Report - Us4.co/medpgo

Report Overview

Visited public
2024-10-26 21:28:45
Tags
URL
Us4.co/medpgo
Finishing URL
secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517
IP / ASN
13.248.192.114
#16509 AMAZON-02
Title
Early Vote Action

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
app.winred.com	252318	unknown	No data	No data	1.2 kB	12 kB	104.19.211.89
api.hcaptcha.com	63834	unknown	No data	No data	1.2 kB	5.2 kB	104.19.229.21
m.stripe.network	1204	unknown	No data	No data	1.5 kB	27 kB	54.240.174.84
m.stripe.com	1092	unknown	No data	No data	2.1 kB	4.1 kB	54.148.147.183
merchant-ui-api.stripe.com	unknown	unknown	No data	No data	533 B	4.4 kB	54.170.183.1
js.stripe.com	1149	unknown	No data	No data	12 kB	1.3 MB	151.101.128.176
maps.googleapis.com	33876	unknown	No data	No data	1.8 kB	240 kB	142.250.74.10
www.google.com	7	unknown	No data	No data	757 B	455 B	142.250.74.100
hcaptcha.com	5458	unknown	No data	No data	432 B	151 kB	104.19.229.21
newassets.hcaptcha.com	11055	unknown	No data	No data	1.6 kB	1.4 MB	104.19.229.21
static.cloudflareinsights.com	1294	unknown	No data	No data	500 B	20 kB	104.16.79.73
d35ligi1n5bgzc.cloudfront.net	unknown	unknown	No data	No data	1.9 kB	3.7 MB	54.240.174.73
b.stripecdn.com	82562	unknown	No data	No data	2.0 kB	136 kB	151.101.128.176
r.stripe.com	5180	unknown	No data	No data	3.6 kB	5.2 kB	54.187.159.182
secure.winred.com	84060	unknown	No data	No data	25 kB	504 kB	104.19.212.89
www.googletagmanager.com	75	unknown	No data	No data	1.8 kB	417 kB	142.250.74.168
us4.co	unknown	unknown	No data	No data	467 B	390 B	3.33.253.57
challenges.cloudflare.com	unknown	unknown	No data	No data	3.6 kB	218 kB	104.18.95.41
gtm.winred.com	unknown	unknown	No data	No data	8.6 kB	44 kB	104.16.229.52

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (67)

	URL	From	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c	ScriptElement	322 kB	2024-10-26	2024-10-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash 3f54c9744d51bf3ee5b30e579829d7c3 8cc89f957526cc1a734cf9e3c2c49a9082934a89 d4c60b61206eb1d9a985ac564e8eee15b93ad4b0219e3e360edb688181e27dae Loading...

	newassets.hcaptcha.com/captcha/v1/8352e07/static/hcaptcha.html#frame=challenge&id=06rdjcqiyj0s&host=b.stripecdn.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&size=invisible&theme=light&origin=https%3A%2F%2Fb.stripecdn.com	ScriptElement	358 kB	2024-10-17	2024-10-28
Pretty URL newassets.hcaptcha.com/captcha/v1/8352e07/static/hcaptcha.html#frame=challenge&id=06rdjcqiyj0s&host=b.stripecdn.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&size=invisible&theme=light&origin=https%3A%2F%2Fb.stripecdn.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-17 17:29 Last Seen2024-10-28 13:36 Times Seen49 Hash ecc62e1c502dc9e99060c4c121910c95 5c6b5e96c931e0cfaefcfaa108010c7552adb186 670a771acbbda8a70018e1b4bb78240cce367d04157fa931b3fa1c5dfe0db2a6 Loading...

	maps.googleapis.com/maps-api-v3/api/js/58/10/common.js	ScriptElement	274 kB	2024-10-23	2024-10-30
Pretty URL maps.googleapis.com/maps-api-v3/api/js/58/10/common.js IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-23 20:51 Last Seen2024-10-30 16:56 Times Seen467 Hash 429e2c94ad6f3495539a7abf95c6e608 2f6a84081093967baa50e00d4df7f8cc45cdd19d 0b73d8c2668c726bb234ca3e92ce1fd27a00fce21b84b68004fe67f8148a3507 Loading...

	m.stripe.network/out-4.5.43.js	ScriptElement	89 kB	2023-06-30	2025-01-28
Pretty URL m.stripe.network/out-4.5.43.js IP 54.240.174.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-30 16:45 Last Seen2025-01-28 16:47 Times Seen8249 Hash 69cb7809b5011312e716f29b3d19dce6 833dabfb546d57065aeba7190b5ee5a2428dfa47 e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c Loading...

	js.stripe.com/v3/fingerprinted/js/controller-c8a294db8694d3aedac94fdfdbc35053.js	ScriptElement	900 kB	2024-10-26	2024-10-28
Pretty URL js.stripe.com/v3/fingerprinted/js/controller-c8a294db8694d3aedac94fdfdbc35053.js IP 151.101.128.176 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-26 04:55 Last Seen2024-10-28 13:36 Times Seen18 Hash eb307bb9baa2c9a1edc99e397a03260e 4b26f8420e1bfcdf003c44c51be04fa7fe5891e4 5c1f228e5e6369bf8a28b2050b7461461bcb89ac7d3b3dcff3fc11ea8e3a98b1 Loading...

	secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517	ScriptElement	347 B	2023-12-05	2025-04-16
Pretty URL secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 IP 104.19.212.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-05 08:17 Last Seen2025-04-16 13:08 Times Seen162 Hash 17dbe1b7c453a27cdcd7daf9f03245d7 a431adfa6f399ca91e5bf68ff5c203b5b393de1c 63adae0a5c474fffa9e0389932769960e9e197e7fc7af9bb6c617b4c3678d1f8 Loading...

	unknown	ScriptElement	236 B	2024-10-26	2024-10-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash 5fd8e693574ebcf5ec8f4fdac784cdbd 350d86c5d500793f60c6ae4be7d48a8027a11d58 56c13386d0f55cc9a45aea6d4e04f2b6f4729cf3577290ba5a5928a4c1a46031 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PR2XM7C	ScriptElement	220 kB	2024-10-26	2024-10-26
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PR2XM7C IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash 04cb6afbe50f2869f44b822be2abdfc1 c09c1e341b09e2e8ebbf7782e887cb380d2b00f3 844e4753b4e0a4a6ae94d179c5de1d0d5ed29396bf61c6e17322b3f733641255 Loading...

	newassets.hcaptcha.com/c/0d69d1a359119bd0e2c5ca7f11f300ac050517fd19b612f86c0c75a2b0b39cbe/hsw.js	ScriptElement	684 kB	2024-10-18	2024-11-11
Pretty URL newassets.hcaptcha.com/c/0d69d1a359119bd0e2c5ca7f11f300ac050517fd19b612f86c0c75a2b0b39cbe/hsw.js IP 104.19.229.21 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-18 14:21 Last Seen2024-11-11 14:25 Times Seen98 Hash d490ba95de99d7c025179f7883fed554 3234a76a0783bb7e2123c4aabb1271f213d263d0 d930d871dd3f401b42463aea597114acd2c2818403557dba24cb01f8c2569689 Loading...

	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-04-26
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-07 09:21 Last Seen2025-04-26 02:36 Times Seen47484 Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Loading...

	maps.googleapis.com/maps-api-v3/api/js/58/10/util.js	ScriptElement	194 kB	2024-10-23	2024-10-30
Pretty URL maps.googleapis.com/maps-api-v3/api/js/58/10/util.js IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-23 20:51 Last Seen2024-10-30 16:56 Times Seen468 Hash d24159d6b6effd13d0c781cbb950d73c 25204616ad3b9e787ed1c62cacc935aa79e5bf45 faf393cfcf0dd3586bc5b4d4daf75755215c8f8642fd117a184d44328e056a00 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N	ScriptElement	518 kB	2024-10-26	2024-10-26
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash dbb471e139d2587ffee72a883ef71214 5f5e82d94112cad33263c112ea72dfd5992cc723 c8fec1faaa2505e452c2bf55886efcbce87b135cc73c206d43f15001b5432a17 Loading...

	secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/sandbox%20eval%20code		147 B	2023-04-11	2025-04-26
Pretty URL secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-04-26 02:47 Times Seen338008 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.1 kB	2024-10-26	2024-10-26
Pretty URL secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.19.212.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash a9242773845d85fb032b1204e65823ca f8a0cbf0b85aa19e96a06abf8e44eea9cbfe54f6 314f94072b17532f42ab6034d8ac9ddb6ba69ccc311490e4fe6a7b07c2152442 Loading...

	unknown	Function	48 B	2023-04-11	2025-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:45 Last Seen2025-04-26 02:35 Times Seen12124 Hash 43d643e449b4ea13394fe737b1d6a447 1c03d56d955fd266d7659379e63d5711bd5382db 4817661f6ac7d2e1691bc3aeb9966e66012891ccda569ff872dc0932010c540d Loading...

	js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js	ScriptElement	526 B	2023-03-07	2025-04-26
Pretty URL js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js IP 151.101.128.176 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-04-26 02:35 Times Seen8269 Hash d96c709017743c0759cf3853d1806ba5 72e21587610c49c8305a55e71f73fa88ed618205 ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652 Loading...

	secure.winred.com/assets/application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js	ScriptElement	503 kB	2024-09-13	2024-11-05
Pretty URL secure.winred.com/assets/application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js IP 104.19.212.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-13 22:14 Last Seen2024-11-05 19:08 Times Seen29 Hash 2e4172212ac6645eac9ef551e4f1cc65 6c9f7fdbed9d0cb28797287cc8553e97cd98d37e 34dbbeedb5f41467c45409cfe22b5398a1e7410ae53e0f2a196a706db6d62107 Loading...

	secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517	ScriptElement	345 B	2024-10-26	2024-11-05
Pretty URL secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 IP 104.19.212.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-26 21:29 Last Seen2024-11-05 19:08 Times Seen2 Hash a8ca2950c39d5527c58fae01d40e8d7f 4d617539a8fdda4e190ee8fd1b572bc21a130a55 80e3549c56cb37d95c3e0e1852be0fcb381d19ebd346fc01732516ab542bd3e4 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-04-26
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-04-26 02:47 Times Seen337214 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	js.stripe.com/v3/fingerprinted/js/shared-89d92178faa14a839f9fd7700c29559f.js	ScriptElement	672 kB	2024-10-26	2024-10-28
Pretty URL js.stripe.com/v3/fingerprinted/js/shared-89d92178faa14a839f9fd7700c29559f.js IP 151.101.128.176 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-26 04:55 Last Seen2024-10-28 13:36 Times Seen18 Hash c9dfd872e4364bde6046ff188932f503 b936767d68d80878f5fc6c961184e87a4293fd94 378a2e795fd4105138e2a06fa6314a26427f463cff60cc739ebee3e7d2bf251e Loading...

	secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517	ScriptElement	62 B	2023-03-07	2025-04-15
Pretty URL secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 IP 104.19.212.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 22:21 Last Seen2025-04-15 10:00 Times Seen173 Hash a4268d9863e47b139253d2ceddb13092 dc021529c308a21d8e9ea248de2b1395ff526330 0a3a4a95d3438a765fed5d98fa0dfce58897106abbdfb3135b1c3e4d1733cef1 Loading...

	hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit	ScriptElement	151 kB	2024-10-17	2024-10-28
Pretty URL hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit IP 104.19.229.21 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-17 17:29 Last Seen2024-10-28 13:36 Times Seen82 Hash 707d2441020d21c1a4992e879c8be91f ebe5d7846e6125baaec14d36e0aa553ed8a82e82 7263c4508d7b37b27c45c5b54f4839ce8574ae63032d7ace5e15412859e6b9fc Loading...

	m.stripe.network/inner.html#url=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&title=Early%20Vote%20Action&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&muid=NA&sid=NA&version=6&preview=false	ScriptElement	827 B	2023-06-30	2024-12-05
Pretty URL m.stripe.network/inner.html#url=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&title=Early%20Vote%20Action&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&muid=NA&sid=NA&version=6&preview=false IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 16:45 Last Seen2024-12-05 22:09 Times Seen8084 Hash 1f54cecc3b769967137af0567a96ec3d bda8188907959253112d6639984e671ede889b41 0ea22f8a5f8ae43c169a5bf57522c356130b13eaab2629ff5712a9af29118a40 Loading...

	www.googletagmanager.com/gtag/js?id=G-XQC94J3YLE&l=dataLayer&cx=c	ScriptElement	322 kB	2024-10-26	2024-10-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-XQC94J3YLE&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash 0f9d15f2fc7fe59e33ea1541904ef8bc 5330cae6e5d19040d012e328ab9778df02753898 b50cd966bd42d560d4d32ba9dc982f994e10b3b6d1e7cec5424f84e947e8f68d Loading...

	js.stripe.com/v3/fingerprinted/js/elements-inner-card-3678c1b3145b2c17eec841b8c155a5be.js	ScriptElement	56 kB	2024-10-20	2024-11-05
Pretty URL js.stripe.com/v3/fingerprinted/js/elements-inner-card-3678c1b3145b2c17eec841b8c155a5be.js IP 151.101.128.176 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-20 16:15 Last Seen2024-11-05 21:10 Times Seen26 Hash fd0e50b04e34a20e3da7ddce21e40278 1d626e58f842c219c4832e603f92cae30eff2d6b e7435466ce63e6ef2ed25909bbaf1fc37274087185eac417f69573af9f9e40d3 Loading...

	maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places	ScriptElement	385 kB	2024-10-26	2024-10-26
Pretty URL maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-26 19:32 Last Seen2024-10-26 21:29 Times Seen2 Hash 5cb69c2a42c337eb0bf423ca997c750a 8eaeda6be130cd347b694efe401fc94bd00095f7 7be8aac204e35696f9b89fc70b00cac85fb4f6f0c744fa51cd07d8581726e1c5 Loading...

	b.stripecdn.com/stripethirdparty-srv/assets/v21.23/vendors~AddressAutocomplete~AffirmInContext~AfterpayInContext~AmazonPayButton~ApplePay~AuthMap~DataD~5ed5705f.7ef5482d15f388ab21cd.bundle.js	ScriptElement	126 kB	2024-10-22	2024-11-13
Pretty URL b.stripecdn.com/stripethirdparty-srv/assets/v21.23/vendors~AddressAutocomplete~AffirmInContext~AfterpayInContext~AmazonPayButton~ApplePay~AuthMap~DataD~5ed5705f.7ef5482d15f388ab21cd.bundle.js IP 151.101.128.176 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-22 00:34 Last Seen2024-11-13 15:33 Times Seen18 Hash 83db675ef4707804eec336acc287a172 382c4a9ade38e831ea62cd45ccc4096a62a7a506 11bfb6b27fc716b32798a061e7ef96ad2cf67673306bd6195996bfbd823da0bc Loading...

	b.stripecdn.com/stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.a21e5ec2371cbd59b63d.bundle.js	ScriptElement	18 kB	2024-10-22	2024-10-28
Pretty URL b.stripecdn.com/stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.a21e5ec2371cbd59b63d.bundle.js IP 151.101.128.176 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-22 00:34 Last Seen2024-10-28 13:36 Times Seen11 Hash 599d61be04e1b005db71eaa98a19581e 52d94ee82ac4303590c820bb8ce425db95b2d3b5 a90a2ff957f827e683d6ea72005bee1d4068b80a6adf6661f2406edbcad607c7 Loading...

	js.stripe.com/v3/	ScriptElement	690 kB	2024-10-25	2024-10-28
Pretty URL js.stripe.com/v3/ IP 151.101.128.176 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-25 20:27 Last Seen2024-10-28 17:08 Times Seen40 Hash e09447163fe544079942a63abe237a24 cb760461f747d49066b65707cdbdd0db47577f91 a01d64cba546d0228de556a783b75f0ea24c163b2ea1eed16c6b2a240171596d Loading...

	js.stripe.com/v3/hcaptcha-invisible-1c9f48dc4b3b032d0e71a60ef1d512ed.html#debugMode=false&parentOrigin=https%3A%2F%2Fsecure.winred.com	ScriptElement	75 kB	2024-10-26	2024-10-28
Pretty URL js.stripe.com/v3/hcaptcha-invisible-1c9f48dc4b3b032d0e71a60ef1d512ed.html#debugMode=false&parentOrigin=https%3A%2F%2Fsecure.winred.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-26 18:04 Last Seen2024-10-28 13:36 Times Seen7 Hash 90ccddc10f61b391c09bd1ad676fcc88 044c7bff1a13865231a2feb077009f9e0e008dc6 26f1b7cd0620a9b4dd5442917ed0e9ba3b4f53ce42bf8dfee5840666d689414d Loading...

	secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517	ScriptElement	207 B	2023-03-07	2025-04-19
Pretty URL secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 IP 104.19.212.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:12 Last Seen2025-04-19 10:46 Times Seen350 Hash 00e39500ec5fac92ef320c4cf09d3df2 35e6f3f78ef0874239a272240576664da3e04bcb c8678a6f7015cd1724c161fc239bc0453e2ac988ed7ac4124d1721ed513aef3b Loading...

	secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517	ScriptElement	921 B	2024-10-26	2024-10-26
Pretty URL secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 IP 104.19.212.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash 24ff9157d325f4a265f672e4c323ebc1 62c28c1982afbccef2ff1e851bb5ebc78dd995ee 299e83f3dc942708ef523fb4d07ea6230157b3a70d5a3f3983ac2ccb8e8f68b4 Loading...

	js.stripe.com/v3/fingerprinted/js/ui-shared-cc08c9f0ed787cd214292085313bb8e1.js	ScriptElement	470 kB	2024-10-26	2024-10-28
Pretty URL js.stripe.com/v3/fingerprinted/js/ui-shared-cc08c9f0ed787cd214292085313bb8e1.js IP 151.101.128.176 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-26 19:32 Last Seen2024-10-28 13:36 Times Seen5 Hash f9b0460ab82c4471e2ba9e11da09143f 918c185a2b026e8b802a09ebf8caa3a57cfb405e 96909615eae52b7138f5f43249f8b12f26dd5ca2ec7ea76051fb90223b57e34e Loading...

