769144167
x-envoy-upstream-service-time: 7
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699456769143460
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11094181768/ 2 KB
1 KB 66ms
65ms Script
text/javascript 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11094181768/?random=1699456769152&cv=11&fst=1699456769152&bg=ffffff&guid=ON&async=1&gtm=45be3b60v9102692410&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2&hn=www.googleadservices.com&frm=0&tiba=Trump%202024&auid=1055518884.1699456767&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11094181768

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de18a456a0d2cd7d5b2d8cbc8d5e25b3d8b060804bf17d4aabc8cf9de6668b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1372
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 571C 474 B
594 B 27ms
26ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9b618e1ecd2ecedd856240cc7a0aa6bff7b528e05f2788ba0114195ccb7efe74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-payment-request-283014f74614bddf3e389df7a6edd695.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 15:19:29 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 47
x-cache: HIT
content-length: 297
x-request-id: 9190996e-415a-495a-895f-ffe072418597
x-served-by: cache-mia-kmia1760066-MIA
last-modified: Tue, 07 Nov 2023 22:01:06 GMT
server: Fastly
etag: "a3831a1659489d23fe40b04c7ca1798d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 45

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 111ms
108ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:29 GMT
x-stripe-server-envoy-start-time-us: 1699456769327756
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699456769327236
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 113ms
111ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:29 GMT
x-stripe-server-envoy-start-time-us: 1699456769327447
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1699456769327295
access-control-allow-credentials: true
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/11094181768/ 42 B
64 B 79ms
78ms Image
image/gif 2607:f8b0:4004:c08::6a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11094181768/?random=1699456769152&cv=11&fst=1699455600000&bg=ffffff&guid=ON&async=1&gtm=45be3b60v9102692410&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Fsave-america-joint-fundraising-committee%2F614145smsdtvj%3Futm_campaign%3D20231107_j_prsp%26utm_medium%3Dsms%26utm_content%3D22%26utm_source%3Dci_prsp%26utm_term%3D20231108_Magnolia-Oct2&frm=0&tiba=Trump%202024&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNrZl9Ji3jYgNza9A52_V0FSfbGsuzE1MJ-RzNv6Hds1e8mVeW&random=4064492068&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::6a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 15:19:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A2D 0
274 B 109ms
109ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 15:19:29 GMT
x-stripe-server-envoy-start-time-us: 1699456769328798
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699456769328585
access-control-allow-credentials: true
content-length: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/12a/ 254 KB
56 KB 52ms
51ms Script
text/javascript 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/12a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b6fb8c2b9ee6b41540fd549a726e431eb8667074da38d94af8a647ae05e9da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57367
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 21:27:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 15:01:49 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/12a/ 155 KB
49 KB 88ms
87ms Script
text/javascript 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/12a/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

206b430ad8e96d2f58a4c4cc6d2e5b97b40a1b62d9c1a7b027409b376da8c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 15:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50370
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 21:27:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 15:04:51 GMT

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ 295 B
378 B 26ms
26ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 15:19:34 GMT
via: 1.1 varnish
age: 1926268
x-cache: HIT
content-length: 221
x-request-id: f087e7cd-907b-4e93-a1db-4c9b5196925f
x-served-by: cache-mia-kmia1760036-MIA
last-modified: Wed, 20 Sep 2023 21:36:18 GMT
server: Fastly
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 26701

