secure.winred.com Open in urlscan Pro
2606:4700::6813:d359 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
Submission: On July 16 via manual (July 16th 2024, 5:44:45 pm UTC) from US — Scanned from GB

Summary HTTP 63 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 15 domains to perform 63 HTTP transactions. The main IP is 2606:4700::6813:d359, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com. The Cisco Umbrella rank of the primary domain is 60737.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 22nd 2024. Valid for: a year.

This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	2606:4700::68... 2606:4700::6813:d359	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
4	18.239.50.31 18.239.50.31	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	172.98.56.41 172.98.56.41	399647 (RUMBLE) (RUMBLE)
7	13.224.189.121 13.224.189.121	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6813:d459	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:274... 2600:9000:2744:8400:0:7d26:ee00:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:e534	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
2	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
3	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
63	21

13 2606:4700::6813:d359 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

secure.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.239.50.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-31.ams58.r.cloudfront.net

d35ligi1n5bgzc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh7-us.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.98.56.41 (Canada)

ASN399647 (RUMBLE, US)

a.ads.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.224.189.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-121.fra2.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:d459 (United States)

ASN13335 (CLOUDFLARENET, US)

app.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2744:8400:0:7d26:ee00:93a1 (United States)

ASN16509 (AMAZON-02, US)

d35ligi1n5bgzc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:e534 (United States)

ASN13335 (CLOUDFLARENET, US)

gtm.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	winred.com 1 redirects secure.winred.com — Cisco Umbrella Rank: 60737 app.winred.com — Cisco Umbrella Rank: 225445 gtm.winred.com — Cisco Umbrella Rank: 180080	214 KB
8	stripe.com js.stripe.com — Cisco Umbrella Rank: 2856	151 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	627 KB
6	cloudfront.net d35ligi1n5bgzc.cloudfront.net	1 MB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 stats.g.doubleclick.net — Cisco Umbrella Rank: 252	545 B
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 567	205 KB
3	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 4354	713 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773	108 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1356	1 KB
2	t.co t.co — Cisco Umbrella Rank: 979	628 B
1	rmbl.ws a.ads.rmbl.ws — Cisco Umbrella Rank: 30096	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	15 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
1	googleusercontent.com lh7-us.googleusercontent.com — Cisco Umbrella Rank: 5757	5 KB
63	15

	Domain	Requested by
13	secure.winred.com	1 redirects secure.winred.com static.cloudflareinsights.com
8	js.stripe.com	secure.winred.com js.stripe.com
6	www.googletagmanager.com	secure.winred.com www.googletagmanager.com www.google-analytics.com
6	d35ligi1n5bgzc.cloudfront.net	secure.winred.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com secure.winred.com
4	maps.googleapis.com	secure.winred.com maps.googleapis.com
3	www.google.co.uk	secure.winred.com
3	region1.analytics.google.com	secure.winred.com www.googletagmanager.com
3	stats.g.doubleclick.net	www.google-analytics.com secure.winred.com www.googletagmanager.com
2	analytics.twitter.com	secure.winred.com
2	t.co	secure.winred.com
2	gtm.winred.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	app.winred.com	secure.winred.com
1	a.ads.rmbl.ws	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.cloudflareinsights.com	secure.winred.com
1	lh7-us.googleusercontent.com	secure.winred.com
63	19

This site contains links to these domains. Also see Links.

Domain
txtterms.co
winred.com
www.donaldjtrump.com
cdn.donaldjtrump.com

Subject Issuer	Validity	Valid
secure.winred.com Cloudflare Inc ECC CA-3	`2024-01-22` - `2024-12-31`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-06-21` - `2024-09-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.googleusercontent.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
a.ads.rmbl.ws E6	`2024-06-13` - `2024-09-11`	3 months	crt.sh
winred.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
*.google.co.uk WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
Frame ID: CC5A09684F6847001D5591EC9CF1816A
Requests: 54 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: B59C3F04260724B6E9D831C1313C74EA
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-muas-treatment-837b1207b81b537f93b33d4f9a115903.html
Frame ID: BBF269FE503DE01C714BEB7F42C2F77D
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-7328844db503aea19bc88ec3bad2977b.html
Frame ID: 9D6A22EABA3CA3285870176532C4207F
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-muas-treatment-837b1207b81b537f93b33d4f9a115903.html
Frame ID: 456F84B71E12C996D9375FF7B94CCA0B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-3cb0ee643c33ef4dddf33389585e97d8.html
Frame ID: 9B1444E4D1660BF46F82AB91886F6393
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-3906b8b0e9120a10add9fa773cb3d6e0.html
Frame ID: 73E9C3DB6BAE7B0B9064AA919AE23CD1
Requests: 1 HTTP requests in this frame

Frame: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js
Frame ID: DA29CF09ECF12571619C5AAEE378610E
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-1146007db5d62693fb50890941527270.html
Frame ID: 596ED77461FD6C74EBE1D69ECDDACA20
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MAGA

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

63
Requests

98 %
HTTPS

67 %
IPv6

15
Domains

19
Subdomains

21
IPs

5
Countries

2419 kB
Transfer

5471 kB
Size

30
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://txtterms.co/88022-2/
Title: txtterms.co/88022-2

Search URL Search Domain Scan URL

URL: https://winred.com/terms/donor-terms/
Title: terms of use

Search URL Search Domain Scan URL

URL: https://winred.com/privacy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.donaldjtrump.com/join
Title: Interested in volunteering? Click here to sign up today.

Search URL Search Domain Scan URL

URL: https://cdn.donaldjtrump.com/djtweb24/general/TNC_Contributor_Form.pdf
Title: Want to donate by mail? Click here to print out a donation form that you can send to our address.

Search URL Search Domain Scan URL

URL: https://winred.com/
Title: Powered by

Search URL Search Domain Scan URL

URL: https://winred.com/about-our-ads/
Title: About Our Ads

Search URL Search Domain Scan URL

URL: https://winred.com/support/
Title: Questions about your charge? Go to our Support Center

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request lp-agenda-47-v00 Show response
secure.winred.com/trump-national-committee-jfc/ 56 KB
14 KB 874ms
363ms Document
text/html 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dca704c8f7b7ca488e4ae62a2e3a0b8f380bc58e2224796f35d967f09dcff3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8a43cd180c756551-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 16 Jul 2024 17:44:36 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-rack-cors: miss; no-origin
x-request-id: 5cd2abe6-664e-48f8-99a7-a619c5357746
x-revv-cache: Hit from Revv
x-runtime: 0.037370
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
js.stripe.com/v3/ 622 KB
151 KB 828ms
125ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d07d38370c5ab3246c171ad58a86eaf8ba0b477c9e50909e224964b1866e285c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 16 Jul 2024 17:44:37 GMT
via: 1.1 varnish
age: 53
x-cache: HIT
content-length: 154425
x-request-id: 527d0960-8cd7-47d8-a62f-1c3e87c1cce1
x-served-by: cache-lcy-eglc8600045-LCY
last-modified: Tue, 16 Jul 2024 17:43:27 GMT
server: Fastly
etag: "479006fb947a27955717e11a9be3662b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18