		Size	First Seen	Last Seen
	#1 Eval - 68b9ac389c911d7b8bc64d21381cc3d9	111 B	2023-03-09 02:49	2025-04-24 09:43
Pretty Observations First Seen2023-03-09 02:49 Last Seen2025-04-24 09:43 Times Seen1430 Hash 68b9ac389c911d7b8bc64d21381cc3d9 abe515f69910e94b155086eb7c8154e429da9f3e 5bff7cb785c5eafa67874879dc5188134635ddc54620cdb14b55ba49f8604a4c Loading...

	#2 Eval - d87ad96fa45e1a2ac4e1811f125df5c6	957 B	2023-03-07 22:21	2025-04-16 13:08
Pretty Observations First Seen2023-03-07 22:21 Last Seen2025-04-16 13:08 Times Seen173 Hash d87ad96fa45e1a2ac4e1811f125df5c6 bed93773a9de8be3c3231553da13d5ffeaeeb2fd 70c4de8244bc5412b2cce1d64575cbb87119eaaa97eb381574126ccc69a2b8b8 Loading...

	#3 Eval - 29ec0e5c57f8546b9db2aa65ee3d3df8	285 B	2024-08-20 10:34	2025-04-01 21:47
Pretty Observations First Seen2024-08-20 10:34 Last Seen2025-04-01 21:47 Times Seen17 Hash 29ec0e5c57f8546b9db2aa65ee3d3df8 b6134ab4a9c72e7a4176f15f07f6fbad86a25031 02fffba3dd697652767d28a7d1d96037e4f8ae95bb1e3313be77f3c4eb539ce2 Loading...

	#4 Eval - 519d30f257b24a9f44fb47b7d65fd26f	285 B	2024-10-26 21:29	2025-04-16 13:08
Pretty Observations First Seen2024-10-26 21:29 Last Seen2025-04-16 13:08 Times Seen6 Hash 519d30f257b24a9f44fb47b7d65fd26f a9de0f0dc6f8d898d34e24d94e360509fedc5417 c0b3e11f4066693144099faa3dda978aa498b4c93b7334859a39cbadb1a8f511 Loading...

	#5 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07 01:03	2025-04-26 02:45
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-04-26 02:45 Times Seen366715 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#6 Eval - 1883edfaef35bf09b4e9d3f046f51c88	28 B	2024-10-26 21:29	2024-10-26 21:29
Pretty Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash 1883edfaef35bf09b4e9d3f046f51c88 b84d4b90f0fe19936f54ac5ea01d03d78c8a452e 636a582dbfac279a76bb59d9304f331c9e95b09dae0cd12ea856481c330d4ab2 Loading...

	#7 Eval - 70add0d6beb7bb5ddc0b166fbcdda29b	285 B	2024-10-26 21:29	2024-10-26 21:29
Pretty Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash 70add0d6beb7bb5ddc0b166fbcdda29b a8a3d21fa6759c13b09282344ef7b9aef844177a 909ae3fdb995cb2c52a12672d70794c32c077271db7eae66d7072359e3941f46 Loading...

	#8 Eval - 840e5f30e3c39b3a648aca6e0a7c54b0	126 B	2023-04-01 11:09	2025-04-16 13:08
Pretty Observations First Seen2023-04-01 11:09 Last Seen2025-04-16 13:08 Times Seen175 Hash 840e5f30e3c39b3a648aca6e0a7c54b0 27190853760b01e6eaf85b1e6c186e9f2e030d6c 7818a2c46683b0849cd165b5c953afadf255a4c4c3561445de7b05ed13442fe5 Loading...

	#9 Eval - 973df966ecd5bf952867fcea18e8419e	285 B	2024-01-31 18:19	2025-03-09 14:47
Pretty Observations First Seen2024-01-31 18:19 Last Seen2025-03-09 14:47 Times Seen33 Hash 973df966ecd5bf952867fcea18e8419e 48031f4d397774028811126a1e1ff785f7492779 120c46ea7e025270236d1ed6b350146beb1eaa2c0697b29cce02ecd17ed4eba3 Loading...

	#10 Eval - ac5011e452d6c70046dcf2b00315fce2	285 B	2024-10-15 03:39	2025-04-16 13:08
Pretty Observations First Seen2024-10-15 03:39 Last Seen2025-04-16 13:08 Times Seen11 Hash ac5011e452d6c70046dcf2b00315fce2 71ac47c9940134b3010ebdd12d579f8ef816bd60 8b9ade7eca295a91bd88857b80c9c0a56f3c548055385f145c0cfd95c1283817 Loading...

	#11 Eval - 128f4cc014caa180b9c64983d5ada4bc	28 B	2024-10-26 21:29	2024-10-26 21:29
Pretty Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash 128f4cc014caa180b9c64983d5ada4bc 3ea67c93b7721d78352aaf2c8675a52e6e94c2f8 b629d4268933af87781d94e9c0829fa2425eabfd6816965460c79c3759113d9e Loading...

	#12 Eval - e2ff854b106237083629df0eae70de8c	28 B	2024-10-26 21:29	2024-10-26 21:29
Pretty Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash e2ff854b106237083629df0eae70de8c 49750fddcda01e3789fdc913a743dd6b1f867685 4e919946b9ef83a2e4c76bdf9b7345ddb28c61b02bb53a26baca243cf3f69832 Loading...

	#13 Eval - cd8c28f3962b4d5ad31d37a63626c845	60 B	2024-10-24 11:18	2024-10-29 01:45
Pretty Observations First Seen2024-10-24 11:18 Last Seen2024-10-29 01:45 Times Seen3602 Hash cd8c28f3962b4d5ad31d37a63626c845 9ab72c7c765a9d402d365002ea764e2643daf595 292794c11d83dd61de154ab1cabb4957548e4521e1fc786ec6d8b6292bf9aad4 Loading...

	#14 Eval - 1187e761732bc6b59d1bdf64b87a1c6a	189 B	2023-03-07 22:21	2025-04-16 13:08
Pretty Observations First Seen2023-03-07 22:21 Last Seen2025-04-16 13:08 Times Seen175 Hash 1187e761732bc6b59d1bdf64b87a1c6a 787693343277d13f37274412a55bc37cdab6b14c d91e700c6f704c0aa28941b1d929931bcd82b5e17fd29f0d5b10ffc6e63e8e74 Loading...

	#15 Eval - 6b00d21dd1276fa0c21c6da4bb5e6359	142 B	2024-10-26 21:29	2024-10-26 21:29
Pretty Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash 6b00d21dd1276fa0c21c6da4bb5e6359 039003ad3eee48560d96d6676bffbec0c8077c1a 093556edeae13d696e647e8a9951edfc8291057ffc6f117317a1a230dd14a918 Loading...

	#16 Eval - 232fed096b55cfd2c852e98903b2a01a	113 B	2023-03-07 22:21	2025-04-16 13:08
Pretty Observations First Seen2023-03-07 22:21 Last Seen2025-04-16 13:08 Times Seen170 Hash 232fed096b55cfd2c852e98903b2a01a a0bc89bea1f37bf52feeb5b825a8307cd6276346 739d31cf3c5606b975dde8556942a95347287d9f692d091278e7baf7836b3533 Loading...

	#17 Eval - 3339a40d28c1eaa9c69f5e84897656c6	285 B	2024-08-20 10:34	2025-04-15 10:00
Pretty Observations First Seen2024-08-20 10:34 Last Seen2025-04-15 10:00 Times Seen11 Hash 3339a40d28c1eaa9c69f5e84897656c6 17426a318a9a6e4073e5c03d8b630708992a58dd 7669bf7d04dbbaff986dff8bf2213203cc541f01960305cc41cd49fdd22e53c4 Loading...

	#18 Eval - 124926572d6b2e0051159b25e3d5834d	28 B	2024-10-26 21:29	2024-10-26 21:29
Pretty Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash 124926572d6b2e0051159b25e3d5834d aefa41307b916ffce3a702b136fe018d49ebe4e9 a61865231d1320659618145ec85791043b2b1014c91e335272cfca6e174042db Loading...

	#19 Eval - 64c729994e2ac4a1c8c99544037ab639	211 B	2023-06-13 16:03	2025-04-16 13:08
Pretty Observations First Seen2023-06-13 16:03 Last Seen2025-04-16 13:08 Times Seen178 Hash 64c729994e2ac4a1c8c99544037ab639 6b93d2615e44256373c84cc3560fa05fbe8158c1 82f12ecbccb2888fdd5c9714f9233efc0768f8bf3bc4d5115da3119c28844328 Loading...

	#20 Eval - ab2d7cdbb378151a68a5c81931757d38	142 B	2024-10-21 20:30	2025-04-01 21:47
Pretty Observations First Seen2024-10-21 20:30 Last Seen2025-04-01 21:47 Times Seen14 Hash ab2d7cdbb378151a68a5c81931757d38 f5e52062a4c887ad59b921731024214e6e37ed83 6d66d256161c0e0cd1ed936b912462d58a5fb6ec11db946a31b2b0a33699b50a Loading...

	#21 Eval - 59f9176ed33f6dcb290167d87fc681cd	281 B	2024-10-26 21:29	2024-10-26 21:29
Pretty Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash 59f9176ed33f6dcb290167d87fc681cd 74266ea37e42c5d795ef0b814a37be0b335db2d1 268a76f035a73c64e8ef58ec4f9ebe13bd1fb22013999b57382f1c1a3a53ba72 Loading...

	#22 Eval - f8369c80c98e6b8a800e362ed1013a8f	233 B	2023-07-06 19:19	2025-04-25 08:28
Pretty Observations First Seen2023-07-06 19:19 Last Seen2025-04-25 08:28 Times Seen1912 Hash f8369c80c98e6b8a800e362ed1013a8f be718de8b639d3fa77bf6d7f2a05a0a964cf1046 13e090949e8e8265ee5ac6388efeb66e24247a380dc27344d48952b5843190ab Loading...

	#23 Eval - e53fc3026d547bb7af3bbe7c8becbaba	142 B	2024-10-26 21:29	2025-02-22 19:34
Pretty Observations First Seen2024-10-26 21:29 Last Seen2025-02-22 19:34 Times Seen4 Hash e53fc3026d547bb7af3bbe7c8becbaba b7f03af01474032d57411deb194c954ad29600ec 852c3d558886c9b8f59a9234713ea692a243d2e3b0e158eb2cb99056cd5b78c2 Loading...

	#24 Eval - fcdd89c4b14d1e2f7fa18f85ce708bab	285 B	2023-08-31 20:13	2025-03-09 14:47
Pretty Observations First Seen2023-08-31 20:13 Last Seen2025-03-09 14:47 Times Seen29 Hash fcdd89c4b14d1e2f7fa18f85ce708bab fda422e0442f36e37cd39adc85b1a432ce5a07f7 d03d3929ed813507d37ee065bee8b282639ba1ab751105bc3c09d63ef4a95608 Loading...

	#25 Eval - ce39adf022439ddf72d07e5eedc76d8c	28 B	2024-10-26 21:29	2024-10-26 21:29
Pretty Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash ce39adf022439ddf72d07e5eedc76d8c a9cf38a2cfb970a6fd379270760123dfaa28258a bd0ab732c7f0aa2f546d9bac65653c4bac7ebbfd6c0c2708cdae4c589721a2e7 Loading...

	#26 Eval - 4aa74a296f53748fbff7bdde0a65857a	285 B	2023-09-10 19:45	2025-04-15 10:00
Pretty Observations First Seen2023-09-10 19:45 Last Seen2025-04-15 10:00 Times Seen12 Hash 4aa74a296f53748fbff7bdde0a65857a 898390fcd3592b617654ea1163e3dc8ddcbdb403 d8a9328961c34c5337c7242142cee5671ca9b25ea7848b2b72c838d193ff5e5d Loading...

	#27 Eval - e8a1642d1a2f75749d33d2f54d0bc8d6	255 B	2023-03-07 01:40	2025-04-24 17:13
Pretty Observations First Seen2023-03-07 01:40 Last Seen2025-04-24 17:13 Times Seen1302 Hash e8a1642d1a2f75749d33d2f54d0bc8d6 15956e1f1304f4c31f694062601fbfc3dd1d93b2 b0ef31f31656d506b130d30b7ff52db8bfff0a39a113bb214d26a3f07643a83a Loading...

	#28 Eval - 20dcd58e770a470c827c840c5db95f23	43 B	2023-03-07 12:55	2025-04-24 18:45
Pretty Observations First Seen2023-03-07 12:55 Last Seen2025-04-24 18:45 Times Seen2676 Hash 20dcd58e770a470c827c840c5db95f23 e3c25cd4d1dcdc26fd6b5e670ca893cd06479c5d 79db7032ffc2ce206ab5a0a82b5bdb8e69fa36a77510276616ecd94d8dca6d53 Loading...

	#29 Eval - 72ad78146e0d5cd88d8b636b43c48295	130 B	2023-03-07 22:21	2025-04-16 13:08
Pretty Observations First Seen2023-03-07 22:21 Last Seen2025-04-16 13:08 Times Seen176 Hash 72ad78146e0d5cd88d8b636b43c48295 e1413d5e87fe01f5db8d21f69c61d7d188acac94 7514eb97e6329bb19030be3d3f2acd82961a0d54ed9e349d82211981a32b6572 Loading...

	#30 Eval - 2b1f2069c1c55fb843f81f64c7a9852f	28 B	2024-10-26 21:29	2024-10-26 21:29
Pretty Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash 2b1f2069c1c55fb843f81f64c7a9852f 80b3ec49bf7fae7b6b22e270d2d6f6a4304da5b5 c3386a67414f8d0d353d73e2c686d4cc474ce0de137c8fb6c754cdeaf34e38ed Loading...

	#31 Eval - 2812fe342a87052fdafd0b219a37522d	284 B	2024-10-26 21:29	2024-10-26 21:29
Pretty Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash 2812fe342a87052fdafd0b219a37522d 0fc9a8664304fea767600c80eb7d3bdd813a5570 ad3eb1b2dc2e03ca0931331c2e54cb8046bf165758b87d39b5d8307c76f80587 Loading...

	#32 Eval - 1d184d61a5c712ddd99f0943b90a8050	285 B	2024-10-26 21:29	2024-10-26 21:29
Pretty Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash 1d184d61a5c712ddd99f0943b90a8050 14868345f0f2ec5022d107a106562ce56540c691 4698a71499e51d380966d9c7d7f0914594801ef3c3243209ba85ca2cbb9493c1 Loading...

	#33 Eval - b85e2704982642bef9ef31613997f5fc	483 B	2024-10-26 21:29	2024-10-26 21:29
Pretty Observations First Seen2024-10-26 21:29 Last Seen2024-10-26 21:29 Times Seen1 Hash b85e2704982642bef9ef31613997f5fc d9132563ca65be2cdefc7fc6fcfec4a6d3f34777 50af6b2479aeb849ae88065f24dfd74d1660cdd728646f8e4e27b96e273172ad Loading...