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.revv.co/api/v3/users	1970-01-21 01:40:16	Name: rvid Value: 8373d266-d521-448a-b70a-51578b9541f2
.winred.com/	1969-12-31 23:59:59	Name: _revv_v3_session Value: TVNYa1hCcVZhRGZuWGNiOVJLd0ZnbjE4cWlNZUpvZTZnY0pmSVE1VzBOcVJFTVpHVW1yZWlHSjNvd0VaL0NLcjlBRTZUVzk5U2wvZWRVUzI3SGV3NSt2dzQ4NjVLV0dMNWpiZFJmcFc3dkZ6b2lnYkJ4MjFBTTZiMUxZanB0MVFiOVkxcmpDakZKNlJ6QzdFS2hkWFZveEtXRElRbGVRNUhGWWlCc2ZiVXZwUWJERkZwTnJHczlGeWwrdUZVTkxNT1VFWGkxTDhXSGV2bWxTaysrK1dmcFkxelVxTUUxZ3gwOWNVNHJmM01XLzlMRFRZaUVsdHBJamFVMUFpN0hzTVU0Ti9lZk9iYUJjMkR5czhHam1xY3RxQ2xNazVpNnJjOTMwR3E2NTdvU0grZTNBZy9zTzN2M05aNlR5VjhmUEo4TjlCcHllakQrek1tQ3NiQysyQ04ycHRCSGt2RHRLSFFma3pSdWZmZHp3PS0tc0xkT3FYaG1jVjlRY0ZxNlFOeGplUT09--ce2aefa5590a5867baeb344afa03b76ee8f1758b
.secure.winred.com/	1970-01-20 16:04:18	Name: __cf_bm Value: 7lpM.8RP.qH3_7QyrnBhNkfgSbnEyiDRIW6ZEyYE_Vg-1699456766-0-AbIwhiYl8pKOCnDmewesmy40xUudkrsfNW2bZsq/jrvC2xx8TwDtIf6TZy5s0E7d5WhlMPwW2pTdUkifhVk+mhM=
.winred.com/	1970-01-20 18:13:52	Name: _gcl_au Value: 1.1.1055518884.1699456767
secure.winred.com/	1969-12-31 23:59:59	Name: origin_url Value: https://secure.winred.com/save-america-joint-fundraising-committee/614145smsdtvj?utm_campaign=20231107_j_prsp&utm_medium=sms&utm_content=22&utm_source=ci_prsp&utm_term=20231108_Magnolia-Oct2
.revv.co/	1969-12-31 23:59:59	Name: _revv_v3_session Value: K2ZaVUZzNHVjK01HTTlVRFJ4MnNNbDhkaFJvQjNNaFo1Mm9DcmZ6YlhuNDRiUmluT1lWdlNOcFVTc2dDaUlITS96R21NSlBuK2FBRHdOZ1Njei9kcnc9PS0tUVpQSGFJWVJ0N1JlWHU3OS9wbm95UT09--31ffb4ecd80cb538cc189c8295b371befa2f0e08
.revv.co/	1970-01-20 16:04:18	Name: __cf_bm Value: 5o3Jmv4oLuoTGWSjh8k.VyuZBEj6zXsASMkjPYzrXlo-1699456767-0-AQ5b7dfrYRQ6V1CzbJHtZp6jI6Q2Dai11u91s8CtxUvEzyNRtrA1Hcvf34mzx8jnp2SolsVyI+yTyw6n8eFsFxU=
.winred.com/	1970-01-21 01:40:16	Name: _ga_X6H0114PDF Value: GS1.1.1699456767.1.0.1699456767.0.0.0
.winred.com/	1970-01-20 16:05:43	Name: _gid Value: GA1.2.1487763822.1699456768
.winred.com/	1970-01-20 16:04:16	Name: _dc_gtm_UA-73658561-7 Value: 1
.winred.com/	1970-01-20 16:04:16	Name: _gat_UA-60901920-1 Value: 1