GET
H3 200 landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css
secure.winred.com/assets/ 220 KB
34 KB 453ms
452ms Stylesheet
text/css 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c55f9ced964923aa6bb9767c8c4ac9d7f18572bcbe9ae8ee1f0c1637c679a169

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:36 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: tOpBJg5htPvOaTyjGLLYiHKpyv._FiKY
cf-cache-status: HIT
x-amz-request-id: B77XMSXSP3KZN91R
age: 921
cf-polished: origSize=227910
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: e1wDAi0T89wonGCOuZKGWybz3pq4ojEVOfVmK64KiHxt4mghR1uxxi6I8VCA4bvhHzyTVyuH9sI=
cf-bgj: minify
last-modified: Fri, 10 May 2024 01:11:53 GMT
server: cloudflare
etag: W/"0d589e3ee739618497567fffac3f6955"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 8a43cd1a7fb26551-LHR
expires: Tue, 16 Jul 2024 21:44:36 GMT

GET
H3 200 1721138745.css
secure.winred.com/stylesheets/rv_page_01j1x7n22ycv2mdt6dj4c5jswf/ 8 KB
3 KB 495ms
494ms Stylesheet
text/css 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/stylesheets/rv_page_01j1x7n22ycv2mdt6dj4c5jswf/1721138745.css

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a5218f3675a4ccda81b12b5121a4127434fcab9eb0712f08c917fda3fcdf60f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rack-cors: miss; no-origin
date: Tue, 16 Jul 2024 17:44:36 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
age: 13093
cf-polished: origSize=8464
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 7af7900f-8acf-4835-aba2-c8935e860fec
x-runtime: 0.047876
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jul 2024 14:06:23 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=31556952
cf-ray: 8a43cd1a7fb86551-LHR
expires: Wed, 16 Jul 2025 23:33:48 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 277 KB
92 KB 298ms
83ms Script
text/javascript 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

688ec0c0a9e5abb83925944f5bd9363ae386f0269f001264f9ea67d9e02fbca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94042
x-xss-protection: 0

GET
H3 200 application-landing-page-4f5c162463dc1dcd4420d92f355638ab612b863ba11d918050c9ecafbaad9969.js Show response
secure.winred.com/assets/ 491 KB
137 KB 89ms
89ms Script
application/javascript 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/assets/application-landing-page-4f5c162463dc1dcd4420d92f355638ab612b863ba11d918050c9ecafbaad9969.js

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a3deacd1799bf73a270353064e107ac0ccc729f69f360908e491ec50875dc19

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:36 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: duHZNfotTPXG6DecBysGtwaDu5DT1hEA
cf-cache-status: HIT
x-amz-request-id: XNNNZ9QTBDDWTZCF
age: 5462
cf-polished: origSize=502523
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: XmPRFDDRCODjaq1FlfrOv+vrV5Sw8DT9lfVCi1waD6dVJm2AVbq7EA6eimB+akCUWGNUwGmiFh0=
cf-bgj: minify
last-modified: Fri, 14 Jun 2024 01:35:41 GMT
server: cloudflare
etag: W/"cca090abb8473b60249239b3bfcde2c4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8a43cd1a7fb96551-LHR
expires: Tue, 16 Jul 2024 21:44:36 GMT

GET
H2 200 TRUMPVANCE-OFFICIALLOGO.png
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/001/026/029/large/ 359 KB
360 KB 527ms
56ms Image
image/png 18.239.50.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/001/026/029/large/TRUMPVANCE-OFFICIALLOGO.png
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-31.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 455d931923a1399e40980a05030ccca274f7ff53018307091dee2dd48d25ee30

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 23:33:18 GMT
x-amz-version-id: K1P83YsB2SUmvAQZKR04aUX9YFvLgm20
via: 1.1 1d14130822f7563ef82bba830d521f72.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jul 2024 20:18:21 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 65480
etag: "2c43d5483f48728e700ab545ecb8a7d6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 367483
x-amz-cf-id: zR54qBjLAREYR_YAtG-6XoziQr-twkbFJTh6dIh25Dth3YgDGyISrQ==

GET
H2 200 unnamed_%281%29.png
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/001/025/868/original/ 153 KB
154 KB 527ms
57ms Image
image/png 18.239.50.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/001/025/868/original/unnamed_%281%29.png
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-31.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f60fd3d9104ea6756fd5b635f33aa45e9028633172966aac990c8376fb75dd9e

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 19:47:11 GMT
x-amz-version-id: FLvFy4b4veUr.uRBF1OdI0NyRT_RtWAj
via: 1.1 1d14130822f7563ef82bba830d521f72.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jul 2024 19:40:37 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 79047
etag: "68458905f43b991b32668f011b8dc998"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 157017
x-amz-cf-id: ReKd75VYQ882nMZyM1jB8WZ3JvwJyzgSGej5hjPVLyGlSUPHu51vJg==

GET
H2 200 bEVmiBAlrMNHqy8pYp6es3R_SGCX0rOh-5MJKw3B6i_L2qlob_wNs8XJaFAhpwwow-ZcPq_qlxb3kEhHRc7wAE1HvyVsoEbb_cj0vm5_mmxCKnsijw0yeSIk30aoo1k6PLKAXCZRaO4oYjE4luuo8qE
lh7-us.googleusercontent.com/ 5 KB
5 KB 275ms
51ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-us.googleusercontent.com/bEVmiBAlrMNHqy8pYp6es3R_SGCX0rOh-5MJKw3B6i_L2qlob_wNs8XJaFAhpwwow-ZcPq_qlxb3kEhHRc7wAE1HvyVsoEbb_cj0vm5_mmxCKnsijw0yeSIk30aoo1k6PLKAXCZRaO4oYjE4luuo8qE

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ce483bd57a7d0576c16db84df9cf92b4d94a2c8472f3254dbd2a759704d0fbfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 14:00:53 GMT
x-content-type-options: nosniff
age: 13424
content-disposition: inline;filename="_QW1zW-kTCSjbaqIOpuRy5VMvh61fpZv212Q1YCWeOexOYKps9CRhiAxX9Kvvq-lIdKhd_eQcyu6vBuNlCq3u2RFxweb4FxaKIYDq3EaTHdLU2IPQQ2fCV-KVJygrIgkrOcUZ9htsl6GD76yV3Xaut4.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5209
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Jul 2024 14:00:53 GMT