	#34 Eval - 42e0e77b11d7549f60fb627cacc6f58d	285 B	2023-07-18 05:45	2025-04-15 10:00
Pretty Observations First Seen2023-07-18 05:45 Last Seen2025-04-15 10:00 Times Seen3 Hash 42e0e77b11d7549f60fb627cacc6f58d 1ace752f6bbe8f50b89aca41488794cfac53b2cc 728e2972392919c705de6dca530a94ca93dd1ef8881e1c5a84f28082127a8023 Loading...

HTTP Transactions (85)

	URL	IP	Response	Size
	us4.co/medpgo	3.33.253.57	301 Moved Permanently	0 B
URL us4.co/medpgo IP 3.33.253.57:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /medpgo HTTP/1.1 Host: us4.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently date: Sat, 26 Oct 2024 21:28:15 GMT content-length: 0 location: https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 cache-control: no-cache, no-store expires: -1 engine: Rebrandly.redirect, version 2.1 strict-transport-security: max-age=15552000 X-Firefox-Spdy: h2`

	secure.winred.com/cdn-cgi/rum?	104.19.212.89	204 No Content	0 B
URL POST HTTP/3 secure.winred.com/cdn-cgi/rum? IP 104.19.212.89:443 ASN #13335 CLOUDFLARENET Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerCloudflare, Inc. Subjectsecure.winred.com FingerprintFF:90:12:D2:0A:57:DF:67:0A:A7:6D:39:C1:D1:05:97:5C:75:E9:E1 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/rum? HTTP/1.1 Host: secure.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 content-type: application/json Content-Length: 1245 Origin: https://secure.winred.com DNT: 1 Connection: keep-alive Cookie: __cf_bm=b6lZVFCBxBdK8lcqgf06YE.TtYdt2DWMgONsgtlgDUo-1729978095-1.0.1.1-dohDVDRLMq7pGUWpzCzr8uUYGHorZWsHUnUCKPB2mjvmUfo8rDuabDgELbt6YbaCkXkOIcsyjhIbehJPGe0hHQ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/3 204 No Content date: Sat, 26 Oct 2024 21:28:16 GMT access-control-allow-origin: https://secure.winred.com access-control-allow-methods: POST,OPTIONS access-control-max-age: 86400 vary: Origin access-control-allow-credentials: true server: cloudflare cf-ray: 8d8d88fcac9b56bf-OSL x-frame-options: DENY x-content-type-options: nosniff`

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1	104.18.95.41	200 OK	61 B
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1 IP 104.18.95.41:0 ASN #13335 CLOUDFLARENET File type PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Size 61 B (61 bytes) Hash 9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kb5es/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:16 GMT content-type: image/png content-length: 61 cache-control: max-age=2629800, public server: cloudflare cf-ray: 8d8d88fdc965b511-OSL alt-svc: h3=":443"; ma=86400`

	secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517	104.19.212.89	403 Forbidden	28 kB
URL User Request GET HTTP/2 secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 IP 104.19.212.89:443 ASN #13335 CLOUDFLARENET Certificate IssuerCloudflare, Inc. Subjectsecure.winred.com FingerprintFF:90:12:D2:0A:57:DF:67:0A:A7:6D:39:C1:D1:05:97:5C:75:E9:E1 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type HTML document, ASCII text, with very long lines (9021) Size 28 kB (27615 bytes) Hash 90ca81c186663dd543b8e3e695c539f6 0900a7ffdd4e1b399e9b1e8db82fd43b69c9f4d5 1a899d140dfaf8fe71ca1bc52aa846f8b4e53fa4b69106b7330edffee6c8de6f HTTP Headers GET /early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 HTTP/1.1 Host: secure.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Cookie: __cf_bm=b6lZVFCBxBdK8lcqgf06YE.TtYdt2DWMgONsgtlgDUo-1729978095-1.0.1.1-dohDVDRLMq7pGUWpzCzr8uUYGHorZWsHUnUCKPB2mjvmUfo8rDuabDgELbt6YbaCkXkOIcsyjhIbehJPGe0hHQ Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 403 Forbidden date: Sat, 26 Oct 2024 21:28:15 GMT content-type: text/html; charset=UTF-8 accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy: same-origin x-content-options: nosniff x-frame-options: SAMEORIGIN cf-mitigated: challenge cf-chl-out: dX5Z4f8RO0FPjmVCpP8Y7iyY+cITaDNAuhACFglXXsfo2LAljlpCI2gC0ausDsr1fC8tL5u9GdIWaxMSP4davgjmHSWz1tCW5w8mlyuqu8ijSy/8o9hv/YAQKH8SRD5+kMzbii7tV+3MIGGDCrw+Pw==$QvvWOef896jTFdqgjlstOA== cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires: Thu, 01 Jan 1970 00:00:01 GMT vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff server: cloudflare cf-ray: 8d8d88f9c84156bf-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8d8d88fd288db511/1729978096645/ac66cb4588854125952ad6279f3914cfe05bd314fd7542ce3eb98e523f9393b5/QvD8fuetYVhQWjM	104.18.95.41	401 Unauthorized	1 B
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8d8d88fd288db511/1729978096645/ac66cb4588854125952ad6279f3914cfe05bd314fd7542ce3eb98e523f9393b5/QvD8fuetYVhQWjM IP 104.18.95.41:0 ASN #13335 CLOUDFLARENET File type very short file (no magic) Size 1 B (1 bytes) Hash ff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/pat/8d8d88fd288db511/1729978096645/ac66cb4588854125952ad6279f3914cfe05bd314fd7542ce3eb98e523f9393b5/QvD8fuetYVhQWjM HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kb5es/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 401 Unauthorized date: Sat, 26 Oct 2024 21:28:16 GMT content-type: text/plain; charset=UTF-8 content-length: 1 www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20grGbLRYiFQSWVKtYnnzkUz-Bb0xT9dULOPrmOUj-Tk7UAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIKxmy0WIhUEllSrWJ585FM_gW9MU_XVCzj65jlI_k5O1ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIKxmy0WIhUEllSrWJ585FM_gW9MU_XVCzj65jlI_k5O1ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwOXxuf_YfH60WXLdHNNMi668yTzkAIuksAL2v5Hmho3odFuawAT0cyief1oGo8EaTM_mzmbWK1XdowTDWz2k8-mVmWsgyW3NdrIQwZo-pqOoSiMOVVjpDsnwZmGR_SeoYczHldSUjidO3m4djRGeWR4Iv7sZ131HRg8MZGc0BLoTAJ8WLryDVz1Kp_D_qSxsI1b5cap8Y1yGShRIAZ1O6b3zuooeDoLh9q098fsCdlZbnGh28gTNXgdkiFt_yjyaf5upGTHXcizT4TWTDdmvgSNE19n7ahXuj-_GH_XzP42QLUomcuqNEhu5wSj7XNnyRFURH19l6_sLROivytIY2wIDAQAB", max-age=20 server: cloudflare cf-ray: 8d8d89021f7cb511-OSL alt-svc: h3=":443"; ma=86400

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8d8d88fd288db511/1729978096650/mVEhQTHNbTLBwJH	104.18.95.41	200 OK	61 B
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8d8d88fd288db511/1729978096650/mVEhQTHNbTLBwJH IP 104.18.95.41:0 ASN #13335 CLOUDFLARENET File type PNG image data, 53 x 92, 8-bit/color RGB, non-interlaced Size 61 B (61 bytes) Hash 9849d0bbfc83da03084e9d022607e6cb 2ba4ba5ac5558bdf937e712558654e680d1c165a f071393cdc7dc104892ac8409030c878003a87ba71f23e6fa280b1a50018528b HTTP Headers GET /cdn-cgi/challenge-platform/h/b/i/8d8d88fd288db511/1729978096650/mVEhQTHNbTLBwJH HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kb5es/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:17 GMT content-type: image/png content-length: 61 server: cloudflare cf-ray: 8d8d89026fe2b511-OSL alt-svc: h3=":443"; ma=86400`

	secure.winred.com/cdn-cgi/rum?	104.19.212.89	204 No Content	0 B
URL POST HTTP/3 secure.winred.com/cdn-cgi/rum? IP 104.19.212.89:443 ASN #13335 CLOUDFLARENET Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerCloudflare, Inc. Subjectsecure.winred.com FingerprintFF:90:12:D2:0A:57:DF:67:0A:A7:6D:39:C1:D1:05:97:5C:75:E9:E1 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/rum? HTTP/1.1 Host: secure.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&__cf_chl_tk=S8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8 Content-Type: application/json Content-Length: 708 Origin: https://secure.winred.com DNT: 1 Connection: keep-alive Cookie: __cf_bm=b6lZVFCBxBdK8lcqgf06YE.TtYdt2DWMgONsgtlgDUo-1729978095-1.0.1.1-dohDVDRLMq7pGUWpzCzr8uUYGHorZWsHUnUCKPB2mjvmUfo8rDuabDgELbt6YbaCkXkOIcsyjhIbehJPGe0hHQ; cf_clearance=fwgu4tkM3CYUh1zPvP2Qp7AVSUZSwUCEMVh1R3QPtvY-1729978095-1.2.1.1-hLMcWqZybSGFM92fSHC7MWkVtyMNXM0nZDOALBwWNjhu_ymt.FOYuk8_EVr6mGaZBubeYWFsSoaab4JCJIJdJNR2_dOxucCH7AxSCDC3hW4nme0Z0MJqSsnw.HQBVSSU4upeNUbKmG67MDjLIzWW8YXWPorlfHJ5fZED3VWzd3.6k_H.2VDfOywrQ1aReJRQ3o_5Pvi2jzqcWVuh8Z4V12Dkt53W.y9FKmj70mk_Nt6bUsM02PRBg4yONv6rnJw_YuPPRPDq7GqvhzlWB.wOVcUKnIuwFIb15QlyfTOTypcMTa.duSmsvkEZOZqPjfPTI9ovsC5mfuBi1QGy1SshWpdj1_0Z3OrdjSlQfgiUpPpcnAosXhhQQ2Q0B5rz1tCk; __production_revv_csrftoken=1729978097%7CNbo5L%2BdgAr%2B7hQgooS%2FewvO39YMGBOinrqBElKYZRTQ%3D%7C%2BYct8j4m85OG%2Fwq9gZuXaEhqJF5%2FZ1QGhwhNemODceM%3D; _revv_v3_session=bGJlZlBZdkNWekdHSUI4YzVsalpUSVY4UitmWG1Oa1RpVWp1R1piVFRLVmJDd01CQXVMVmpiYXcrVExReWVLa0ZicW9DZ0ErZGFlOXBiTkZGUkl5NE96OFArU0kwa283dTlmZjRZYk9FaUZMYTNpbnZSNHZNeCtJTkl5dTZXUnp3SVlkQ3YwdlNnRFJSL1JKZ0VMK2l3bFRGelVhSVVraWh3YXhibEM4alo1YkJ6YkwrQ0lrVVJLRTEwY2oxdWNQRmZmaENFMmJ3eTNHT0gwZTVocmkreGtnSnpvdDV6T2ovaHB4ZGRTUEhzZmJGSHhTbjZtSWx3cjdPdVc5NnNXbURuSnlIbzN3MlJ3OHlQVW94NVQ4eFdMV0pIOUhLSkNPbjBrdlV3N0R4TDA9LS1ucDRJNjNHS1pmd3FGQ2VsWjRHcEp3PT0%3D--40c71bc6b03a507bed8904ac8d53fec15a64caf5 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/3 204 No Content date: Sat, 26 Oct 2024 21:28:18 GMT access-control-allow-origin: https://secure.winred.com access-control-allow-methods: POST,OPTIONS access-control-max-age: 86400 vary: Origin access-control-allow-credentials: true server: cloudflare cf-ray: 8d8d89084e3c56bf-OSL x-frame-options: DENY x-content-type-options: nosniff`

	secure.winred.com/assets/win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png	104.19.212.89	200 OK	8.7 kB
URL GET HTTP/3 secure.winred.com/assets/win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png IP 104.19.212.89:443 ASN #13335 CLOUDFLARENET Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerCloudflare, Inc. Subjectsecure.winred.com FingerprintFF:90:12:D2:0A:57:DF:67:0A:A7:6D:39:C1:D1:05:97:5C:75:E9:E1 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type RIFF (little-endian) data, Web/P image Size 8.7 kB (8708 bytes) Hash 94ae9c2ca3b21a7519782b13fb7834e9 d40141e21b80d496da03b79b5cec3c593fb96577 36f0bf882a876b13aeb20cf7a495421a43f336da5422072a58f58ce303fb6284 HTTP Headers GET /assets/win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.png HTTP/1.1 Host: secure.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 DNT: 1 Connection: keep-alive Cookie: __cf_bm=b6lZVFCBxBdK8lcqgf06YE.TtYdt2DWMgONsgtlgDUo-1729978095-1.0.1.1-dohDVDRLMq7pGUWpzCzr8uUYGHorZWsHUnUCKPB2mjvmUfo8rDuabDgELbt6YbaCkXkOIcsyjhIbehJPGe0hHQ; cf_clearance=fwgu4tkM3CYUh1zPvP2Qp7AVSUZSwUCEMVh1R3QPtvY-1729978095-1.2.1.1-hLMcWqZybSGFM92fSHC7MWkVtyMNXM0nZDOALBwWNjhu_ymt.FOYuk8_EVr6mGaZBubeYWFsSoaab4JCJIJdJNR2_dOxucCH7AxSCDC3hW4nme0Z0MJqSsnw.HQBVSSU4upeNUbKmG67MDjLIzWW8YXWPorlfHJ5fZED3VWzd3.6k_H.2VDfOywrQ1aReJRQ3o_5Pvi2jzqcWVuh8Z4V12Dkt53W.y9FKmj70mk_Nt6bUsM02PRBg4yONv6rnJw_YuPPRPDq7GqvhzlWB.wOVcUKnIuwFIb15QlyfTOTypcMTa.duSmsvkEZOZqPjfPTI9ovsC5mfuBi1QGy1SshWpdj1_0Z3OrdjSlQfgiUpPpcnAosXhhQQ2Q0B5rz1tCk; __production_revv_csrftoken=1729978097%7CNbo5L%2BdgAr%2B7hQgooS%2FewvO39YMGBOinrqBElKYZRTQ%3D%7C%2BYct8j4m85OG%2Fwq9gZuXaEhqJF5%2FZ1QGhwhNemODceM%3D; _revv_v3_session=bGJlZlBZdkNWekdHSUI4YzVsalpUSVY4UitmWG1Oa1RpVWp1R1piVFRLVmJDd01CQXVMVmpiYXcrVExReWVLa0ZicW9DZ0ErZGFlOXBiTkZGUkl5NE96OFArU0kwa283dTlmZjRZYk9FaUZMYTNpbnZSNHZNeCtJTkl5dTZXUnp3SVlkQ3YwdlNnRFJSL1JKZ0VMK2l3bFRGelVhSVVraWh3YXhibEM4alo1YkJ6YkwrQ0lrVVJLRTEwY2oxdWNQRmZmaENFMmJ3eTNHT0gwZTVocmkreGtnSnpvdDV6T2ovaHB4ZGRTUEhzZmJGSHhTbjZtSWx3cjdPdVc5NnNXbURuSnlIbzN3MlJ3OHlQVW94NVQ4eFdMV0pIOUhLSkNPbjBrdlV3N0R4TDA9LS1ucDRJNjNHS1pmd3FGQ2VsWjRHcEp3PT0%3D--40c71bc6b03a507bed8904ac8d53fec15a64caf5 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:18 GMT content-type: image/webp content-length: 8708 cf-ray: 8d8d8908ef9256bf-OSL cf-cache-status: HIT accept-ranges: bytes age: 1142 cache-control: public, max-age=14400 content-disposition: inline; filename="win-red-mark-small-24c5e97a925e2a929cae4a87ecdfcdf27f56974fd8172bdd34af91145aebca91.webp" etag: "972c0cca8d1e490484e89513f902e847" expires: Sun, 27 Oct 2024 01:28:18 GMT last-modified: Tue, 10 Sep 2024 01:04:24 GMT strict-transport-security: max-age=15552000; includeSubDomains vary: Accept, Accept-Encoding cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=11635 x-amz-id-2: 9LfbgMKyUNyK/4VBlqBjtkIK4tjxUv3kzrG6i7fvF3mpuj+5wH0oZo/zkIux3tZbXhZqxv1JwDI= x-amz-request-id: NYCX3HZ08AEDB3AQ x-amz-version-id: oesBjmAh2inmGHKurJiAleCIzUb1YtH1 x-content-type-options: nosniff server: cloudflare alt-svc: h3=":443"; ma=86400