.google.com/	1970-01-20 20:27:47	Name: NID Value: 511=cxWfeD-EYB1L_wCxlOd_K6aH3C_MLZJCuHQA4jSBMUHKOQAOqp9XydIQZ4_AHSifQnGUVYZk607xAWLCvt9p8lihcZsQ-qyNPoyDE8nypOiytgGe4ZI9b8ZzddoHsZXIdel47FaKj3Ln-lVPVmEO8eIjud-exDjnOO1OH5007c0
secure.winred.com/	1969-12-31 23:59:59	Name: sso_tries Value: 1
secure.winred.com/	1970-01-21 01:40:16	Name: rvid Value: 8373d266-d521-448a-b70a-51578b9541f2
.winred.com/	1970-01-21 01:40:16	Name: _ga_0YWKLMCX4D Value: GS1.1.1699456767.1.0.1699456767.0.0.0
.winred.com/	1970-01-21 01:40:16	Name: _ga Value: GA1.1.1774232936.1699456768
.doubleclick.net/	1970-01-21 01:40:16	Name: IDE Value: AHWqTUmwV7yFZVzeLUOzE_S0nEtddszCtkaQBM-MhcwgsQQxNLVCiKUICD-tU0NY
.winred.com/	1970-01-21 01:40:16	Name: FPID Value: FPID2.2.qM1Hg8BKU2yIShrCm9TXht8mN4R%2BvtlfwQKrj7zCemw%3D.1699456768
.winred.com/	1970-01-20 16:04:18	Name: FPGSID Value: 1.1699456768.1699456768.G-X6H0114PDF.MzUwBepEfAJ2tFEd-xX4Eg
.t.co/	1970-01-21 01:40:16	Name: muc_ads Value: 010eb57e-d3c9-4cd6-a804-23cb2e86343d
.twitter.com/	1970-01-21 01:40:16	Name: guest_id_marketing Value: v1%3A169945676820514991
.twitter.com/	1970-01-21 01:40:16	Name: guest_id_ads Value: v1%3A169945676820514991
.twitter.com/	1970-01-21 01:40:16	Name: personalization_id Value: "v1_OzLJVIdXr6bpZsRBwvRrdw=="
.twitter.com/	1970-01-21 01:40:16	Name: guest_id Value: v1%3A169945676820514991
.secure.winred.com/	1970-01-21 00:49:52	Name: cf_clearance Value: gqy2eF_vQQDpHLfLoF.9BvsKFdpOYV2GRJfgP.6BTPY-1699456768-0-1-53aacbb8.dee75e7e.ffd05774-0.2.1699456768
.winred.com/	1970-01-20 18:13:52	Name: _fbp Value: fb.1.1699456768573.742199230
.winred.com/	1970-01-20 16:05:28	Name: FPLC Value: iqXXnzhc2fXRmPByQesQf5g40Sh6U5OfFsHGNGfwb0JBsRDHJFbpgv%2B9S5JsjANuyALTONigRZ1b17SEMdrfE%2BJc1O2G2ANg50ryJ0Gtu%2Fj9Jugzmq7zF37xIWY4mQ%3D%3D
.winred.com/	1970-01-21 01:40:16	Name: _ga_HNR33QTX08 Value: GS1.2.1699456768.1.0.1699456768.60.0.0
m.stripe.com/	1970-01-21 01:40:16	Name: m Value: 21c48198-86d4-49a4-8161-5281811d0f9ddf4c7c
.secure.winred.com/	1970-01-21 00:49:52	Name: __stripe_mid Value: 75ffd687-2dff-4fd7-957d-9c0dc635b290732a46
.secure.winred.com/	1970-01-20 16:04:18	Name: __stripe_sid Value: f6304633-22ee-45f4-8545-76dcb23f81bf3c1935