GET
H2 200 kUuht00m_400x400.jpg
d35ligi1n5bgzc.cloudfront.net/profiles/images/000/894/828/square/ 9 KB
9 KB 84ms
70ms Image
image/jpeg 18.239.50.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/profiles/images/000/894/828/square/kUuht00m_400x400.jpg
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-31.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e19ab777d416ab8585e83bb348451e0a4717b92e7cbb1f74900af55876f2ad9

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: e6vRznToLKSFlkxhhZl3uvfZed2SXwEW
date: Tue, 16 Jul 2024 06:20:32 GMT
via: 1.1 1d14130822f7563ef82bba830d521f72.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 41084
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 8995
last-modified: Wed, 20 Mar 2024 15:42:11 GMT
server: AmazonS3
etag: "86e9d3432d2077771820250698fbb99b"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: Mk9kwxOBQuXnwR2pZTXJF6K-qsAba6VYlhj_-0tP87f5sFBDHUuB5w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 488 KB
110 KB 325ms
111ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05ec088dcdbf442a3c595dfc067f01b4e960a60d3d7e3178c56a2b2f3ffeb974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112885
x-xss-protection: 0
last-modified: Tue, 16 Jul 2024 16:19:29 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Jul 2024 17:44:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 331 KB
111 KB 285ms
72ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbdaaec3f5d16ee5c37264f29b0f36fd1c82a7afab4f79353a0678b19a31fb38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113330
x-xss-protection: 0
last-modified: Tue, 16 Jul 2024 16:19:29 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Jul 2024 17:44:37 GMT

GET
H3 200 win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png
secure.winred.com/assets/ 9 KB
9 KB 122ms
118ms Image
image/webp 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:37 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: aNmAkBv9DfRq7EMYMbo7yshslA6Hmd6W
cf-cache-status: HIT
x-amz-request-id: HNND8R6NR4H31RZN
age: 3131
cf-polished: origFmt=png, origSize=11635
content-disposition: inline; filename="win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8708
x-amz-id-2: 1pZzcA7rBnLzxlrm3bpU56pinUMFOhqv0ZmHBcMTZ1OrRaZX9qCXOCKYCLwdGMiB+tNHpjOm5h8=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Jul 2024 16:05:56 GMT
server: cloudflare
etag: "972c0cca8d1e490484e89513f902e847"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8a43cd2109876551-LHR
expires: Tue, 16 Jul 2024 21:44:37 GMT

GET
H3 200 win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg
secure.winred.com/assets/ 19 KB
7 KB 52ms
51ms Image
image/svg+xml 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:37 GMT
x-amz-version-id: ea7GvxzWHWpdhDHNLg3Ca2YWEz2JTdeo
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: 9XS7GC3PSD4KXFFB
age: 5584
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: n/821JNwxylORIQS3RCPxLAeaqQ6nsA0snqjHa4IL5fFJ6RSaxZpcluNkFW7Ikp7h5e/7x03a4Q=
last-modified: Fri, 10 May 2024 01:11:55 GMT
server: cloudflare
etag: W/"d31530d4186af669daf4f47099614593"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 8a43cd218a576551-LHR
expires: Tue, 16 Jul 2024 21:44:37 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 259ms
88ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://secure.winred.com/
Origin: https://secure.winred.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:37 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8a43cd233b51beaf-LHR

GET
H2 200 OFFICIAL-TRUMPVANCE-LOGO-BACKGROUND.png
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/001/026/054/large/ 637 KB
638 KB 51ms
43ms Image
image/png 18.239.50.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/001/026/054/large/OFFICIAL-TRUMPVANCE-LOGO-BACKGROUND.png
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/stylesheets/rv_page_01j1x7n22ycv2mdt6dj4c5jswf/1721138745.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-31.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f6ae6ec61e2160f36c1997889b26a650802d5bf3f94d29755a592599a096a1a

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 14:00:46 GMT
x-amz-version-id: WsCdPEnHAsvd1JaCNKrUxbjZgpygl.Aw
via: 1.1 1d14130822f7563ef82bba830d521f72.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jul 2024 20:29:09 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 13431
etag: "9cb73af3c2ecf1c87983f538a6af1068"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 651855
x-amz-cf-id: hM8ZwQ5Lr1R-8CfPWe6A-xLJk2SMgM3KRagZ3lVHY-7bo_-tCyTHtA==

GET
H3 200 icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png
secure.winred.com/assets/ 290 B
819 B 81ms
75ms Image
image/webp 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/assets/icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:37 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: hXbHYJWz3a9hsw2ULn5n..kLMhrTBeT1
cf-cache-status: HIT
x-amz-request-id: 8G4KDYK38E7WJYJ3
age: 265
cf-polished: origFmt=png, origSize=560
content-disposition: inline; filename="icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.webp"
alt-svc: h3=":443"; ma=86400
content-length: 290
x-amz-id-2: IcHuCrYkYZKzFF5Gk+whF4l8eaGA2nDqderoq3XfQw1tz/AswuLhWjOr7Sc9i+oilL7Rt27ufrQ=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Jun 2024 01:35:41 GMT
server: cloudflare
etag: "571ee659b7ee9af9291e7dd8176721d5"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8a43cd22ec286551-LHR
expires: Tue, 16 Jul 2024 21:44:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 351 KB
116 KB 104ms
99ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0YWKLMCX4D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

934eae01ffeb7eb89b32f80152162806891139e7f3571f0324bd319acd49c7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 118582
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jul 2024 17:44:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 202ms
52ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 Jul 2024 16:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4530
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 16 Jul 2024 18:29:07 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 302ms
70ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:38 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220126-FRA

GET
H2 200 ratag Show response
a.ads.rmbl.ws/ 3 KB
2 KB 1035ms
227ms Script
application/javascript 172.98.56.41
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ads.rmbl.ws/ratag?id=AV-6622
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.98.56.41 , Canada, ASN399647 (RUMBLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 126db7fa6cdda345481779a5b721693eb2b9850d29c90914ff32d014079c2918

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:38 GMT
content-encoding: gzip
server: nginx
etag: W/"b467be32e4974b38f38aeb3d9a695138"
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=900
access-control-allow-credentials: true