	js.stripe.com/v3/	151.101.128.176	200 OK	167 kB
URL GET HTTP/2 js.stripe.com/v3/ IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators Size 167 kB (167023 bytes) Hash e09447163fe544079942a63abe237a24 cb760461f747d49066b65707cdbdd0db47577f91 a01d64cba546d0228de556a783b75f0ea24c163b2ea1eed16c6b2a240171596d HTTP Headers `GET /v3/ HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK last-modified: Fri, 25 Oct 2024 20:24:51 GMT etag: "e09447163fe544079942a63abe237a24" cache-control: max-age=60 content-type: text/javascript; charset=utf-8 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:18 GMT via: 1.1 varnish age: 59 x-request-id: 384f067a-0edd-4592-af85-0b6d0d396f42 x-served-by: cache-hel1410026-HEL x-cache: HIT x-cache-hits: 6 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length: 167023 X-Firefox-Spdy: h2

	secure.winred.com/assets/application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js	104.19.212.89	200 OK	142 kB
URL GET HTTP/3 secure.winred.com/assets/application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js IP 104.19.212.89:443 ASN #13335 CLOUDFLARENET Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerCloudflare, Inc. Subjectsecure.winred.com FingerprintFF:90:12:D2:0A:57:DF:67:0A:A7:6D:39:C1:D1:05:97:5C:75:E9:E1 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 142 kB (141578 bytes) Hash 2e4172212ac6645eac9ef551e4f1cc65 6c9f7fdbed9d0cb28797287cc8553e97cd98d37e 34dbbeedb5f41467c45409cfe22b5398a1e7410ae53e0f2a196a706db6d62107 HTTP Headers GET /assets/application-landing-page-505b517318f5ba1c04205d8daa065b5fe48bfff9f753a471bf7421b0164aa73e.js HTTP/1.1 Host: secure.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 DNT: 1 Connection: keep-alive Cookie: __cf_bm=b6lZVFCBxBdK8lcqgf06YE.TtYdt2DWMgONsgtlgDUo-1729978095-1.0.1.1-dohDVDRLMq7pGUWpzCzr8uUYGHorZWsHUnUCKPB2mjvmUfo8rDuabDgELbt6YbaCkXkOIcsyjhIbehJPGe0hHQ; cf_clearance=fwgu4tkM3CYUh1zPvP2Qp7AVSUZSwUCEMVh1R3QPtvY-1729978095-1.2.1.1-hLMcWqZybSGFM92fSHC7MWkVtyMNXM0nZDOALBwWNjhu_ymt.FOYuk8_EVr6mGaZBubeYWFsSoaab4JCJIJdJNR2_dOxucCH7AxSCDC3hW4nme0Z0MJqSsnw.HQBVSSU4upeNUbKmG67MDjLIzWW8YXWPorlfHJ5fZED3VWzd3.6k_H.2VDfOywrQ1aReJRQ3o_5Pvi2jzqcWVuh8Z4V12Dkt53W.y9FKmj70mk_Nt6bUsM02PRBg4yONv6rnJw_YuPPRPDq7GqvhzlWB.wOVcUKnIuwFIb15QlyfTOTypcMTa.duSmsvkEZOZqPjfPTI9ovsC5mfuBi1QGy1SshWpdj1_0Z3OrdjSlQfgiUpPpcnAosXhhQQ2Q0B5rz1tCk; __production_revv_csrftoken=1729978097%7CNbo5L%2BdgAr%2B7hQgooS%2FewvO39YMGBOinrqBElKYZRTQ%3D%7C%2BYct8j4m85OG%2Fwq9gZuXaEhqJF5%2FZ1QGhwhNemODceM%3D; _revv_v3_session=bGJlZlBZdkNWekdHSUI4YzVsalpUSVY4UitmWG1Oa1RpVWp1R1piVFRLVmJDd01CQXVMVmpiYXcrVExReWVLa0ZicW9DZ0ErZGFlOXBiTkZGUkl5NE96OFArU0kwa283dTlmZjRZYk9FaUZMYTNpbnZSNHZNeCtJTkl5dTZXUnp3SVlkQ3YwdlNnRFJSL1JKZ0VMK2l3bFRGelVhSVVraWh3YXhibEM4alo1YkJ6YkwrQ0lrVVJLRTEwY2oxdWNQRmZmaENFMmJ3eTNHT0gwZTVocmkreGtnSnpvdDV6T2ovaHB4ZGRTUEhzZmJGSHhTbjZtSWx3cjdPdVc5NnNXbURuSnlIbzN3MlJ3OHlQVW94NVQ4eFdMV0pIOUhLSkNPbjBrdlV3N0R4TDA9LS1ucDRJNjNHS1pmd3FGQ2VsWjRHcEp3PT0%3D--40c71bc6b03a507bed8904ac8d53fec15a64caf5 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:18 GMT content-type: application/javascript cf-ray: 8d8d8908ef7e56bf-OSL cf-cache-status: HIT age: 1142 cache-control: public, max-age=14400 etag: W/"e75fd1678f79abd85c65c4549db07868" expires: Sun, 27 Oct 2024 01:28:18 GMT last-modified: Tue, 10 Sep 2024 01:04:22 GMT strict-transport-security: max-age=15552000; includeSubDomains vary: Accept-Encoding cf-bgj: minify cf-polished: origSize=503483 x-amz-id-2: CXGlcQH3bz4plSrE9G3yyDpUHHJx/pBSh1Z3WCjDHDLJ4EA+laYiWUqr5gV2UtORlYHycvb0ccY= x-amz-request-id: NYTVY0X3ND1205G7 x-amz-version-id: oGPIy5aVL7BxCbStboHuyrjP9Quyigrl x-content-type-options: nosniff server: cloudflare content-encoding: br alt-svc: h3=":443"; ma=86400

	www.googletagmanager.com/gtm.js?id=GTM-PR2XM7C	142.250.74.168	200 OK	77 kB
URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PR2XM7C IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerGoogle Trust Services Subject.google-analytics.com Fingerprint4E:4C:D9:C3:F2:89:66:5F:0F:4D:32:39:FA:F7:AC:3F:3E:19:DE:D8 ValidityMon, 07 Oct 2024 08:23:31 GMT - Mon, 30 Dec 2024 08:23:30 GMT File type JavaScript source, ASCII text, with very long lines (2565) Size 77 kB (77168 bytes) Hash 04cb6afbe50f2869f44b822be2abdfc1 c09c1e341b09e2e8ebbf7782e887cb380d2b00f3 844e4753b4e0a4a6ae94d179c5de1d0d5ed29396bf61c6e17322b3f733641255 HTTP Headers `GET /gtm.js?id=GTM-PR2XM7C HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sat, 26 Oct 2024 21:28:18 GMT expires: Sat, 26 Oct 2024 21:28:18 GMT cache-control: private, max-age=900 last-modified: Sat, 26 Oct 2024 21:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} server: Google Tag Manager content-length: 77168 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N	142.250.74.168	200 OK	119 kB
URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerGoogle Trust Services Subject.google-analytics.com Fingerprint4E:4C:D9:C3:F2:89:66:5F:0F:4D:32:39:FA:F7:AC:3F:3E:19:DE:D8 ValidityMon, 07 Oct 2024 08:23:31 GMT - Mon, 30 Dec 2024 08:23:30 GMT File type JavaScript source, ASCII text, with very long lines (45169) Size 119 kB (119228 bytes) Hash dbb471e139d2587ffee72a883ef71214 5f5e82d94112cad33263c112ea72dfd5992cc723 c8fec1faaa2505e452c2bf55886efcbce87b135cc73c206d43f15001b5432a17 HTTP Headers `GET /gtm.js?id=GTM-NTQZ9N HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sat, 26 Oct 2024 21:28:18 GMT expires: Sat, 26 Oct 2024 21:28:18 GMT cache-control: private, max-age=900 last-modified: Sat, 26 Oct 2024 21:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} server: Google Tag Manager content-length: 119228 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/Artboard.png	54.240.174.73	200 OK	1.5 kB
URL GET HTTP/2 d35ligi1n5bgzc.cloudfront.net/favicons/favicon_assets/000/015/569/original/Artboard.png IP 54.240.174.73:443 ASN #16509 AMAZON-02 Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerAmazon Subject.cloudfront.net Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62 ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced Size 1.5 kB (1512 bytes) Hash 7b9c8b7070c8f9c81fc9a133d26daf4e c6811975133bfdcbc35d1d7ef6c6e45ccfc8af1c fc1c77849ba3a6020b87884599c1aefa09a9e1d7bfed95ad3deec6a5d4c08902 HTTP Headers `GET /favicons/favicon_assets/000/015/569/original/Artboard.png HTTP/1.1 Host: d35ligi1n5bgzc.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: image/png content-length: 1512 date: Sat, 26 Oct 2024 06:46:10 GMT last-modified: Wed, 10 Jul 2019 18:21:57 GMT etag: "7b9c8b7070c8f9c81fc9a133d26daf4e" x-amz-server-side-encryption: AES256 x-amz-version-id: FN8PLjpE4LnyaM50_d0emgSd0vAz496F accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: kWShYauS6RdkxnVmwdwUHAivqZXpj3NhZ-o0RHpTSfQmWhqJVOZiwQ== age: 52929 X-Firefox-Spdy: h2

	d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/868/703/large/lp-image.png	54.240.174.73	200 OK	440 kB
URL GET HTTP/2 d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/868/703/large/lp-image.png IP 54.240.174.73:443 ASN #16509 AMAZON-02 Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerAmazon Subject.cloudfront.net Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62 ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT File type PNG image data, 1920 x 1200, 8-bit colormap, non-interlaced Size 440 kB (440417 bytes) Hash 3bb3af8ea95f2977060d45cd449c1dde e2c095f812a6f3478b63270a1b2874bd8dc8452f 61986ff204f0201f69691b9de8f94a33c4df94421beaaefebad44eee7536a5f2 HTTP Headers `GET /backgrounds/images/000/868/703/large/lp-image.png HTTP/1.1 Host: d35ligi1n5bgzc.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: image/png content-length: 440417 date: Sat, 26 Oct 2024 06:08:13 GMT last-modified: Mon, 26 Feb 2024 03:28:14 GMT etag: "3bb3af8ea95f2977060d45cd449c1dde" x-amz-server-side-encryption: AES256 x-amz-version-id: GPK_pNrRLk8VetAs7RvX2jEj_NQnyPhk accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: WNX3BWnjqy5UJXZKe_rTkjIGJRxW4Um6Engc7RnQjpNr6ajivoMJRg== age: 55206 X-Firefox-Spdy: h2

	d35ligi1n5bgzc.cloudfront.net/profiles/images/000/547/803/square/profile-picture.png	54.240.174.73	200 OK	4.4 kB
URL GET HTTP/2 d35ligi1n5bgzc.cloudfront.net/profiles/images/000/547/803/square/profile-picture.png IP 54.240.174.73:443 ASN #16509 AMAZON-02 Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerAmazon Subject.cloudfront.net Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62 ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced Size 4.4 kB (4415 bytes) Hash 9fbae73aa14bf1e83429c9a13363c332 612849db699ed09449b1c5a00d479e9a2962b0fa eed205bb36e48af1b595d9395aac33a23a8651c472ca1ae72d25d91da36a2513 HTTP Headers `GET /profiles/images/000/547/803/square/profile-picture.png HTTP/1.1 Host: d35ligi1n5bgzc.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: image/png content-length: 4415 last-modified: Fri, 20 Jan 2023 16:01:26 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: Xt4._6tezmc3TP8S.qufECwhmeK6Ns._ accept-ranges: bytes server: AmazonS3 date: Sat, 26 Oct 2024 21:28:18 GMT etag: "9fbae73aa14bf1e83429c9a13363c332" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: 8k7FIHe5IFbaCydKdVVVrkRhUM5J52Npa8nwAGjBgdYGKFcCCQt1vw== age: 56451 X-Firefox-Spdy: h2

	js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html	151.101.128.176	200 OK	401 B
URL js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html IP 151.101.128.176:0 ASN #54113 FASTLY Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type HTML document, ASCII text, with very long lines (651), with no line terminators Size 401 B (401 bytes) Hash 1a6a00ea4cc8720448dc91f1c79dd208 f2917ab03a1d918619691d258eb824cfd88d8081 d45bd8b4dacd5da8caf4d8ee533aec050aeafc977af4ab4cb620f7d56dd0d3a4 HTTP Headers GET /v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 401 last-modified: Fri, 25 Oct 2024 20:04:14 GMT etag: "1a6a00ea4cc8720448dc91f1c79dd208" cache-control: max-age=60, stale-while-revalidate=900 content-type: text/html; charset=utf-8 content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report origin-agent-cluster: ?1 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:18 GMT via: 1.1 varnish age: 48 x-request-id: ae348462-3756-4e70-90df-38ea8cb870f5 x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 11 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html	151.101.128.176	200 OK	514 B
URL js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html IP 151.101.128.176:0 ASN #54113 FASTLY Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type HTML document, ASCII text, with very long lines (1058), with no line terminators Size 514 B (514 bytes) Hash dc733d8bac067db718e4883c0151251f 6cc44beacd7c80233708ec7f129feab78e8e1845 860c558ca70337f44765afc0e199b20dce5a96be61a0426f37a7ebec42b93450 HTTP Headers GET /v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 514 last-modified: Fri, 25 Oct 2024 20:04:14 GMT etag: "dc733d8bac067db718e4883c0151251f" cache-control: max-age=31536000 content-type: text/html; charset=utf-8 content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report origin-agent-cluster: ?1 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:18 GMT via: 1.1 varnish age: 91094 x-request-id: 5cd90d41-8152-4f7b-b414-d7589676e8e2 x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 4008 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places	142.250.74.10	200 OK	121 kB
URL maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places IP 142.250.74.10:0 ASN #15169 GOOGLE File type JavaScript source, ASCII text, with very long lines (10641) Size 121 kB (121351 bytes) Hash 5cb69c2a42c337eb0bf423ca997c750a 8eaeda6be130cd347b694efe401fc94bd00095f7 7be8aac204e35696f9b89fc70b00cac85fb4f6f0c744fa51cd07d8581726e1c5 HTTP Headers `GET /maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places HTTP/1.1 Host: maps.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK vary: Accept-Language, Origin, X-Origin, Referer content-type: text/javascript; charset=UTF-8 cache-control: public, max-age=1800, stale-while-revalidate=3600 cross-origin-resource-policy: cross-origin etag: f0998c13 timing-allow-origin: * content-encoding: gzip date: Sat, 26 Oct 2024 21:28:18 GMT server: scaffolding on HTTPServer2 content-length: 121351 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	104.19.212.89	302 Found	0 B
URL GET HTTP/3 secure.winred.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.19.212.89:443 ASN #13335 CLOUDFLARENET Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerCloudflare, Inc. Subjectsecure.winred.com FingerprintFF:90:12:D2:0A:57:DF:67:0A:A7:6D:39:C1:D1:05:97:5C:75:E9:E1 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1 Host: secure.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: __cf_bm=b6lZVFCBxBdK8lcqgf06YE.TtYdt2DWMgONsgtlgDUo-1729978095-1.0.1.1-dohDVDRLMq7pGUWpzCzr8uUYGHorZWsHUnUCKPB2mjvmUfo8rDuabDgELbt6YbaCkXkOIcsyjhIbehJPGe0hHQ; cf_clearance=fwgu4tkM3CYUh1zPvP2Qp7AVSUZSwUCEMVh1R3QPtvY-1729978095-1.2.1.1-hLMcWqZybSGFM92fSHC7MWkVtyMNXM0nZDOALBwWNjhu_ymt.FOYuk8_EVr6mGaZBubeYWFsSoaab4JCJIJdJNR2_dOxucCH7AxSCDC3hW4nme0Z0MJqSsnw.HQBVSSU4upeNUbKmG67MDjLIzWW8YXWPorlfHJ5fZED3VWzd3.6k_H.2VDfOywrQ1aReJRQ3o_5Pvi2jzqcWVuh8Z4V12Dkt53W.y9FKmj70mk_Nt6bUsM02PRBg4yONv6rnJw_YuPPRPDq7GqvhzlWB.wOVcUKnIuwFIb15QlyfTOTypcMTa.duSmsvkEZOZqPjfPTI9ovsC5mfuBi1QGy1SshWpdj1_0Z3OrdjSlQfgiUpPpcnAosXhhQQ2Q0B5rz1tCk; __production_revv_csrftoken=1729978097%7CNbo5L%2BdgAr%2B7hQgooS%2FewvO39YMGBOinrqBElKYZRTQ%3D%7C%2BYct8j4m85OG%2Fwq9gZuXaEhqJF5%2FZ1QGhwhNemODceM%3D; _revv_v3_session=bGJlZlBZdkNWekdHSUI4YzVsalpUSVY4UitmWG1Oa1RpVWp1R1piVFRLVmJDd01CQXVMVmpiYXcrVExReWVLa0ZicW9DZ0ErZGFlOXBiTkZGUkl5NE96OFArU0kwa283dTlmZjRZYk9FaUZMYTNpbnZSNHZNeCtJTkl5dTZXUnp3SVlkQ3YwdlNnRFJSL1JKZ0VMK2l3bFRGelVhSVVraWh3YXhibEM4alo1YkJ6YkwrQ0lrVVJLRTEwY2oxdWNQRmZmaENFMmJ3eTNHT0gwZTVocmkreGtnSnpvdDV6T2ovaHB4ZGRTUEhzZmJGSHhTbjZtSWx3cjdPdVc5NnNXbURuSnlIbzN3MlJ3OHlQVW94NVQ4eFdMV0pIOUhLSkNPbjBrdlV3N0R4TDA9LS1ucDRJNjNHS1pmd3FGQ2VsWjRHcEp3PT0%3D--40c71bc6b03a507bed8904ac8d53fec15a64caf5; origin_url=https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/3 302 Found date: Sat, 26 Oct 2024 21:28:18 GMT content-length: 0 location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/e1a56f38220d/main.js? cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public access-control-allow-origin: * vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff server: cloudflare cf-ray: 8d8d890ea8c056bf-OSL alt-svc: h3=":443"; ma=86400`