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9381094.fls.doubleclick.net
adservice.google.com
analytics.google.com
analytics.twitter.com
app.revv.co
cdn.nucleusfiles.com
connect.facebook.net
d35ligi1n5bgzc.cloudfront.net
googleads.g.doubleclick.net
gtm.winred.com
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
merchant-ui-api.stripe.com
nolib.us
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
secure.winred.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.244.42.195
104.244.42.197
146.75.28.157
151.101.192.176
172.253.62.148
2001:4860:4802:32::181
2600:9000:208f:9c00:0:7d26:ee00:93a1
2606:4700:3037::ac43:8758
2606:4700::6810:3965
2606:4700::6810:fa45
2606:4700::6813:d359
2606:4700::6813:d459
2607:f8b0:4004:c06::5c
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c08::6a
2607:f8b0:4004:c09::64
2607:f8b0:4004:c0b::9b
2607:f8b0:4004:c17::66
2607:f8b0:4004:c19::61
2607:f8b0:4004:c1b::9b
2607:f8b0:4004:c1d::5e
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
3.229.145.172
44.241.50.239
54.187.119.242
75.2.108.118
99.83.253.106
0524593c51d313589e0e8e8a8b069c1c7ecc5dc94a2c59dd2809b0e326d407f8
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0b6fb8c2b9ee6b41540fd549a726e431eb8667074da38d94af8a647ae05e9da7
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
11d89d6b9bfb5fae5d517ffcd0b9a2913506f8cceace4ae6b6643c2d53234fc5
1396c8b9abee79298b7357f25d545769fdd21e1357558736429de1f648271181
14b0d93cffd10d70b138178fe469afa9de5161bb4ade9e4817fc4e674929d0a9
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
206b430ad8e96d2f58a4c4cc6d2e5b97b40a1b62d9c1a7b027409b376da8c1de
254a4f72d93d5ee58581a41bf216a4fa457e8d4f7ba157c259f5b0065c8919c5
29dce952c3438587f8594c16c4ed01075488de2e5e43d06d9454e33495623912
2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03
32772602c44291855865e61110869a53305c3351f390dbe3f209ea8bfd17df64
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3af654f1b8c2fbae4f99b1478cda481daad1bddeb864b264c2e4a049db1111ed
3caf5ebbdffa6fc7127455427f3ca1b1447d5f20703086dc703b85a20f0d170f
3d0cdd79a2e3a7d273784870098d00c8ba8b9e6940e86a940c2d1a136e02ac9a
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
42347bdeed120ec96b069dfeef648a88326063918ad0253e3c7649b0a27e3fbe
4b0ee40c236b43959682dbfb183f1e573d475a20c1a8831055731403679aaa69
4ec0827f796bdadb833f52dd7ea841e12158d9f488554ecb73479cc2ea6f6d8e
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe
52c9e6a3555cd44c095c143b76cfa4c017c9a93b79829378963897260a3ae23a
534bf7023831c5b1aa2d025b977e96a836d07a792834356776b10f5a9612096d
594ce43596c92ed5f37b5542367f654bb516e99778cbda532b84026b145c98fe
5aaea99bc7e871d05523d17cc75941bcd05efa6c5373190ebc389d058bfdec8a
5b22fc79d7e057e3d13e0d50f57b1ad9afcb8adbc6b954e7816ede5180ffc063
5c136fdad6ac1f3830adeb0506b573fad06cc7a51c0c23cd2ad956ccbedc7e9a
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
641defe78e044cbd72e13110f131016fc26c1e8b00ef29ad142e177a0e54bfe1
661b2ba0edc8352ace2d68f6bf27990057b499ab4c087567fe0751aecc1af6ce
66739acaaa4a97f905fa0dbc1f9c79ae864e74f800856ae12b3988debfa986fd
6adb4c90964628bd4da814952c5a6816ebccd394eb988a75fa14e72a977aa04b
81a6832550bd52d1c44e1e63c2d9137a441dd53d31302c3070000403d032b012
81df1793bd847bd56b0f7925fd2d7ce62296cbf5707c7ca2017dad20068ff473
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89aeac4fa10f5a807ea7df84e152de0981e7693bfdbb3725da3b925461c71795
8c1bcc140180aed0421dafa9db38245265181d450c094a1250f12a3f9ab3e709
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
961951e588ed2cbd0dadda321becf5c4d27451bb0896262f86e7d922da5794ca
9b618e1ecd2ecedd856240cc7a0aa6bff7b528e05f2788ba0114195ccb7efe74
a90492ff833ba2c9260fb83307882241e32afa818d4cc865a90b0442050dd92a
ab2dfd3c4fbc7c1f2f3e952e50ed0ba7f53cb247d37dd16c9af7289c3c60dd43
abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adc1d3b068ea9cdb784afd7ae8a7fa17076f4b9fb5571a7f460b11d05c87f01d
af3d716fd80fdee9a734dc9a3b2593245a08929fe7b5f42884eaacc651fe6f35
b1edba09a92cc8a52b69c18ec834510950b98f387cbe6014a53f92c5579a3725
b5cb945c8d8f7818ba0e1e662300ba00fcbd3a407f0726a8b4177ddfbba8c035
ba6c13a562b511aa405cbdc0279694c0d46cef804b1ee054c089527c62f4161d
bb15bec8368280fa4baf24ad5a7f1268a665d0fd2b06db59608bff7c5fabaf34
bd3305cbe248a3e41e6515b13252574e43ca28e21b1a768cae80e883199763c0
c855461011b7c36e62abc73438ddd630d92dd7774f9f7233c0c88f436f83da55
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf156d4cc528406c515b1747f1edc1bbe9320382807abaa4ea0fe312a2f35e54
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dccf597ae7be773fabafe94246d6235959c5b169c80b0a575a7e55303887cf3f
de18a456a0d2cd7d5b2d8cbc8d5e25b3d8b060804bf17d4aabc8cf9de6668b8a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62edfdb0575acbdce5c582447530e931df30ba86e9036e93c58cc7944ed56c6
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e865ba6846b03cf0f020a2c08ed1521dea06cf3d6925b785a1a64aa2937a2b07
e973184fdfd8d34a092c8372b01b5a26eba02a08a1027bdc4faac414c93d59bc
ea041a49c4984fa513cf61061fe759c3f5d88c640d269def71404761ad2fb1a7
ebf1723d2e3a40af52e3d9c6695757ddd3c05b627ee776876355893d0ef9e67c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f03756c1563b606565eda844b97eadf0de8e01a1c3719bcf525dd20370a02bc0
f0a116f99aebe60bdd30476f54d5676c3075fd037c18f718ad8bcc0fa2b8abeb
fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e
ffaa007e9a94fb70753b0bf00cbe94cea9d455b179d50822f51de6cb063785b4

secure.winred.com Open in urlscan Pro 2606:4700::6813:d359 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

188 Requests

99 %HTTPS

64 %IPv6

19 Domains

30 Subdomains

26 IPs

1 Countries

3700 kBTransfer

12629 kBSize

31 Cookies

9 Outgoing links

Page URL History

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.winred.com Open in urlscan Pro
2606:4700::6813:d359 Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

99 %
HTTPS

64 %
IPv6

19
Domains

30
Subdomains

26
IPs

1
Countries

3700 kB
Transfer

12629 kB
Size

31
Cookies

188 HTTP transactions
0 data transactions