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 246ms
63ms XHR
application/json 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://secure.winred.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 299 KB
101 KB 77ms
77ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d89418c24890c212bfbc53ce9d5d8fbeee9bde98ab97ed40eccd67c72564831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jul 2024 17:44:37 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame B59C 0
0 559ms
380ms Document
text/html 13.224.189.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-121.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2266
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jul 2024 17:06:53 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 12 Jul 2024 20:02:25 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-id: s2bXpvWhvC5UPpNOvGbrj-igfqKF5br3E4IMYFkDZm_vixgDpBKrPA==
x-amz-cf-pop: FRA2-C1
x-amz-meta-origin-agent-cluster: ?1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-with-muas-treatment-837b1207b81b537f93b33d4f9a115903.html
js.stripe.com/v3/ Frame BBF2 0
0 515ms
380ms Document
text/html 13.224.189.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-muas-treatment-837b1207b81b537f93b33d4f9a115903.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-121.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 44
cache-control: max-age=60, stale-while-revalidate=900
content-length: 663
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jul 2024 17:43:57 GMT
etag: "837b1207b81b537f93b33d4f9a115903"
last-modified: Tue, 16 Jul 2024 17:08:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-id: 9qNEDJgUX3v3G6l259zav7bW9LI5UCESroDkwI1ocZdrqoRh0I2xNg==
x-amz-cf-pop: FRA2-C1
x-amz-meta-origin-agent-cluster: ?1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-7328844db503aea19bc88ec3bad2977b.html
js.stripe.com/v3/ Frame 9D6A 0
0 511ms
382ms Document
text/html 13.224.189.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-7328844db503aea19bc88ec3bad2977b.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-121.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 1666
cache-control: max-age=31536000
content-encoding: gzip
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jul 2024 17:16:53 GMT
etag: W/"7328844db503aea19bc88ec3bad2977b"
last-modified: Tue, 16 Jul 2024 17:08:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-id: jXxpFfxviOGHXJbiMVA0-yvDQhIk1oZ2_QK5xDDz1NwdNC_CO2EcRw==
x-amz-cf-pop: FRA2-C1
x-amz-meta-origin-agent-cluster: ?1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 current_with_info Show response
app.winred.com/api/v3/users/ 162 B
1 KB 527ms
417ms XHR
application/vnd.api+json 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.winred.com/api/v3/users/current_with_info?organization_token=rv_org_6KNvU36Z2qWJ2gfUBWqGZGoc&redirect=https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-4f5c162463dc1dcd4420d92f355638ab612b863ba11d918050c9ecafbaad9969.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32cfc3ccec6e7666c2126db1549c9a3d849e7efb5c2a00072913a4dcc5e08871

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rack-cors-original-access-control-allow-origin: https://secure.winred.com
x-rack-cors: hit
date: Tue, 16 Jul 2024 17:44:38 GMT
x-rack-cors-original-access-control-max-age: 0
x-rack-cors-original-access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
content-encoding: br
x-rack-cors-original-access-control-allow-methods: GET, POST, OPTIONS
x-rack-cors-original-access-control-expose-headers
alt-svc: h3=":443"; ma=86400
x-request-id: e2413d30-ce2f-4bc4-bd8b-42b6e0110094
x-runtime: 0.010286
server: cloudflare
etag: W/"32cfc3ccec6e7666c2126db1549c9a3d"
access-control-max-age: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/vnd.api+json
access-control-allow-origin: https://secure.winred.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
vary: Origin
cf-ray: 8a43cd261ac4beb3-LHR

GET
H3 200 rv_page_01j1x7n22ycv2mdt6dj4c5jswf-5d58264402f2252722744e033318eb87f735a0c1 Show response
secure.winred.com/api/v3/donations/live/ 456 B
532 B 64ms
64ms XHR
application/json 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/api/v3/donations/live/rv_page_01j1x7n22ycv2mdt6dj4c5jswf-5d58264402f2252722744e033318eb87f735a0c1?stream_id=7031bf1858a9002b550822586d509f246b945713&_=1721151877218

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-4f5c162463dc1dcd4420d92f355638ab612b863ba11d918050c9ecafbaad9969.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6445b9cfadeb4afb5c17931b3457ed84561e8d3c9dc1016ef4179166746f4ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
X-CSRF-Token: bF2m5Q7aa1qdoi8bLZpyLXYDWBBqWK1rGigppoyCDDqkx3g4YxI/FhkTMdWj5CRS1klfOWn69F2bU5hZHpbe/Q==
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rack-cors: miss; no-origin
date: Tue, 16 Jul 2024 17:44:38 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 60
alt-svc: h3=":443"; ma=86400
x-request-id: c36a864d-f82c-46fd-9ae1-9e339cea0f71
x-runtime: 0.008190
server: cloudflare
etag: W/"a6445b9cfadeb4afb5c17931b3457ed8"
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: public, max-age=60
cf-ray: 8a43cd258fc86551-LHR
expires: Tue, 16 Jul 2024 17:45:38 GMT

GET
H3 200 rv_page_01j1x7n22ycv2mdt6dj4c5jswf-89a0a6f4ce37011a1e513e4828c6b0ca2a427eca Show response
secure.winred.com/api/v3/donations/live/ 466 B
532 B 59ms
58ms XHR
application/json 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/api/v3/donations/live/rv_page_01j1x7n22ycv2mdt6dj4c5jswf-89a0a6f4ce37011a1e513e4828c6b0ca2a427eca?stream_id=e238e620617cded18a9973ecfca57ddfbdf8fd41&_=1721151877219

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/assets/application-landing-page-4f5c162463dc1dcd4420d92f355638ab612b863ba11d918050c9ecafbaad9969.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abe5418d3635c22dac800167ab7409f547dbd1c7f4bac5f57eeef5fc378548a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
X-CSRF-Token: bF2m5Q7aa1qdoi8bLZpyLXYDWBBqWK1rGigppoyCDDqkx3g4YxI/FhkTMdWj5CRS1klfOWn69F2bU5hZHpbe/Q==
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rack-cors: miss; no-origin
date: Tue, 16 Jul 2024 17:44:38 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 51
alt-svc: h3=":443"; ma=86400
x-request-id: fbebb7ce-52a7-454f-920c-7e2e50b65850
x-runtime: 0.010460
server: cloudflare
etag: W/"abe5418d3635c22dac800167ab7409f5"
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: public, max-age=60
cf-ray: 8a43cd258fca6551-LHR
expires: Tue, 16 Jul 2024 17:45:38 GMT

GET
H2 200 controller-with-muas-treatment-837b1207b81b537f93b33d4f9a115903.html
js.stripe.com/v3/ Frame 456F 0
0 499ms
499ms Document
text/html 13.224.189.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-muas-treatment-837b1207b81b537f93b33d4f9a115903.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-121.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report