	js.stripe.com/v3/fingerprinted/css/ui-shared-57e28d4968898653fd9bd0ad9d7f138b.css	151.101.128.176	200 OK	3.2 kB
URL js.stripe.com/v3/fingerprinted/css/ui-shared-57e28d4968898653fd9bd0ad9d7f138b.css IP 151.101.128.176:0 ASN #54113 FASTLY Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type ASCII text, with very long lines (23553) Size 3.2 kB (3248 bytes) Hash f9b783f2e57f825dc7742ecf27119f84 b221ca2315836c5b6d4ab65b19bee904c898faac 6dd2b3bc419df37222b86a1d48d8781a4dd26283ec1700cc990269cc91242de4 HTTP Headers GET /v3/fingerprinted/css/ui-shared-57e28d4968898653fd9bd0ad9d7f138b.css HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 3248 last-modified: Fri, 11 Oct 2024 17:25:28 GMT etag: "f9b783f2e57f825dc7742ecf27119f84" cache-control: max-age=31536000 content-type: text/css; charset=utf-8 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:19 GMT via: 1.1 varnish age: 1025012 x-request-id: 478a2b9b-7846-41c4-b678-226d45796d05 x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 93582 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	js.stripe.com/v3/fingerprinted/css/elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css	151.101.128.176	200 OK	2.3 kB
URL GET HTTP/3 js.stripe.com/v3/fingerprinted/css/elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html#locale=en&wait=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&style[base][iconColor]=%23697A8B&style[base][color]=%23354B70&style[base][lineHeight]=24px&style[base][fontFamily]=%22Helvetica+Neue%22%2C+Helvetica%2C+sans-serif&style[base][fontSmoothing]=antialiased&style[base][fontSize]=15px&style[base][fontWeight]=600&style[base][::placeholder][color]=%23697A8B&style[invalid][color]=%23ff4d55&style[invalid][::placeholder][color]=%23ff4d55&style[invalid][iconColor]=%23ff4d55&rtl=false&componentName=card&keyMode=live&apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type ASCII text, with very long lines (14142), with no line terminators Size 2.3 kB (2260 bytes) Hash 87bf0041cf7ae5e77d770c423e25828a d298271c2a9a0e00e57a4d8f69cf8e2ac27430e4 eac1bb2890c6ae6d2cc8653765f594f1209eda9eb0036eef9fde51299e883a5b HTTP Headers GET /v3/fingerprinted/css/elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 2260 last-modified: Fri, 09 Feb 2024 18:11:43 GMT etag: "87bf0041cf7ae5e77d770c423e25828a" cache-control: max-age=31536000 content-type: text/css; charset=utf-8 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:19 GMT via: 1.1 varnish age: 2826257 x-request-id: 5b2b6470-250d-465e-90dd-53336ac3feb2 x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 71481 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	js.stripe.com/v3/fingerprinted/js/shared-89d92178faa14a839f9fd7700c29559f.js	151.101.128.176	200 OK	148 kB
URL GET HTTP/3 js.stripe.com/v3/fingerprinted/js/shared-89d92178faa14a839f9fd7700c29559f.js IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html#locale=en&wait=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&style[base][iconColor]=%23697A8B&style[base][color]=%23354B70&style[base][lineHeight]=24px&style[base][fontFamily]=%22Helvetica+Neue%22%2C+Helvetica%2C+sans-serif&style[base][fontSmoothing]=antialiased&style[base][fontSize]=15px&style[base][fontWeight]=600&style[base][::placeholder][color]=%23697A8B&style[invalid][color]=%23ff4d55&style[invalid][::placeholder][color]=%23ff4d55&style[invalid][iconColor]=%23ff4d55&rtl=false&componentName=card&keyMode=live&apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators Size 148 kB (147755 bytes) Hash c9dfd872e4364bde6046ff188932f503 b936767d68d80878f5fc6c961184e87a4293fd94 378a2e795fd4105138e2a06fa6314a26427f463cff60cc739ebee3e7d2bf251e HTTP Headers GET /v3/fingerprinted/js/shared-89d92178faa14a839f9fd7700c29559f.js HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 147755 last-modified: Fri, 25 Oct 2024 20:04:29 GMT etag: "c9dfd872e4364bde6046ff188932f503" cache-control: max-age=31536000 content-type: text/javascript; charset=utf-8 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:19 GMT via: 1.1 varnish age: 91116 x-request-id: fa193e91-1217-40fd-89b7-f15e8e515ee2 x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 16284 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c	142.250.74.168	200 OK	109 kB
URL www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c IP 142.250.74.168:0 ASN #15169 GOOGLE Certificate IssuerGoogle Trust Services Subject.google-analytics.com Fingerprint4E:4C:D9:C3:F2:89:66:5F:0F:4D:32:39:FA:F7:AC:3F:3E:19:DE:D8 ValidityMon, 07 Oct 2024 08:23:31 GMT - Mon, 30 Dec 2024 08:23:30 GMT File type JavaScript source, ASCII text, with very long lines (5945) Size 109 kB (108793 bytes) Hash 3f54c9744d51bf3ee5b30e579829d7c3 8cc89f957526cc1a734cf9e3c2c49a9082934a89 d4c60b61206eb1d9a985ac564e8eee15b93ad4b0219e3e360edb688181e27dae HTTP Headers `GET /gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sat, 26 Oct 2024 21:28:19 GMT expires: Sat, 26 Oct 2024 21:28:19 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} server: Google Tag Manager content-length: 108793 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.googletagmanager.com/gtag/js?id=G-XQC94J3YLE&l=dataLayer&cx=c	142.250.74.168	200 OK	108 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-XQC94J3YLE&l=dataLayer&cx=c IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerGoogle Trust Services Subject.google-analytics.com Fingerprint4E:4C:D9:C3:F2:89:66:5F:0F:4D:32:39:FA:F7:AC:3F:3E:19:DE:D8 ValidityMon, 07 Oct 2024 08:23:31 GMT - Mon, 30 Dec 2024 08:23:30 GMT File type JavaScript source, ASCII text, with very long lines (3969) Size 108 kB (107553 bytes) Hash 0f9d15f2fc7fe59e33ea1541904ef8bc 5330cae6e5d19040d012e328ab9778df02753898 b50cd966bd42d560d4d32ba9dc982f994e10b3b6d1e7cec5424f84e947e8f68d HTTP Headers `GET /gtag/js?id=G-XQC94J3YLE&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sat, 26 Oct 2024 21:28:19 GMT expires: Sat, 26 Oct 2024 21:28:19 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} server: Google Tag Manager content-length: 107553 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	js.stripe.com/v3/fingerprinted/js/controller-c8a294db8694d3aedac94fdfdbc35053.js	151.101.128.176	200 OK	201 kB
URL GET HTTP/3 js.stripe.com/v3/fingerprinted/js/controller-c8a294db8694d3aedac94fdfdbc35053.js IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html#apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&stripeJsId=a8121b6b-c76e-4658-bdce-3e301433711c&controllerCount=1&isCheckout=false&stripeJsLoadTime=1729978098403&manualBrowserDeprecationRollout=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 201 kB (200697 bytes) Hash eb307bb9baa2c9a1edc99e397a03260e 4b26f8420e1bfcdf003c44c51be04fa7fe5891e4 5c1f228e5e6369bf8a28b2050b7461461bcb89ac7d3b3dcff3fc11ea8e3a98b1 HTTP Headers GET /v3/fingerprinted/js/controller-c8a294db8694d3aedac94fdfdbc35053.js HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 200697 last-modified: Fri, 25 Oct 2024 20:04:26 GMT etag: "eb307bb9baa2c9a1edc99e397a03260e" cache-control: max-age=31536000 content-type: text/javascript; charset=utf-8 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:19 GMT via: 1.1 varnish age: 91116 x-request-id: b77a2967-9794-46e5-b8ad-c8deb03a9dea x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 13809 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	js.stripe.com/v3/fingerprinted/js/shared-89d92178faa14a839f9fd7700c29559f.js	151.101.128.176	200 OK	148 kB
URL GET HTTP/3 js.stripe.com/v3/fingerprinted/js/shared-89d92178faa14a839f9fd7700c29559f.js IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html#locale=en&wait=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&style[base][iconColor]=%23697A8B&style[base][color]=%23354B70&style[base][lineHeight]=24px&style[base][fontFamily]=%22Helvetica+Neue%22%2C+Helvetica%2C+sans-serif&style[base][fontSmoothing]=antialiased&style[base][fontSize]=15px&style[base][fontWeight]=600&style[base][::placeholder][color]=%23697A8B&style[invalid][color]=%23ff4d55&style[invalid][::placeholder][color]=%23ff4d55&style[invalid][iconColor]=%23ff4d55&rtl=false&componentName=card&keyMode=live&apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators Size 148 kB (147755 bytes) Hash c9dfd872e4364bde6046ff188932f503 b936767d68d80878f5fc6c961184e87a4293fd94 378a2e795fd4105138e2a06fa6314a26427f463cff60cc739ebee3e7d2bf251e HTTP Headers GET /v3/fingerprinted/js/shared-89d92178faa14a839f9fd7700c29559f.js HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 147755 last-modified: Fri, 25 Oct 2024 20:04:29 GMT etag: "c9dfd872e4364bde6046ff188932f503" cache-control: max-age=31536000 content-type: text/javascript; charset=utf-8 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:19 GMT via: 1.1 varnish age: 91116 x-request-id: 96b1d5ae-fc76-4542-92ce-0c4b935c0be0 x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 16283 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kb5es/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/	104.18.95.41	200 OK	124 kB
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kb5es/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ IP 104.18.95.41:0 ASN #13335 CLOUDFLARENET File type HTML document, ASCII text, with very long lines (22060) Size 124 kB (123912 bytes) Hash 51e7534286c453cc91e670b20b3bbcfb 225b6649c7b4e7488b7eae5fede89069e8799f9a 7266757f64d1a43e4117a441148bb4d9c56615f6db63c2508f8b8e282b9289f1 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kb5es/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:16 GMT content-type: text/html; charset=UTF-8 cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self' cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: cross-origin origin-agent-cluster: ?1 accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA referrer-policy: same-origin document-policy: js-profiling server: cloudflare cf-ray: 8d8d88fd288db511-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	js.stripe.com/v3/fingerprinted/js/elements-inner-card-3678c1b3145b2c17eec841b8c155a5be.js	151.101.128.176	200 OK	14 kB
URL GET HTTP/3 js.stripe.com/v3/fingerprinted/js/elements-inner-card-3678c1b3145b2c17eec841b8c155a5be.js IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html#locale=en&wait=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&style[base][iconColor]=%23697A8B&style[base][color]=%23354B70&style[base][lineHeight]=24px&style[base][fontFamily]=%22Helvetica+Neue%22%2C+Helvetica%2C+sans-serif&style[base][fontSmoothing]=antialiased&style[base][fontSize]=15px&style[base][fontWeight]=600&style[base][::placeholder][color]=%23697A8B&style[invalid][color]=%23ff4d55&style[invalid][::placeholder][color]=%23ff4d55&style[invalid][iconColor]=%23ff4d55&rtl=false&componentName=card&keyMode=live&apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (56398), with no line terminators Size 14 kB (14199 bytes) Hash fd0e50b04e34a20e3da7ddce21e40278 1d626e58f842c219c4832e603f92cae30eff2d6b e7435466ce63e6ef2ed25909bbaf1fc37274087185eac417f69573af9f9e40d3 HTTP Headers GET /v3/fingerprinted/js/elements-inner-card-3678c1b3145b2c17eec841b8c155a5be.js HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 14199 last-modified: Wed, 16 Oct 2024 20:06:27 GMT etag: "fd0e50b04e34a20e3da7ddce21e40278" cache-control: max-age=31536000 content-type: text/javascript; charset=utf-8 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:19 GMT via: 1.1 varnish age: 868028 x-request-id: d8858ab4-f27e-40e4-a7df-b9df1828f05c x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 44359 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	js.stripe.com/v3/.deploy_status_henson.json	151.101.128.176	200 OK	292 B
URL GET HTTP/3 js.stripe.com/v3/.deploy_status_henson.json IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html#locale=en&wait=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&style[base][iconColor]=%23697A8B&style[base][color]=%23354B70&style[base][lineHeight]=24px&style[base][fontFamily]=%22Helvetica+Neue%22%2C+Helvetica%2C+sans-serif&style[base][fontSmoothing]=antialiased&style[base][fontSize]=15px&style[base][fontWeight]=600&style[base][::placeholder][color]=%23697A8B&style[invalid][color]=%23ff4d55&style[invalid][::placeholder][color]=%23ff4d55&style[invalid][iconColor]=%23ff4d55&rtl=false&componentName=card&keyMode=live&apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type JSON text data Size 292 B (292 bytes) Hash c9597f4400d831d8f7ee145b04f1d235 ec93738629477065976231e092f633ee434eed21 d870c1b0696d595420f6bb307eaaf73823ee9e4a69aa92f330447f765e924259 HTTP Headers GET /v3/.deploy_status_henson.json HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html Content-Type: application/x-www-form-urlencoded DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 292 last-modified: Fri, 25 Oct 2024 20:40:25 GMT etag: "c9597f4400d831d8f7ee145b04f1d235" cache-control: max-age=60 content-type: application/json access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:19 GMT via: 1.1 varnish age: 62 x-request-id: 15cda9b4-4d4e-4c2d-87a9-cccbc5c54ddc x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 12 vary: Accept-Encoding strict-transport-security: max-age=31556926; includeSubDomains; preload timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	js.stripe.com/v3/.deploy_status_henson.json	151.101.128.176	200 OK	292 B
URL GET HTTP/3 js.stripe.com/v3/.deploy_status_henson.json IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html#locale=en&wait=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&style[base][iconColor]=%23697A8B&style[base][color]=%23354B70&style[base][lineHeight]=24px&style[base][fontFamily]=%22Helvetica+Neue%22%2C+Helvetica%2C+sans-serif&style[base][fontSmoothing]=antialiased&style[base][fontSize]=15px&style[base][fontWeight]=600&style[base][::placeholder][color]=%23697A8B&style[invalid][color]=%23ff4d55&style[invalid][::placeholder][color]=%23ff4d55&style[invalid][iconColor]=%23ff4d55&rtl=false&componentName=card&keyMode=live&apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type JSON text data Size 292 B (292 bytes) Hash c9597f4400d831d8f7ee145b04f1d235 ec93738629477065976231e092f633ee434eed21 d870c1b0696d595420f6bb307eaaf73823ee9e4a69aa92f330447f765e924259 HTTP Headers GET /v3/.deploy_status_henson.json HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html Content-Type: application/x-www-form-urlencoded DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 292 last-modified: Fri, 25 Oct 2024 20:40:25 GMT etag: "c9597f4400d831d8f7ee145b04f1d235" cache-control: max-age=60 content-type: application/json access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:19 GMT via: 1.1 varnish age: 1 x-request-id: 5a4a569a-6df5-4f4b-af11-821a33dcfc94 x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 1 vary: Accept-Encoding strict-transport-security: max-age=31556926; includeSubDomains; preload timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true	142.250.74.10	200 OK	23 B
URL GET HTTP/3 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true IP 142.250.74.10:443 ASN #15169 GOOGLE Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint74:3D:68:F7:64:93:DF:41:12:95:A6:69:57:38:7A:AF:75:38:44:2D ValidityMon, 07 Oct 2024 08:25:41 GMT - Mon, 30 Dec 2024 08:25:40 GMT File type JSON text data Size 23 B (23 bytes) Hash 8a80554c91d9fca8acb82f023de02f11 5f36b2ea290645ee34d943220a14b54ee5ea5be5 ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 HTTP Headers `GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1 Host: maps.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ Origin: https://secure.winred.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/json; charset=UTF-8 vary: Origin, X-Origin, Referer content-encoding: gzip date: Sat, 26 Oct 2024 21:28:19 GMT server: scaffolding on HTTPServer2 cache-control: private content-length: 23 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff access-control-allow-origin: https://secure.winred.com access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.google.com/ccm/collect?en=page_view&dr=secure.winred.com&dl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=359583988.1729978099&auid=265582602.1729978099&npa=1&gtm=45He4ao0v72410129za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&tft=1729978099084&tfd=1452&apve=1	142.250.74.100	200 OK	0 B
URL POST HTTP/2 www.google.com/ccm/collect?en=page_view&dr=secure.winred.com&dl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=359583988.1729978099&auid=265582602.1729978099&npa=1&gtm=45He4ao0v72410129za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&tft=1729978099084&tfd=1452&apve=1 IP 142.250.74.100:443 ASN #15169 GOOGLE Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerGoogle Trust Services Subjectwww.google.com Fingerprint89:16:76:18:E5:01:7F:81:3A:FF:98:1C:88:CE:42:2D:C1:01:6B:DF ValidityMon, 07 Oct 2024 08:26:36 GMT - Mon, 30 Dec 2024 08:26:35 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /ccm/collect?en=page_view&dr=secure.winred.com&dl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=359583988.1729978099&auid=265582602.1729978099&npa=1&gtm=45He4ao0v72410129za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&tft=1729978099084&tfd=1452&apve=1 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ Origin: https://secure.winred.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 200 OK vary: Origin, X-Origin, Referer date: Sat, 26 Oct 2024 21:28:20 GMT content-type: text/html server: scaffolding on HTTPServer2 content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff access-control-allow-origin: https://secure.winred.com access-control-expose-headers: vary,vary,vary,date,server,content-length alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	js.stripe.com/v3/fingerprinted/data/countryRanges-da252f255fed0fefce3e3b3c60707e3d.json	151.101.128.176	200 OK	37 kB
URL GET HTTP/3 js.stripe.com/v3/fingerprinted/data/countryRanges-da252f255fed0fefce3e3b3c60707e3d.json IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html#locale=en&wait=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&style[base][iconColor]=%23697A8B&style[base][color]=%23354B70&style[base][lineHeight]=24px&style[base][fontFamily]=%22Helvetica+Neue%22%2C+Helvetica%2C+sans-serif&style[base][fontSmoothing]=antialiased&style[base][fontSize]=15px&style[base][fontWeight]=600&style[base][::placeholder][color]=%23697A8B&style[invalid][color]=%23ff4d55&style[invalid][::placeholder][color]=%23ff4d55&style[invalid][iconColor]=%23ff4d55&rtl=false&componentName=card&keyMode=live&apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type JSON text data Size 37 kB (36914 bytes) Hash da252f255fed0fefce3e3b3c60707e3d d9b111a90fe7f50bcd09804739020105ca8adcc8 ee5e469011e6c67ace1b2dc9edeb4d67e7242ef23d0f171a4fa14ede59900c7c HTTP Headers GET /v3/fingerprinted/data/countryRanges-da252f255fed0fefce3e3b3c60707e3d.json HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html Content-Type: application/x-www-form-urlencoded DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 36914 last-modified: Tue, 17 Sep 2024 22:15:54 GMT etag: "da252f255fed0fefce3e3b3c60707e3d" cache-control: max-age=31536000 content-type: application/json strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:20 GMT via: 1.1 varnish age: 1024620 x-request-id: 7e575dc3-b6d6-4e9a-9c1e-9f8c0ce89769 x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 6237 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	secure.winred.com/cdn-cgi/rum?	104.19.212.89	204 No Content	0 B
URL POST HTTP/3 secure.winred.com/cdn-cgi/rum? IP 104.19.212.89:443 ASN #13335 CLOUDFLARENET Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerCloudflare, Inc. Subjectsecure.winred.com FingerprintFF:90:12:D2:0A:57:DF:67:0A:A7:6D:39:C1:D1:05:97:5C:75:E9:E1 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/rum? HTTP/1.1 Host: secure.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 content-type: application/json Content-Length: 1497 Origin: https://secure.winred.com DNT: 1 Connection: keep-alive Cookie: __cf_bm=b6lZVFCBxBdK8lcqgf06YE.TtYdt2DWMgONsgtlgDUo-1729978095-1.0.1.1-dohDVDRLMq7pGUWpzCzr8uUYGHorZWsHUnUCKPB2mjvmUfo8rDuabDgELbt6YbaCkXkOIcsyjhIbehJPGe0hHQ; cf_clearance=fwgu4tkM3CYUh1zPvP2Qp7AVSUZSwUCEMVh1R3QPtvY-1729978095-1.2.1.1-hLMcWqZybSGFM92fSHC7MWkVtyMNXM0nZDOALBwWNjhu_ymt.FOYuk8_EVr6mGaZBubeYWFsSoaab4JCJIJdJNR2_dOxucCH7AxSCDC3hW4nme0Z0MJqSsnw.HQBVSSU4upeNUbKmG67MDjLIzWW8YXWPorlfHJ5fZED3VWzd3.6k_H.2VDfOywrQ1aReJRQ3o_5Pvi2jzqcWVuh8Z4V12Dkt53W.y9FKmj70mk_Nt6bUsM02PRBg4yONv6rnJw_YuPPRPDq7GqvhzlWB.wOVcUKnIuwFIb15QlyfTOTypcMTa.duSmsvkEZOZqPjfPTI9ovsC5mfuBi1QGy1SshWpdj1_0Z3OrdjSlQfgiUpPpcnAosXhhQQ2Q0B5rz1tCk; __production_revv_csrftoken=1729978097%7CNbo5L%2BdgAr%2B7hQgooS%2FewvO39YMGBOinrqBElKYZRTQ%3D%7C%2BYct8j4m85OG%2Fwq9gZuXaEhqJF5%2FZ1QGhwhNemODceM%3D; _revv_v3_session=bGJlZlBZdkNWekdHSUI4YzVsalpUSVY4UitmWG1Oa1RpVWp1R1piVFRLVmJDd01CQXVMVmpiYXcrVExReWVLa0ZicW9DZ0ErZGFlOXBiTkZGUkl5NE96OFArU0kwa283dTlmZjRZYk9FaUZMYTNpbnZSNHZNeCtJTkl5dTZXUnp3SVlkQ3YwdlNnRFJSL1JKZ0VMK2l3bFRGelVhSVVraWh3YXhibEM4alo1YkJ6YkwrQ0lrVVJLRTEwY2oxdWNQRmZmaENFMmJ3eTNHT0gwZTVocmkreGtnSnpvdDV6T2ovaHB4ZGRTUEhzZmJGSHhTbjZtSWx3cjdPdVc5NnNXbURuSnlIbzN3MlJ3OHlQVW94NVQ4eFdMV0pIOUhLSkNPbjBrdlV3N0R4TDA9LS1ucDRJNjNHS1pmd3FGQ2VsWjRHcEp3PT0%3D--40c71bc6b03a507bed8904ac8d53fec15a64caf5; origin_url=https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517; _gcl_au=1.1.265582602.1729978099; __cf_bm=xCP3KRwqKVW2Et0nTSuhLBtHrhIrLeQa.axLxw3VNcw-1729978099-1.0.1.1-2nVoalPKEoLMNacj6OoJfemCVQPU_Ql2W1Ajak0GxB0bQ5htBMzBtzhoJ5lHW5bDckkCoLI32Gf3O1vb0.AtpQ; _ga_X6H0114PDF=GS1.1.1729978099.1.0.1729978100.0.0.1394097767; _ga=GA1.1.852715641.1729978100; _ga_XQC94J3YLE=GS1.1.1729978099.1.0.1729978099.0.0.0 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/3 204 No Content date: Sat, 26 Oct 2024 21:28:20 GMT access-control-allow-origin: https://secure.winred.com access-control-allow-methods: POST,OPTIONS access-control-max-age: 86400 vary: Origin access-control-allow-credentials: true server: cloudflare cf-ray: 8d8d8915fbb156bf-OSL x-frame-options: DENY x-content-type-options: nosniff`

	js.stripe.com/v3/.deploy_status_henson.json	151.101.128.176	200 OK	292 B
URL GET HTTP/3 js.stripe.com/v3/.deploy_status_henson.json IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html#locale=en&wait=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&style[base][iconColor]=%23697A8B&style[base][color]=%23354B70&style[base][lineHeight]=24px&style[base][fontFamily]=%22Helvetica+Neue%22%2C+Helvetica%2C+sans-serif&style[base][fontSmoothing]=antialiased&style[base][fontSize]=15px&style[base][fontWeight]=600&style[base][::placeholder][color]=%23697A8B&style[invalid][color]=%23ff4d55&style[invalid][::placeholder][color]=%23ff4d55&style[invalid][iconColor]=%23ff4d55&rtl=false&componentName=card&keyMode=live&apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type JSON text data Size 292 B (292 bytes) Hash c9597f4400d831d8f7ee145b04f1d235 ec93738629477065976231e092f633ee434eed21 d870c1b0696d595420f6bb307eaaf73823ee9e4a69aa92f330447f765e924259 HTTP Headers GET /v3/.deploy_status_henson.json HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html Content-Type: application/x-www-form-urlencoded DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 292 last-modified: Fri, 25 Oct 2024 20:40:25 GMT etag: "c9597f4400d831d8f7ee145b04f1d235" cache-control: max-age=60 content-type: application/json access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:20 GMT via: 1.1 varnish age: 1 x-request-id: 4e2f5dcd-d955-4e9a-bbce-67fcb17592fe x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 2 vary: Accept-Encoding strict-transport-security: max-age=31556926; includeSubDomains; preload timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	js.stripe.com/v3/.deploy_status_henson.json	151.101.128.176	200 OK	292 B
URL GET HTTP/3 js.stripe.com/v3/.deploy_status_henson.json IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html#locale=en&wait=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&style[base][iconColor]=%23697A8B&style[base][color]=%23354B70&style[base][lineHeight]=24px&style[base][fontFamily]=%22Helvetica+Neue%22%2C+Helvetica%2C+sans-serif&style[base][fontSmoothing]=antialiased&style[base][fontSize]=15px&style[base][fontWeight]=600&style[base][::placeholder][color]=%23697A8B&style[invalid][color]=%23ff4d55&style[invalid][::placeholder][color]=%23ff4d55&style[invalid][iconColor]=%23ff4d55&rtl=false&componentName=card&keyMode=live&apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type JSON text data Size 292 B (292 bytes) Hash c9597f4400d831d8f7ee145b04f1d235 ec93738629477065976231e092f633ee434eed21 d870c1b0696d595420f6bb307eaaf73823ee9e4a69aa92f330447f765e924259 HTTP Headers GET /v3/.deploy_status_henson.json HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html Content-Type: application/x-www-form-urlencoded DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 292 last-modified: Fri, 25 Oct 2024 20:40:25 GMT etag: "c9597f4400d831d8f7ee145b04f1d235" cache-control: max-age=60 content-type: application/json access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:20 GMT via: 1.1 varnish age: 1 x-request-id: 27d86c1b-527f-491d-9f11-50dece14cc3e x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 3 vary: Accept-Encoding strict-transport-security: max-age=31556926; includeSubDomains; preload timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je4ao0v867905447z872410129za200zb72410129&_p=1729978098041&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=852715641.1729978100&ecid=1394097767&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&frm=0&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.tft=1729978098041&sst.ude=0&_s=1&sid=1729978099&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&dr=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&dt=Early%20Vote%20Action&en=page_view&_fv=1&_nsi=1&_ss=1&ep.pagepath=%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024&epn.load_time_sec=-1729978097.6&epn.event_fire_time=1729978099027&ep.event_uuid=738ec1f0-e9f5-4616-aad8-ec885e9e81f3&ep.isVideoPage=f&ep.referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&tfd=1940&richsstsse	104.16.229.52	403 Forbidden	3.0 kB
URL GET HTTP/2 gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je4ao0v867905447z872410129za200zb72410129&_p=1729978098041&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=852715641.1729978100&ecid=1394097767&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&frm=0&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.tft=1729978098041&sst.ude=0&_s=1&sid=1729978099&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&dr=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&dt=Early%20Vote%20Action&en=page_view&_fv=1&_nsi=1&_ss=1&ep.pagepath=%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024&epn.load_time_sec=-1729978097.6&epn.event_fire_time=1729978099027&ep.event_uuid=738ec1f0-e9f5-4616-aad8-ec885e9e81f3&ep.isVideoPage=f&ep.referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&tfd=1940&richsstsse IP 104.16.229.52:443 ASN #13335 CLOUDFLARENET Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerGoogle Trust Services Subjectwinred.com FingerprintEA:31:83:1F:08:96:E5:29:67:8F:95:7B:B7:30:79:D3:65:41:E4:73 ValiditySat, 28 Sep 2024 05:50:45 GMT - Fri, 27 Dec 2024 05:50:44 GMT File type JSON text data Size 3.0 kB (3024 bytes) Hash 9159cf5240108c5aee5bd441b5354040 f5e2d2f35b0c33ea29e41993bb3b5a45017c32b4 37204e7f2c97e1007c0343a85acb50beed0e053957f29dbcad7a25fd1fa968ef HTTP Headers GET /g/collect?v=2&tid=G-X6H0114PDF&gtm=45je4ao0v867905447z872410129za200zb72410129&_p=1729978098041&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=852715641.1729978100&ecid=1394097767&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&frm=0&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.tft=1729978098041&sst.ude=0&_s=1&sid=1729978099&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&dr=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&dt=Early%20Vote%20Action&en=page_view&_fv=1&_nsi=1&_ss=1&ep.pagepath=%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024&epn.load_time_sec=-1729978097.6&epn.event_fire_time=1729978099027&ep.event_uuid=738ec1f0-e9f5-4616-aad8-ec885e9e81f3&ep.isVideoPage=f&ep.referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&tfd=1940&richsstsse HTTP/1.1 Host: gtm.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ Origin: https://secure.winred.com DNT: 1 Connection: keep-alive Cookie: _revv_v3_session=bGJlZlBZdkNWekdHSUI4YzVsalpUSVY4UitmWG1Oa1RpVWp1R1piVFRLVmJDd01CQXVMVmpiYXcrVExReWVLa0ZicW9DZ0ErZGFlOXBiTkZGUkl5NE96OFArU0kwa283dTlmZjRZYk9FaUZMYTNpbnZSNHZNeCtJTkl5dTZXUnp3SVlkQ3YwdlNnRFJSL1JKZ0VMK2l3bFRGelVhSVVraWh3YXhibEM4alo1YkJ6YkwrQ0lrVVJLRTEwY2oxdWNQRmZmaENFMmJ3eTNHT0gwZTVocmkreGtnSnpvdDV6T2ovaHB4ZGRTUEhzZmJGSHhTbjZtSWx3cjdPdVc5NnNXbURuSnlIbzN3MlJ3OHlQVW94NVQ4eFdMV0pIOUhLSkNPbjBrdlV3N0R4TDA9LS1ucDRJNjNHS1pmd3FGQ2VsWjRHcEp3PT0%3D--40c71bc6b03a507bed8904ac8d53fec15a64caf5; _gcl_au=1.1.265582602.1729978099; __cf_bm=xCP3KRwqKVW2Et0nTSuhLBtHrhIrLeQa.axLxw3VNcw-1729978099-1.0.1.1-2nVoalPKEoLMNacj6OoJfemCVQPU_Ql2W1Ajak0GxB0bQ5htBMzBtzhoJ5lHW5bDckkCoLI32Gf3O1vb0.AtpQ; _ga_X6H0114PDF=GS1.1.1729978099.1.0.1729978099.0.0.1394097767; _ga=GA1.1.852715641.1729978100; _ga_XQC94J3YLE=GS1.1.1729978099.1.0.1729978099.0.0.0 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/2 403 Forbidden date: Sat, 26 Oct 2024 21:28:19 GMT content-type: text/html; charset=UTF-8 accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy: same-origin x-content-options: nosniff x-frame-options: SAMEORIGIN cf-mitigated: challenge cf-chl-out: JLZWYQnxE2PuY2Wo0H79+eyWL96VGsMjFnjAlhepntqQj3TT5zdrF6Fmd3+jxXNWpKJzcomneazcZkpOlbsyeXyHbY+I2h4A2r+XiPj/hFjpsNRqCTZjKzhUiaQnANssLNU3prHWbxt8ehyKyartZA==$x9esMpN5ACZyBx+plk0VbQ== cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires: Thu, 01 Jan 1970 00:00:01 GMT vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff server: cloudflare cf-ray: 8d8d8914eee70b49-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	js.stripe.com/v3/hcaptcha-invisible-1c9f48dc4b3b032d0e71a60ef1d512ed.html	151.101.128.176	200 OK	24 kB
URL js.stripe.com/v3/hcaptcha-invisible-1c9f48dc4b3b032d0e71a60ef1d512ed.html IP 151.101.128.176:0 ASN #54113 FASTLY Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (65439) Size 24 kB (23875 bytes) Hash 6e7da96a3d8a76b25a219614ea7c9bdd 78193d0f34b959723c77742c6d2e76238a7b2e22 ddbbd6bdac1d0da8ebfdd182af8efd87059084c9e41f7ac567484767a7afbc9b HTTP Headers GET /v3/hcaptcha-invisible-1c9f48dc4b3b032d0e71a60ef1d512ed.html HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 23875 last-modified: Fri, 25 Oct 2024 20:04:30 GMT etag: "6e7da96a3d8a76b25a219614ea7c9bdd" cache-control: max-age=31536000 content-type: text/html; charset=utf-8 content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-JvG3zQYgqbTdVEKRftDpujtPU85Cv43+5YQGZtaJQU0='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report origin-agent-cluster: ?1 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:20 GMT via: 1.1 varnish age: 91093 x-request-id: d7aca003-d14f-43cb-ace6-a7bb8dda9d76 x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 4180 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	app.winred.com/api/v3/users/current_with_info?organization_token=rv_org_6KNvU36Z2qWJ2gfUBWqGZGoc&redirect=https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517	104.19.211.89	403 Forbidden	10 kB
URL app.winred.com/api/v3/users/current_with_info?organization_token=rv_org_6KNvU36Z2qWJ2gfUBWqGZGoc&redirect=https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 IP 104.19.211.89:0 ASN #13335 CLOUDFLARENET File type HTML document, ASCII text, with very long lines (9899), with no line terminators Size 10 kB (9998 bytes) Hash c775e6cc25612c0c873383b1a393ce64 8dc9f730370e7b40187e35816ad36c24987b29a3 c8d861dff166d44fbd4a445f23210d9fa871e793584c9f6e4bcddb387182274d HTTP Headers GET /api/v3/users/current_with_info?organization_token=rv_org_6KNvU36Z2qWJ2gfUBWqGZGoc&redirect=https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 HTTP/1.1 Host: app.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ Origin: https://secure.winred.com DNT: 1 Connection: keep-alive Cookie: _revv_v3_session=bGJlZlBZdkNWekdHSUI4YzVsalpUSVY4UitmWG1Oa1RpVWp1R1piVFRLVmJDd01CQXVMVmpiYXcrVExReWVLa0ZicW9DZ0ErZGFlOXBiTkZGUkl5NE96OFArU0kwa283dTlmZjRZYk9FaUZMYTNpbnZSNHZNeCtJTkl5dTZXUnp3SVlkQ3YwdlNnRFJSL1JKZ0VMK2l3bFRGelVhSVVraWh3YXhibEM4alo1YkJ6YkwrQ0lrVVJLRTEwY2oxdWNQRmZmaENFMmJ3eTNHT0gwZTVocmkreGtnSnpvdDV6T2ovaHB4ZGRTUEhzZmJGSHhTbjZtSWx3cjdPdVc5NnNXbURuSnlIbzN3MlJ3OHlQVW94NVQ4eFdMV0pIOUhLSkNPbjBrdlV3N0R4TDA9LS1ucDRJNjNHS1pmd3FGQ2VsWjRHcEp3PT0%3D--40c71bc6b03a507bed8904ac8d53fec15a64caf5 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/2 403 Forbidden date: Sat, 26 Oct 2024 21:28:19 GMT content-type: text/html; charset=UTF-8 accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy: same-origin x-content-options: nosniff x-frame-options: SAMEORIGIN cf-mitigated: challenge cf-chl-out: sZdjxQ3X++DhN2Gcw0DVU8S6r1pOqImCRKQ2Ywt5xnd/yWmgRtfMUSkZED6UIsGsh+nPhWJtM++aHdfdvXjb0EWUn5Ymoz6BxyS3geAuC4NPM9TxclZBgMmBbYxyNThUKZdjVxxQjNymlv01YUbymQ==$hvXvNvyA1Ix+y0XebkOO1g== cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires: Thu, 01 Jan 1970 00:00:01 GMT set-cookie: __cf_bm=xCP3KRwqKVW2Et0nTSuhLBtHrhIrLeQa.axLxw3VNcw-1729978099-1.0.1.1-2nVoalPKEoLMNacj6OoJfemCVQPU_Ql2W1Ajak0GxB0bQ5htBMzBtzhoJ5lHW5bDckkCoLI32Gf3O1vb0.AtpQ; path=/; expires=Sat, 26-Oct-24 21:58:19 GMT; domain=.winred.com; HttpOnly; Secure; SameSite=None vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff server: cloudflare cf-ray: 8d8d89102b1256c7-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	b.stripecdn.com/stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.html?id=bd2b9dcd-1e41-452c-9c2e-35c638de5bfa&origin=https%3A%2F%2Fjs.stripe.com	151.101.128.176	200 OK	240 B
URL GET HTTP/3 b.stripecdn.com/stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.html?id=bd2b9dcd-1e41-452c-9c2e-35c638de5bfa&origin=https%3A%2F%2Fjs.stripe.com IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://js.stripe.com/v3/hcaptcha-invisible-1c9f48dc4b3b032d0e71a60ef1d512ed.html#debugMode=false&parentOrigin=https%3A%2F%2Fsecure.winred.com Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type HTML document, ASCII text, with very long lines (419), with no line terminators Size 240 B (240 bytes) Hash 691e002864ab42977379d23610ab9698 54d4d8a7ffd6b62cdf0bab62bd9d74a741d987ef 80a7527d9490e5f0bac589fc472487b8d4895c3e0c32ad311fc816fac5155a91 HTTP Headers GET /stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.html?id=bd2b9dcd-1e41-452c-9c2e-35c638de5bfa&origin=https%3A%2F%2Fjs.stripe.com HTTP/1.1 Host: b.stripecdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 240 cache-control: max-age=60, stale-while-revalidate=900 content-type: text/html; charset=utf-8 content-security-policy: base-uri 'self'; connect-src 'self' https://hcaptcha.com https://.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://.hcaptcha.com; img-src 'self'; object-src 'none'; script-src 'self' https://hcaptcha.com https://.hcaptcha.com; style-src 'self' https://hcaptcha.com https://.hcaptcha.com; worker-src 'none'; report-uri https://q.stripe.com/csp-report strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:20 GMT via: 1.1 varnish age: 19 x-request-id: e271577d-ef77-455e-a491-b27e5647238d x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 3 vary: Accept-Encoding, Origin location: https://checkout.stripe.com/stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.html?id=bd2b9dcd-1e41-452c-9c2e-35c638de5bfa&origin=https%3A%2F%2Fjs.stripe.com timing-allow-origin: *