X-Content-Type-Options

nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 44
cache-control: max-age=60, stale-while-revalidate=900
content-length: 663
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jul 2024 17:43:57 GMT
etag: "837b1207b81b537f93b33d4f9a115903"
last-modified: Tue, 16 Jul 2024 17:08:28 GMT
server: Cloudfront
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-id: 9qNEDJgUX3v3G6l259zav7bW9LI5UCESroDkwI1ocZdrqoRh0I2xNg==
x-amz-cf-pop: FRA2-C1
x-amz-meta-origin-agent-cluster: ?1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-3cb0ee643c33ef4dddf33389585e97d8.html
js.stripe.com/v3/ Frame 9B14 0
0 467ms
381ms Document
text/html 13.224.189.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-3cb0ee643c33ef4dddf33389585e97d8.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-121.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1166
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jul 2024 17:25:13 GMT
etag: "3cb0ee643c33ef4dddf33389585e97d8"
last-modified: Tue, 16 Jul 2024 17:08:43 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-id: yqzySB75WYJ8RfitLP5wmUo1Ccl7P7pg-ZJDH-EIcL3oQSwLfaY5Dg==
x-amz-cf-pop: FRA2-C1
x-amz-meta-origin-agent-cluster: ?1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-3906b8b0e9120a10add9fa773cb3d6e0.html
js.stripe.com/v3/ Frame 73E9 0
0 460ms
386ms Document
text/html 13.224.189.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-3906b8b0e9120a10add9fa773cb3d6e0.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-121.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 74
cache-control: max-age=60, stale-while-revalidate=900
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jul 2024 17:44:07 GMT
etag: "3906b8b0e9120a10add9fa773cb3d6e0"
last-modified: Tue, 16 Jul 2024 17:08:43 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-id: HbCOsxEiUGAXd2t9vQtk1HOlJ-zku8n0T5LGPDSp5JHE2Q1QBXlc6A==
x-amz-cf-pop: FRA2-C1
x-amz-meta-origin-agent-cluster: ?1
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff

GET
H3 200 DJT-FLAGEMOJI.png
d35ligi1n5bgzc.cloudfront.net/widget_images/images/000/895/484/small_square/ 5 KB
5 KB 71ms
70ms Image
image/png 2600:9000:2744:8400:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/widget_images/images/000/895/484/small_square/DJT-FLAGEMOJI.png
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2744:8400:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 420ac6c617ee74fe7974f174a88e74d415000487a2e515797094e02e099b48ba

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: M4KLoYbFwXBAms0NGtqd77injo3C.q8l
date: Tue, 16 Jul 2024 06:21:03 GMT
via: 1.1 fecd699d6b5a3a8d83f9b476d9e7bc1c.cloudfront.net (CloudFront)
last-modified: Thu, 21 Mar 2024 05:29:44 GMT
server: AmazonS3
age: 41084
x-amz-cf-pop: MXP53-P4
x-amz-server-side-encryption: AES256
etag: "4911b815850d287208be1ce338439b2a"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4937
x-amz-cf-id: OgJUWKfVB85Y_G0liSyFbVb9lasb9LKC2nR2gNBhcV8j5EN11CoCfA==

GET
H3

200

main.js Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/ Frame DA29
Redirect Chain

https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

8 KB
4 KB

299ms
298ms

Script
application/javascript

2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b374dc2d1a31dfe9176abd0a43dbc798cb094184ead491b8570f0bda33311b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:38 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8a43cd286bd26551-LHR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 16 Jul 2024 17:44:38 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?
access-control-allow-origin: *
cache-control: max-age: 300, public
cf-ray: 8a43cd2608746551-LHR
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 1464ms
406ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0YWKLMCX4D&gtm=45je4790v9102512289z872350723za200zb72350723&_p=1721151876243&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1963534424.1721151878&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721151878&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&dt=MAGA&en=page_view&_fv=1&_nsi=1&_ss=1&ep.cookieDomain=auto&tfd=2849&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0YWKLMCX4D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 17:44:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11091438865/ 43 B
61 B 309ms
101ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11091438865/?random=1721151878178&cv=11&fst=1721151878178&bg=ffffff&guid=ON&async=1&gtm=45je4790v9102512289z872350723za200zb72350723&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&hn=www.googleadservices.com&frm=0&tiba=MAGA&npa=0&pscdl=noapi&auid=400251267.1721151878&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config%3BcookieDomain%3Dauto&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0YWKLMCX4D&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 17:44:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
223 B 293ms
292ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=421709144&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&ul=en-gb&de=UTF-8&dt=MAGA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=449916808&gjid=459798321&cid=1963534424.1721151878&tid=UA-60901920-1&_gid=1308802460.1721151878&_r=1&_slc=1&gtm=45He4790n71M27JCGv72350723za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=282858077

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2be40f02e37e46e793761339c8501e3a1f629b120a7e0335a0540606bdd5fb2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 17:44:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
71 B 284ms
283ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=421709144&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&ul=en-gb&de=UTF-8&dt=MAGA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAEK~&jid=1577097316&gjid=992926405&cid=1963534424.1721151878&tid=UA-73658561-7&_gid=1308802460.1721151878&_slc=1&gtm=45He4790n71NTQZ9Nv72410129za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&cd61=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&z=2006826121

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 17:44:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 1499ms
440ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-73658561-7&cid=1963534424.1721151878&jid=1577097316&gjid=992926405&_gid=1308802460.1721151878&_u=YCDAiEABBAAAAGAEK~&z=969656998

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Jul 2024 17:44:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 69ms
66ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=421709144&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&ul=en-gb&de=UTF-8&dt=MAGA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=donation%20landing%20page&ea=user%20session%20start&el=landing%20page%20settings&_u=YCDAiEABBAAAAGAEK~&jid=&gjid=&cid=1963534424.1721151878&tid=UA-73658561-7&_gid=1308802460.1721151878&gtm=45He4790n71NTQZ9Nv72410129za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&cd41=anonymous&cd58=f&cd61=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&z=1567288605

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 11:46:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21518
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect Show response
gtm.winred.com/g/ 775 B
1 KB 1888ms
873ms XHR
text/plain 2606:4700::6810:e534
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je4790v867905447z872410129za200zb72410129&_p=1721151876243&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1963534424.1721151878&ecid=1838719355&ul=en-gb&sr=1600x1200&_fplc=0&ur=GB-NIR&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.gse=1&sst.etld=google.co.uk&sst.gcsub=region1&sst.gcd=13l3l3l3l1&sst.tft=1721151876243&sst.ude=0&_s=1&sid=1721151878&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&dt=MAGA&en=page_view&_fv=1&_ss=1&ep.pagepath=%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&epn.load_time_sec=-1721151875.3&epn.event_fire_time=1721151877839&ep.event_uuid=6d676148-0b93-4d17-bfff-e62d53eb1748&ep.isVideoPage=f&ep.referrer=&tfd=2973&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e534 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2941cb232ae2c0eb343a12f2020c0271154e8d73c006575c5baa7012146dd6e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8a43cd2fbe2b76f3-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsct
t.co/1/i/ 43 B
251 B 835ms
488ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4331b5c0-ed03-4596-a3ad-d312bf4a2ba9&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=d7cbe24b-21be-4e58-b223-6b16dddc8bc0&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&tw_iframe_status=0&txn_id=of93e&type=javascript&version=2.3.30