	r.stripe.com/b	54.187.159.182	200 OK	0 B
URL POST HTTP/2 r.stripe.com/b IP 54.187.159.182:443 ASN #16509 AMAZON-02 Requested by https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html#apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&stripeJsId=a8121b6b-c76e-4658-bdce-3e301433711c&controllerCount=1&isCheckout=false&stripeJsLoadTime=1729978098403&manualBrowserDeprecationRollout=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subject.stripe.com Fingerprint3D:F1:F9:E9:33:39:7C:76:C5:04:3B:5B:12:64:E9:99:6E:F7:39:EF ValidityFri, 20 Sep 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /b HTTP/1.1 Host: r.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 5993 Origin: https://js.stripe.com DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` HTTP/2 200 OK server: nginx date: Sat, 26 Oct 2024 21:28:20 GMT content-length: 0 access-control-allow-origin: https://js.stripe.com access-control-allow-credentials: true access-control-allow-methods: POST x-stripe-inbound-proxy-type: mesh-proxy x-stripe-proxy-response: upstream x-stripe-server-envoy-upstream-service-time-ms: 3 x-stripe-server-envoy-start-time-us: 1729978100761494 x-envoy-attempt-count: 1 x-stripe-bg-intended-route-color: green x-stripe-outbound-proxy-type: envoy x-stripe-client-envoy-start-time-us: 1729978100761313 x-stripe-upstream-host: 10.76.191.78:1643 content-type: text/plain X-Firefox-Spdy: h2

	r.stripe.com/b	54.187.159.182	200 OK	0 B
URL POST HTTP/2 r.stripe.com/b IP 54.187.159.182:443 ASN #16509 AMAZON-02 Requested by https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html#apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&stripeJsId=a8121b6b-c76e-4658-bdce-3e301433711c&controllerCount=1&isCheckout=false&stripeJsLoadTime=1729978098403&manualBrowserDeprecationRollout=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subject.stripe.com Fingerprint3D:F1:F9:E9:33:39:7C:76:C5:04:3B:5B:12:64:E9:99:6E:F7:39:EF ValidityFri, 20 Sep 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /b HTTP/1.1 Host: r.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 7068 Origin: https://js.stripe.com DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` HTTP/2 200 OK server: nginx date: Sat, 26 Oct 2024 21:28:20 GMT content-length: 0 access-control-allow-origin: https://js.stripe.com access-control-allow-credentials: true access-control-allow-methods: POST x-stripe-inbound-proxy-type: mesh-proxy x-stripe-proxy-response: upstream x-stripe-server-envoy-upstream-service-time-ms: 3 x-stripe-server-envoy-start-time-us: 1729978100785300 x-envoy-attempt-count: 1 x-stripe-bg-intended-route-color: green x-stripe-outbound-proxy-type: envoy x-stripe-client-envoy-start-time-us: 1729978100785096 x-stripe-upstream-host: 10.76.185.18:1643 content-type: text/plain X-Firefox-Spdy: h2

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1679921536:1729977191:xOuieMxYQtslxVDvvcuvep41ziwwNaexQJpYIvjqs5g/8d8d88fd288db511/GHfraRKAhw8nUtnvPSGy1drgXLA0aur_P0_D3AhUG34-1729978096-1.1.1.1-Km0ZS1BbD7khdlmtcySVBERzpcyEZ0Y9WySF9jTGvLqs0cu3npYaS27_IXGFDbtm	104.18.95.41	200 OK	90 kB
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1679921536:1729977191:xOuieMxYQtslxVDvvcuvep41ziwwNaexQJpYIvjqs5g/8d8d88fd288db511/GHfraRKAhw8nUtnvPSGy1drgXLA0aur_P0_D3AhUG34-1729978096-1.1.1.1-Km0ZS1BbD7khdlmtcySVBERzpcyEZ0Y9WySF9jTGvLqs0cu3npYaS27_IXGFDbtm IP 104.18.95.41:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (65536), with no line terminators Size 90 kB (89592 bytes) Hash 35664dbf9f93abd35a2d7698fc14cd08 455cdc5a4bdadcfb010bd6e95da5520815c63111 1e58d03dd0228fc48a48c1676bab966db03547b4cb588ba9e4017cb08c3f1cb6 HTTP Headers POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1679921536:1729977191:xOuieMxYQtslxVDvvcuvep41ziwwNaexQJpYIvjqs5g/8d8d88fd288db511/GHfraRKAhw8nUtnvPSGy1drgXLA0aur_P0_D3AhUG34-1729978096-1.1.1.1-Km0ZS1BbD7khdlmtcySVBERzpcyEZ0Y9WySF9jTGvLqs0cu3npYaS27_IXGFDbtm HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kb5es/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Content-type: application/x-www-form-urlencoded CF-Challenge: GHfraRKAhw8nUtnvPSGy1drgXLA0aur_P0_D3AhUG34-1729978096-1.1.1.1-Km0ZS1BbD7khdlmtcySVBERzpcyEZ0Y9WySF9jTGvLqs0cu3npYaS27_IXGFDbtm Content-Length: 3659 Origin: https://challenges.cloudflare.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:16 GMT content-type: text/plain; charset=UTF-8 cf-chl-gen: FgCWXryylL+dlyM5ca6EP5EzTvLLzhEc2HEsCQUUI71EGYF2FaUmJ+qApt5tXKs4Eexu2LcsptlSW436qeBCg5PBh0ShNJF89/J4NpznXp/d/36voNwyqu1NWawS1rKeHiZ7z9G/NtgKfb2HUZLrWMwWXJ5efRglD6g27xjqDHhKUjBdUFElfrnJrRCxqtXDYZiq0tbw3yTOOFWJGBINR9vv9Zl4fEUH9BEkpwFZLbv8Xhju9+Aj7Miscvo/L839wWmirmsmt1GdPW8zEKZI7XxcZiknoxyNTHwgoiwOUu7t66/6Wuep2AbtWPYjBpkGsGTMX1o07x7/qUa5TLYftW8cctFdPZ5qWtKDPfxIxbYwGK3LH5rS5v0t56h3IVxKsqIXTwjOxThisGTtWJCvHNJPXMcc4OsL1dShP3aqhkj+tMdTxBoAFBiUl4fb2vVcqqwC/dIQXCW1kBCfR62Pou3kLjthFMO7KfyaUsWIt1Seyg==$FfBbk1LDZjMvxITL server: cloudflare cf-ray: 8d8d88ffec42b511-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	b.stripecdn.com/stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.a21e5ec2371cbd59b63d.bundle.js	151.101.128.176	200 OK	6.8 kB
URL GET HTTP/3 b.stripecdn.com/stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.a21e5ec2371cbd59b63d.bundle.js IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://b.stripecdn.com/stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.html?id=bd2b9dcd-1e41-452c-9c2e-35c638de5bfa&origin=https%3A%2F%2Fjs.stripe.com Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (18214) Size 6.8 kB (6771 bytes) Hash 599d61be04e1b005db71eaa98a19581e 52d94ee82ac4303590c820bb8ce425db95b2d3b5 a90a2ff957f827e683d6ea72005bee1d4068b80a6adf6661f2406edbcad607c7 HTTP Headers GET /stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.a21e5ec2371cbd59b63d.bundle.js HTTP/1.1 Host: b.stripecdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.html?id=bd2b9dcd-1e41-452c-9c2e-35c638de5bfa&origin=https%3A%2F%2Fjs.stripe.com Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 6771 cache-control: max-age=31536000, public content-type: text/javascript; charset=utf-8 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:20 GMT via: 1.1 varnish age: 697297 x-request-id: da75aea9-565f-493e-b23d-a18730a982c1 x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 30170 vary: Accept-Encoding, Origin location: https://checkout.stripe.com/stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.a21e5ec2371cbd59b63d.bundle.js timing-allow-origin: *