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 189
date: Tue, 16 Jul 2024 17:44:39 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 10b70b29b6c935af
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 86d09cd1a9daa65bfbcca9bde5c18bf1b92625ce798c43931a6bab67f1648a5c
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
572 B 531ms
334ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4331b5c0-ed03-4596-a3ad-d312bf4a2ba9&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=d7cbe24b-21be-4e58-b223-6b16dddc8bc0&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&tw_iframe_status=0&txn_id=of93e&type=javascript&version=2.3.30

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 183
date: Tue, 16 Jul 2024 17:44:39 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 137a8a741d5dfaef
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 0ec3e9d2082782e37fb1383fb6372ba3b58b91b60cd4ec76a27f4563444b98d8
content-length: 43

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 192ms
159ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c22a5c3a-f255-4173-835d-c995f823c45b&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=d7cbe24b-21be-4e58-b223-6b16dddc8bc0&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&tw_iframe_status=0&txn_id=ol48j&type=javascript&version=2.3.30

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 113
date: Tue, 16 Jul 2024 17:44:39 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: b86bbbc8c7bc0b6d
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: bbbccae740048ae0fb2a76870f83c160b1c35795ae25767fa9f568178f6a6b21
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
727 B 221ms
161ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c22a5c3a-f255-4173-835d-c995f823c45b&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=d7cbe24b-21be-4e58-b223-6b16dddc8bc0&tw_document_href=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&tw_iframe_status=0&txn_id=ol48j&type=javascript&version=2.3.30

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 114
date: Tue, 16 Jul 2024 17:44:40 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 067545c818f3fccf
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 0ec3e9d2082782e37fb1383fb6372ba3b58b91b60cd4ec76a27f4563444b98d8
content-length: 43

POST
H3 200 8a43cd180c756551 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame DA29 0
435 B 378ms
362ms XHR
text/plain 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/jsd/r/8a43cd180c756551

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 Jul 2024 17:44:39 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 8a43cd2fbdda6551-LHR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
97 KB 141ms
128ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HNR33QTX08&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb7e4480b71ea5b7b3f605ac49c47f6b69b99131bf439a15d1f667edae735edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99642
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jul 2024 17:44:40 GMT

GET
H3 200 collect Show response
gtm.winred.com/g/ 537 B
947 B 858ms
857ms XHR
text/plain 2606:4700::6810:e534
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je4790v867905447z872410129za200zb72410129&_p=1721151876243&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1963534424.1721151878&ecid=1838719355&ul=en-gb&sr=1600x1200&_fplc=0&ur=GB-NIR&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.gse=1&sst.etld=google.co.uk&sst.gcsub=region1&sst.gcd=13l3l3l3l1&sst.tft=1721151876243&sst.ude=0&_s=2&sid=1721151878&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&dt=MAGA&en=user%20session%20start&ep.pagepath=%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&epn.load_time_sec=-1721151875.3&epn.event_fire_time=1721151877967&ep.event_uuid=6683b256-2c67-4c7b-89c4-186b4076ebf5&ep.isVideoPage=f&ep.referrer=&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&_et=8&tfd=4061&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:e534 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2524452dfffb150434a67536d4255e7c0f05c44bc61541d8ff63060db7b1a8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8a43cd2fbe2e76f3-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 hcaptcha-invisible-1146007db5d62693fb50890941527270.html
js.stripe.com/v3/ Frame 596E 0
0 65ms
36ms Document
text/html 13.224.189.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-1146007db5d62693fb50890941527270.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-121.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-aRJ6aqnQG+mZtcUQxb0OOXz7Hp9HYq7PqSUTSzhChfw='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 1666
cache-control: max-age=31536000
content-encoding: gzip
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-aRJ6aqnQG+mZtcUQxb0OOXz7Hp9HYq7PqSUTSzhChfw='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jul 2024 17:16:55 GMT
etag: W/"04c415b9a0c8e9137346bb53b00b0eda"
last-modified: Tue, 16 Jul 2024 17:08:42 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-id: 0Sm-lTRVGrxY3_iYtHG5p9R_aoWF4oT-ItjFBzQK45nRlP2f2O24yg==
x-amz-cf-pop: FRA2-C1
x-amz-meta-origin-agent-cluster: ?1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 204 collect
region1.analytics.google.com/g/s/ 0
55 B 112ms
98ms Image
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://region1.analytics.google.com/g/s/collect?dma=0&gtm=45j91e47b0v867905447z872410129z9867900975za200zb72410129&_gsid=X6H0114PDFy55zD0winngIWlbsK87XEw
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 17:44:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
325 B 216ms
85ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=0&tid=G-X6H0114PDF&cid=%2Ff9XyZVuMfLK35NqzjDYSds7pewVGEODgqBcmMyQH68%3D.1721151878&gtm=45j91e47b0v867905447z872410129z9867900975za200zb72410129&aip=1&z=1730828830

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 17:44:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 collect
stats.g.doubleclick.net/g/ 0
57 B 111ms
98ms Image
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=0&tid=G-X6H0114PDF&cid=%2Ff9XyZVuMfLK35NqzjDYSds7pewVGEODgqBcmMyQH68%3D.1721151878&gtm=45j91e47b0v867905447z872410129z9867900975za200zb72410129&aip=1
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 17:44:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 collect
region1.analytics.google.com/g/s/ 0
53 B 79ms
71ms Image
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://region1.analytics.google.com/g/s/collect?dma=0&gtm=45j91e47b1h2v867905447z872410129z9867900975za200zb72410129&_gsid=X6H0114PDFuwGzbkWiEBCP1m_3TnSkcg
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 17:44:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
325 B 100ms
84ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=0&tid=G-X6H0114PDF&cid=%2Ff9XyZVuMfLK35NqzjDYSds7pewVGEODgqBcmMyQH68%3D.1721151878&gtm=45j91e47b1h2v867905447z872410129z9867900975za200zb72410129&aip=1&z=721303252

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 17:44:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
0 102ms
87ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HNR33QTX08&gtm=45je4790v9164375506za200&_p=1721151876243&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-gb&sr=1600x1200&cid=1963534424.1721151878&_ng=1&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&dt=MAGA&sid=1721151880&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5310&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HNR33QTX08&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 17:44:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 104ms
89ms Ping
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-HNR33QTX08&cid=1963534424.1721151878&gtm=45je4790v9164375506za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HNR33QTX08&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 17:44:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.winred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 100ms
79ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-HNR33QTX08&cid=1963534424.1721151878&gtm=45je4790v9164375506za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0&z=406804672

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 17:44:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 161ms
161ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11094181768

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f96d09c2e6dfba4e798e019962bf7e3494e0c0b544a3b633b5d6f3d22952afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 17:44:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93228
x-xss-protection: 0
last-modified: Tue, 16 Jul 2024 16:19:29 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Jul 2024 17:44:41 GMT

POST
H3 204 rum Show response
secure.winred.com/cdn-cgi/ 0
142 B 133ms
130ms XHR
text/plain 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 16 Jul 2024 17:44:41 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://secure.winred.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8a43cd3b1d7f6551-LHR

GET
H3 200 Artboard.png
d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/ 1 KB
2 KB 109ms
95ms Other
image/png 2600:9000:2744:8400:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/Artboard.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2744:8400:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc1c77849ba3a6020b87884599c1aefa09a9e1d7bfed95ad3deec6a5d4c08902

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: FN8PLjpE4LnyaM50_d0emgSd0vAz496F
date: Tue, 16 Jul 2024 08:07:49 GMT
via: 1.1 fecd699d6b5a3a8d83f9b476d9e7bc1c.cloudfront.net (CloudFront)
age: 34641
x-amz-cf-pop: MXP53-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1512
last-modified: Wed, 10 Jul 2019 18:21:57 GMT
server: AmazonS3
etag: "7b9c8b7070c8f9c81fc9a133d26daf4e"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: ZLcJ1XZqHO-3NVFI4e2tOZ7u-M5-0r273JT63Pm0GRLFwcOLBJ0dDA==

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11094181768/ 43 B
62 B 573ms
461ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11094181768/?random=1721151882035&cv=11&fst=1721151882035&bg=ffffff&guid=ON&async=1&gtm=45be4790v9102692410za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.winred.com%2Ftrump-national-committee-jfc%2Flp-agenda-47-v00&hn=www.googleadservices.com&frm=0&tiba=MAGA&npa=0&pscdl=noapi&auid=400251267.1721151878&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11094181768

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 17:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/8b/intl/en_gb/ 255 KB
56 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/8b/intl/en_gb/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85a46c57a949ac65359ac89e866a2d498aaa63c267e8c98071bcf6ba0e89169b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 04:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57082
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 16:20:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jul 2025 04:01:31 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/8b/intl/en_gb/ 185 KB
56 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/8b/intl/en_gb/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258998b9c651763e295ad46d630922657847afa86d5bff0e6c59fb64e0c46d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.winred.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 06:31:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57712
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 16:20:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jul 2025 06:31:46 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.winred.com/api/v3/users	1970-01-21 07:41:51	Name: rvid Value: e8bfc9f2-8d3a-4f53-9862-88520738ce38
.secure.winred.com/	1970-01-20 22:05:53	Name: __cf_bm Value: YPyrobZI1BciycFjc4qvfPmfLeXjGgW02uy_StytONw-1721151876-1.0.1.1-NqSIYmDtsf_.ZFG265I8.UQCnciMcO7NCb6QSNKdIthbXvcF_IfB7lyy9DKYpHOj.8M_9Kp2aPI.EUQYvOXNvw
.winred.com/	1970-01-21 00:15:27	Name: _gcl_au Value: 1.1.400251267.1721151878
secure.winred.com/	1969-12-31 23:59:59	Name: origin_url Value: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00
.winred.com/	1970-01-21 07:41:51	Name: _ga_0YWKLMCX4D Value: GS1.1.1721151878.1.0.1721151878.0.0.0
.winred.com/	1970-01-20 22:07:18	Name: _gid Value: GA1.2.1308802460.1721151878
.winred.com/	1970-01-20 22:05:51	Name: _gat_UA-60901920-1 Value: 1
.winred.com/	1970-01-20 22:05:51	Name: _dc_gtm_UA-73658561-7 Value: 1
.winred.com/	1970-01-21 07:41:51	Name: _ga Value: GA1.1.1963534424.1721151878
.winred.com/	1969-12-31 23:59:59	Name: _revv_v3_session Value: bS81SHJGa1pnemtaUHQrOXkxTGhra3NHYTlGS3pVbTdldGI2aVEzT290NC80ZURTQVNTNk5iTlRKaXlMQzRKUzZBZFNQMUFSZjlQRm4yblRyZjhNQWZBczJJMWd1Vldyb0lmZVJHQ3hZQ2I1T0JiUUFvNmRQMms3R1FJc0syZE44L2p0bUFRTGdMenRyVk1YQlZScWgrK01CMFhvSU5JMXI5UTlMYXQ2dVRrWDFNK3QwODU5VUt0c29LQWhFaUNrWG5GOVRpZkJHL291K01JYVFhWmsrcWVJYUxZQWZEcFVRZUNFUDZXVTNZYW80ZDJuWGdud2tzTGZYL3gzRmNMUmRFMmtlQjNCOFY0VS93M21udi9Ed09zOVQ1cmdoNmUvNGtnVW5NcE1aSHV0TjdRMVhhNE5xTWVQcnZpd1NQWkJ4d2FVNERXK3hISkNFdDZkWERGbDZScFdmT01nNE1jNElIUmVRNzdjQmk0PS0tOUtHa3pHTFB1RmNBOFBhSWFoUjdDdz09--64409d193e00383629721012b29b3e0fdba46033
secure.winred.com/	1969-12-31 23:59:59	Name: sso_tries Value: 1
secure.winred.com/	1970-01-21 07:41:51	Name: rvid Value: e8bfc9f2-8d3a-4f53-9862-88520738ce38
secure.winred.com/	1970-01-21 00:29:51	Name: _cids Value: W10=
.secure.winred.com/	1970-01-21 06:51:27	Name: cf_clearance Value: GLdPxditp9f_OCThFJNzQbmvcoEeKxuay.s6Te.9fm8-1721151879-1.0.1.1-8bkWyCaBrlOft.tYwQzhb_Bai5OT8uAsPE4LIaHc9XryPzWbSNB_2zBluW7HGeu_GDilXwFsprvVcItmBsQBEg
.winred.com/	1970-01-21 07:41:51	Name: FPID Value: FPID2.2.%2Ff9XyZVuMfLK35NqzjDYSds7pewVGEODgqBcmMyQH68%3D.1721151878
.winred.com/	1970-01-20 22:07:03	Name: FPLC Value: SmApNYERyQ8MBSA3oj0xHA2tT5GVoPQOgharJGe2H%2BmaTKys121yANQ9HdUaZviDPdHsbTNAVgB28T10Zqh7MJeO4YbJKyw5zFY1bmwjli6ST7p2Jf5bQVx72MRk0g%3D%3D
.winred.com/	1970-01-20 22:05:53	Name: FPGSID Value: 1.1721151880.1721151880.G-X6H0114PDF.uwGzbkWiEBCP1m_3TnSkcg
.winred.com/	1970-01-21 07:41:51	Name: _ga_HNR33QTX08 Value: GS1.2.1721151880.1.0.1721151880.60.0.0
.twitter.com/	1970-01-21 07:41:51	Name: guest_id_marketing Value: v1%3A172115188037329273
.twitter.com/	1970-01-21 07:41:51	Name: guest_id_ads Value: v1%3A172115188037329273
.twitter.com/	1970-01-21 07:41:51	Name: personalization_id Value: "v1_QsyXoblAaXRPnjXSRVUO/Q=="
.twitter.com/	1970-01-21 07:41:51	Name: guest_id Value: v1%3A172115188037329273
.t.co/	1970-01-21 07:41:51	Name: muc_ads Value: e0b1f8f6-7a0c-4e28-8adb-42962daa004e
m.stripe.com/	1970-01-21 07:41:51	Name: m Value: ad43b06c-1148-4d77-b5dd-1f0b9f61177f0f9c06
.secure.winred.com/	1970-01-21 06:51:27	Name: __stripe_mid Value: cbdadf02-370b-4300-aeaa-fe30c294ba46589e2b
.secure.winred.com/	1970-01-20 22:05:53	Name: __stripe_sid Value: 52bdbc77-76fc-4c91-a231-18fc2fd0f689e674fa
.winred.com/	1970-01-21 07:41:51	Name: _ga_X6H0114PDF Value: GS1.1.1721151878.1.0.1721151881.0.0.1838719355
api2.hcaptcha.com/	1970-01-20 22:05:53	Name: __cflb Value: 04dTobrcPfCH2Cv1uxYioAFTikqddqvSsUVFJRxDmo
.doubleclick.net/	1970-01-21 07:41:51	Name: IDE Value: AHWqTUmOlz4KLHLLxiIhWMAkT0fldntX1SN_ohmPHmDjzgYMng5E84g8flwbWVvr
api2.hcaptcha.com/	1970-01-20 22:49:03	Name: hmt_id Value: c08f1200-603b-41b7-af17-b267998e468c

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00 Message: [DOM] Found 2 elements with non-unique id #conduit_employer_name: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00 Message: [DOM] Found 2 elements with non-unique id #conduit_mobile_number: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00 Message: [DOM] Found 2 elements with non-unique id #conduit_not_employed: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00 Message: [DOM] Found 2 elements with non-unique id #conduit_occupation: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00 Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00 Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00 Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://secure.winred.com/trump-national-committee-jfc/lp-agenda-47-v00 Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ads.rmbl.ws
analytics.twitter.com
app.winred.com
d35ligi1n5bgzc.cloudfront.net
googleads.g.doubleclick.net
gtm.winred.com
js.stripe.com
lh7-us.googleusercontent.com
maps.googleapis.com
region1.analytics.google.com
region1.google-analytics.com
secure.winred.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
www.google-analytics.com
www.google.co.uk
www.googletagmanager.com
104.244.42.195
13.224.189.121
146.75.120.157
151.101.0.176
172.98.56.41
18.239.50.31
2001:4860:4802:32::36
2001:4860:4802:34::36
2600:9000:2744:8400:0:7d26:ee00:93a1
2606:4700::6810:5049
2606:4700::6810:e534
2606:4700::6813:d359
2606:4700::6813:d459
2a00:1450:4001:801::2008
2a00:1450:4001:802::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:400c:c04::9b
93.184.221.165
05ec088dcdbf442a3c595dfc067f01b4e960a60d3d7e3178c56a2b2f3ffeb974
0a5218f3675a4ccda81b12b5121a4127434fcab9eb0712f08c917fda3fcdf60f
126db7fa6cdda345481779a5b721693eb2b9850d29c90914ff32d014079c2918
1a3deacd1799bf73a270353064e107ac0ccc729f69f360908e491ec50875dc19
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e19ab777d416ab8585e83bb348451e0a4717b92e7cbb1f74900af55876f2ad9
258998b9c651763e295ad46d630922657847afa86d5bff0e6c59fb64e0c46d82
2941cb232ae2c0eb343a12f2020c0271154e8d73c006575c5baa7012146dd6e2
2be40f02e37e46e793761339c8501e3a1f629b120a7e0335a0540606bdd5fb2d
32cfc3ccec6e7666c2126db1549c9a3d849e7efb5c2a00072913a4dcc5e08871
36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284
3f6ae6ec61e2160f36c1997889b26a650802d5bf3f94d29755a592599a096a1a
3f96d09c2e6dfba4e798e019962bf7e3494e0c0b544a3b633b5d6f3d22952afb
420ac6c617ee74fe7974f174a88e74d415000487a2e515797094e02e099b48ba
455d931923a1399e40980a05030ccca274f7ff53018307091dee2dd48d25ee30
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848
688ec0c0a9e5abb83925944f5bd9363ae386f0269f001264f9ea67d9e02fbca7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d89418c24890c212bfbc53ce9d5d8fbeee9bde98ab97ed40eccd67c72564831
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a46c57a949ac65359ac89e866a2d498aaa63c267e8c98071bcf6ba0e89169b
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
934eae01ffeb7eb89b32f80152162806891139e7f3571f0324bd319acd49c7a8
96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962
9dca704c8f7b7ca488e4ae62a2e3a0b8f380bc58e2224796f35d967f09dcff3d
a6445b9cfadeb4afb5c17931b3457ed84561e8d3c9dc1016ef4179166746f4ef
abe5418d3635c22dac800167ab7409f547dbd1c7f4bac5f57eeef5fc378548a3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b374dc2d1a31dfe9176abd0a43dbc798cb094184ead491b8570f0bda33311b58
c55f9ced964923aa6bb9767c8c4ac9d7f18572bcbe9ae8ee1f0c1637c679a169
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbdaaec3f5d16ee5c37264f29b0f36fd1c82a7afab4f79353a0678b19a31fb38
ce483bd57a7d0576c16db84df9cf92b4d94a2c8472f3254dbd2a759704d0fbfd
d07d38370c5ab3246c171ad58a86eaf8ba0b477c9e50909e224964b1866e285c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2524452dfffb150434a67536d4255e7c0f05c44bc61541d8ff63060db7b1a8b
f60fd3d9104ea6756fd5b635f33aa45e9028633172966aac990c8376fb75dd9e
fb7e4480b71ea5b7b3f605ac49c47f6b69b99131bf439a15d1f667edae735edc
fc1c77849ba3a6020b87884599c1aefa09a9e1d7bfed95ad3deec6a5d4c08902

secure.winred.com Open in urlscan Pro 2606:4700::6813:d359 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

98 %HTTPS

67 %IPv6

15 Domains

19 Subdomains

21 IPs

5 Countries

2419 kBTransfer

5471 kBSize

30 Cookies

8 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.winred.com Open in urlscan Pro
2606:4700::6813:d359 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

98 %
HTTPS

67 %
IPv6

15
Domains

19
Subdomains

21
IPs

5
Countries

2419 kB
Transfer

5471 kB
Size

30
Cookies

63 HTTP transactions
0 data transactions