	r.stripe.com/b	54.187.159.182	200 OK	0 B
URL POST HTTP/2 r.stripe.com/b IP 54.187.159.182:443 ASN #16509 AMAZON-02 Requested by https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html#apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&stripeJsId=a8121b6b-c76e-4658-bdce-3e301433711c&controllerCount=1&isCheckout=false&stripeJsLoadTime=1729978098403&manualBrowserDeprecationRollout=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subject.stripe.com Fingerprint3D:F1:F9:E9:33:39:7C:76:C5:04:3B:5B:12:64:E9:99:6E:F7:39:EF ValidityFri, 20 Sep 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /b HTTP/1.1 Host: r.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 1879 Origin: https://js.stripe.com DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK server: nginx date: Sat, 26 Oct 2024 21:28:21 GMT content-length: 0 access-control-allow-origin: https://js.stripe.com access-control-allow-credentials: true access-control-allow-methods: POST x-stripe-inbound-proxy-type: mesh-proxy x-stripe-proxy-response: upstream x-stripe-server-envoy-upstream-service-time-ms: 2 x-stripe-server-envoy-start-time-us: 1729978101062256 x-envoy-attempt-count: 1 x-stripe-bg-intended-route-color: green x-stripe-outbound-proxy-type: envoy x-stripe-client-envoy-start-time-us: 1729978101062109 x-stripe-upstream-host: 10.73.206.5:1643 content-type: text/plain X-Firefox-Spdy: h2

	secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d8d88f9c84156bf	104.19.212.89	200 OK	56 kB
URL secure.winred.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d8d88f9c84156bf IP 104.19.212.89:0 ASN #13335 CLOUDFLARENET Certificate IssuerCloudflare, Inc. Subjectsecure.winred.com FingerprintFF:90:12:D2:0A:57:DF:67:0A:A7:6D:39:C1:D1:05:97:5C:75:E9:E1 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 56 kB (55823 bytes) Hash 98d4ebafbb87f993a3b6a48be699f293 25e11e6564b20dd35783fb6c60450f9f379793d6 d37b87745e9c42f1251be03d9740193a47ddbf8387fe2d8eab0e833f9297d6e2 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d8d88f9c84156bf HTTP/1.1 Host: secure.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&__cf_chl_rt_tk=S8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8 DNT: 1 Connection: keep-alive Cookie: __cf_bm=b6lZVFCBxBdK8lcqgf06YE.TtYdt2DWMgONsgtlgDUo-1729978095-1.0.1.1-dohDVDRLMq7pGUWpzCzr8uUYGHorZWsHUnUCKPB2mjvmUfo8rDuabDgELbt6YbaCkXkOIcsyjhIbehJPGe0hHQ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:15 GMT content-type: application/javascript; charset=UTF-8 cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff server: cloudflare cf-ray: 8d8d88fab98656bf-OSL content-encoding: br alt-svc: h3=":443"; ma=86400`

	r.stripe.com/b	54.187.159.182	200 OK	0 B
URL POST HTTP/2 r.stripe.com/b IP 54.187.159.182:443 ASN #16509 AMAZON-02 Requested by https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html#apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&stripeJsId=a8121b6b-c76e-4658-bdce-3e301433711c&controllerCount=1&isCheckout=false&stripeJsLoadTime=1729978098403&manualBrowserDeprecationRollout=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subject.stripe.com Fingerprint3D:F1:F9:E9:33:39:7C:76:C5:04:3B:5B:12:64:E9:99:6E:F7:39:EF ValidityFri, 20 Sep 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /b HTTP/1.1 Host: r.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 2530 Origin: https://js.stripe.com DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK server: nginx date: Sat, 26 Oct 2024 21:28:21 GMT content-length: 0 access-control-allow-origin: https://js.stripe.com access-control-allow-credentials: true access-control-allow-methods: POST x-stripe-inbound-proxy-type: mesh-proxy x-stripe-proxy-response: upstream x-stripe-server-envoy-upstream-service-time-ms: 2 x-stripe-server-envoy-start-time-us: 1729978101313787 x-envoy-attempt-count: 1 x-stripe-bg-intended-route-color: green x-stripe-outbound-proxy-type: envoy x-stripe-client-envoy-start-time-us: 1729978101313607 x-stripe-upstream-host: 10.76.191.78:1643 content-type: text/plain X-Firefox-Spdy: h2

	r.stripe.com/b	54.187.159.182	200 OK	0 B
URL POST HTTP/2 r.stripe.com/b IP 54.187.159.182:443 ASN #16509 AMAZON-02 Requested by https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html#apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&stripeJsId=a8121b6b-c76e-4658-bdce-3e301433711c&controllerCount=1&isCheckout=false&stripeJsLoadTime=1729978098403&manualBrowserDeprecationRollout=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subject.stripe.com Fingerprint3D:F1:F9:E9:33:39:7C:76:C5:04:3B:5B:12:64:E9:99:6E:F7:39:EF ValidityFri, 20 Sep 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /b HTTP/1.1 Host: r.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 768 Origin: https://js.stripe.com DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK server: nginx date: Sat, 26 Oct 2024 21:28:21 GMT content-length: 0 access-control-allow-origin: https://js.stripe.com access-control-allow-credentials: true access-control-allow-methods: POST x-stripe-inbound-proxy-type: mesh-proxy x-stripe-proxy-response: upstream x-stripe-server-envoy-upstream-service-time-ms: 2 x-stripe-server-envoy-start-time-us: 1729978101314473 x-envoy-attempt-count: 1 x-stripe-bg-intended-route-color: green x-stripe-outbound-proxy-type: envoy x-stripe-client-envoy-start-time-us: 1729978101314277 x-stripe-upstream-host: 10.76.191.122:1643 content-type: text/plain X-Firefox-Spdy: h2

	api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294	104.19.229.21	200 OK	0 B
URL POST HTTP/3 api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294 IP 104.19.229.21:443 ASN #13335 CLOUDFLARENET Requested by https://newassets.hcaptcha.com/captcha/v1/8352e07/static/hcaptcha.html#frame=challenge&id=06rdjcqiyj0s&host=b.stripecdn.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&size=invisible&theme=light&origin=https%3A%2F%2Fb.stripecdn.com Certificate IssuerGoogle Trust Services Subjecthcaptcha.com Fingerprint88:FF:9C:DC:27:99:24:BE:11:6A:8A:2A:CD:49:CD:45:93:8C:4E:AD ValiditySat, 07 Sep 2024 22:14:18 GMT - Fri, 06 Dec 2024 22:14:17 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /getcaptcha/463b917e-e264-403f-ad34-34af0ee10294 HTTP/1.1 Host: api.hcaptcha.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://newassets.hcaptcha.com/ Origin: https://newassets.hcaptcha.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:22 GMT content-length: 0 access-control-allow-origin: https://newassets.hcaptcha.com vary: Origin, Accept-Encoding access-control-allow-credentials: true access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent access-control-allow-methods: GET, HEAD, POST, OPTIONS strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 8d8d89259bfcb51e-OSL alt-svc: h3=":443"; ma=86400

	api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294	104.19.229.21	200 OK	4.1 kB
URL POST HTTP/3 api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294 IP 104.19.229.21:443 ASN #13335 CLOUDFLARENET Requested by https://newassets.hcaptcha.com/captcha/v1/8352e07/static/hcaptcha.html#frame=challenge&id=06rdjcqiyj0s&host=b.stripecdn.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&size=invisible&theme=light&origin=https%3A%2F%2Fb.stripecdn.com Certificate IssuerGoogle Trust Services Subjecthcaptcha.com Fingerprint88:FF:9C:DC:27:99:24:BE:11:6A:8A:2A:CD:49:CD:45:93:8C:4E:AD ValiditySat, 07 Sep 2024 22:14:18 GMT - Fri, 06 Dec 2024 22:14:17 GMT File type data Size 4.1 kB (4120 bytes) Hash 8f10968eb9a8987089e08c9aabf64907 cd0bd9dc78451a2d96167f6ef784f14a41ade64d 31db24d8ca85810e8faca587575c17c1c71475d683d127405f1aa8f51c873edb HTTP Headers POST /getcaptcha/463b917e-e264-403f-ad34-34af0ee10294 HTTP/1.1 Host: api.hcaptcha.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, application/octet-stream Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br content-type: application/octet-stream Content-Length: 13846 Origin: https://newassets.hcaptcha.com DNT: 1 Connection: keep-alive Referer: https://newassets.hcaptcha.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:22 GMT content-type: application/octet-stream content-length: 4120 cf-ray: 8d8d8925dcc1b51e-OSL cf-cache-status: DYNAMIC access-control-allow-origin: https://newassets.hcaptcha.com set-cookie: __cflb=0H28vk2VKwPbLoawFj9mU2fhedYxxWRD6YTW9UaCkSq; SameSite=Lax; path=/; expires=Sat, 26-Oct-24 21:58:22 GMT; HttpOnly strict-transport-security: max-age=31536000; includeSubDomains; preload vary: Origin, Accept-Encoding access-control-allow-credentials: true x-content-type-options: nosniff server: cloudflare alt-svc: h3=":443"; ma=86400

	r.stripe.com/b	54.187.159.182	200 OK	0 B
URL POST HTTP/2 r.stripe.com/b IP 54.187.159.182:443 ASN #16509 AMAZON-02 Requested by https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html#apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&stripeJsId=a8121b6b-c76e-4658-bdce-3e301433711c&controllerCount=1&isCheckout=false&stripeJsLoadTime=1729978098403&manualBrowserDeprecationRollout=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subject.stripe.com Fingerprint3D:F1:F9:E9:33:39:7C:76:C5:04:3B:5B:12:64:E9:99:6E:F7:39:EF ValidityFri, 20 Sep 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /b HTTP/1.1 Host: r.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 5248 Origin: https://js.stripe.com DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK server: nginx date: Sat, 26 Oct 2024 21:28:23 GMT content-length: 0 access-control-allow-origin: https://js.stripe.com access-control-allow-credentials: true access-control-allow-methods: POST x-stripe-inbound-proxy-type: mesh-proxy x-stripe-proxy-response: upstream x-stripe-server-envoy-upstream-service-time-ms: 2 x-stripe-server-envoy-start-time-us: 1729978103127588 x-envoy-attempt-count: 1 x-stripe-bg-intended-route-color: green x-stripe-outbound-proxy-type: envoy x-stripe-client-envoy-start-time-us: 1729978103127336 x-stripe-upstream-host: 10.73.206.78:1643 content-type: text/plain X-Firefox-Spdy: h2

	js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html	151.101.128.176	200 OK	154 B
URL js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html IP 151.101.128.176:0 ASN #54113 FASTLY Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type HTML document, ASCII text, with no line terminators Size 154 B (154 bytes) Hash 3437aaddcdf6922d623e172c2d6f9278 f69066cf20141ac93418102d3eee7c0225b8a623 35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb HTTP Headers GET /v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-length: 154 last-modified: Fri, 11 Nov 2022 20:25:37 GMT etag: "3437aaddcdf6922d623e172c2d6f9278" cache-control: max-age=31536000 content-type: text/html; charset=utf-8 content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:23 GMT via: 1.1 varnish age: 2228491 x-request-id: bfa89ba7-81e6-49d5-87ed-34f5f92b330e x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 514517 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js	151.101.128.176	200 OK	315 B
URL GET HTTP/3 js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&title=Early%20Vote%20Action&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&muid=NA&sid=NA&version=6&preview=false Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (526), with no line terminators Size 315 B (315 bytes) Hash d96c709017743c0759cf3853d1806ba5 72e21587610c49c8305a55e71f73fa88ed618205 ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652 HTTP Headers `GET /v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-length: 315 last-modified: Fri, 11 Nov 2022 20:25:36 GMT etag: "d96c709017743c0759cf3853d1806ba5" cache-control: max-age=31536000 content-type: text/javascript; charset=utf-8 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:23 GMT via: 1.1 varnish age: 2830315 x-request-id: 87b629f7-568d-4bb7-b934-3b3079825bc5 x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 482982 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	m.stripe.network/inner.html	54.240.174.84	200 OK	930 B
URL m.stripe.network/inner.html IP 54.240.174.84:0 ASN #16509 AMAZON-02 File type HTML document, ASCII text, with very long lines (930), with no line terminators Size 930 B (930 bytes) Hash 06bfcd88af438673a8bf9b845a11aa6e d024a745032cbe115526abe648d9fa0f0a10a681 947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1 HTTP Headers `GET /inner.html HTTP/1.1 Host: m.stripe.network User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/html; charset=utf-8 content-length: 930 last-modified: Fri, 30 Jun 2023 14:32:28 GMT accept-ranges: bytes server: Cloudfront date: Sat, 26 Oct 2024 21:27:30 GMT cache-control: max-age=300, public etag: "06bfcd88af438673a8bf9b845a11aa6e" vary: Accept-Encoding, Origin via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) age: 54 content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff x-cache: Hit from cloudfront x-amz-cf-pop: OSL50-P1 x-amz-cf-id: BSyJ1F4-KGPZ912lhYScrR9V4t2G6K_g92g9khwr0HvA5KTVy6TMSA== X-Firefox-Spdy: h2

	r.stripe.com/b	54.187.159.182	200 OK	0 B
URL POST HTTP/2 r.stripe.com/b IP 54.187.159.182:443 ASN #16509 AMAZON-02 Requested by https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html#apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&stripeJsId=a8121b6b-c76e-4658-bdce-3e301433711c&controllerCount=1&isCheckout=false&stripeJsLoadTime=1729978098403&manualBrowserDeprecationRollout=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subject.stripe.com Fingerprint3D:F1:F9:E9:33:39:7C:76:C5:04:3B:5B:12:64:E9:99:6E:F7:39:EF ValidityFri, 20 Sep 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /b HTTP/1.1 Host: r.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: https://js.stripe.com DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK server: nginx date: Sat, 26 Oct 2024 21:28:24 GMT content-length: 0 access-control-allow-origin: https://js.stripe.com access-control-allow-credentials: true access-control-allow-methods: POST x-stripe-inbound-proxy-type: mesh-proxy x-stripe-proxy-response: upstream x-stripe-server-envoy-upstream-service-time-ms: 2 x-stripe-server-envoy-start-time-us: 1729978104135632 x-envoy-attempt-count: 1 x-stripe-bg-intended-route-color: green x-stripe-outbound-proxy-type: envoy x-stripe-client-envoy-start-time-us: 1729978104135462 x-stripe-upstream-host: 10.76.189.106:1643 content-type: text/plain X-Firefox-Spdy: h2

	maps.googleapis.com/maps-api-v3/api/js/58/10/common.js	142.250.74.10	200 OK	57 kB
URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/58/10/common.js IP 142.250.74.10:443 ASN #15169 GOOGLE Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint74:3D:68:F7:64:93:DF:41:12:95:A6:69:57:38:7A:AF:75:38:44:2D ValidityMon, 07 Oct 2024 08:25:41 GMT - Mon, 30 Dec 2024 08:25:40 GMT File type JavaScript source, ASCII text, with very long lines (10075) Size 57 kB (56779 bytes) Hash 429e2c94ad6f3495539a7abf95c6e608 2f6a84081093967baa50e00d4df7f8cc45cdd19d 0b73d8c2668c726bb234ca3e92ce1fd27a00fce21b84b68004fe67f8148a3507 HTTP Headers `GET /maps-api-v3/api/js/58/10/common.js HTTP/1.1 Host: maps.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: br content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="maps-api-js" report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} timing-allow-origin: * content-length: 56779 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 24 Oct 2024 20:12:15 GMT expires: Fri, 24 Oct 2025 20:12:15 GMT cache-control: public, max-age=31536000 last-modified: Wed, 23 Oct 2024 07:06:25 GMT content-type: text/javascript vary: Accept-Encoding, Origin age: 177369 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	maps.googleapis.com/maps-api-v3/api/js/58/10/util.js	142.250.74.10	200 OK	59 kB
URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/58/10/util.js IP 142.250.74.10:443 ASN #15169 GOOGLE Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint74:3D:68:F7:64:93:DF:41:12:95:A6:69:57:38:7A:AF:75:38:44:2D ValidityMon, 07 Oct 2024 08:25:41 GMT - Mon, 30 Dec 2024 08:25:40 GMT File type JavaScript source, ASCII text, with very long lines (554) Size 59 kB (59270 bytes) Hash d24159d6b6effd13d0c781cbb950d73c 25204616ad3b9e787ed1c62cacc935aa79e5bf45 faf393cfcf0dd3586bc5b4d4daf75755215c8f8642fd117a184d44328e056a00 HTTP Headers `GET /maps-api-v3/api/js/58/10/util.js HTTP/1.1 Host: maps.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: br content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="maps-api-js" report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} timing-allow-origin: * content-length: 59270 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 24 Oct 2024 20:12:15 GMT expires: Fri, 24 Oct 2025 20:12:15 GMT cache-control: public, max-age=31536000 last-modified: Wed, 23 Oct 2024 07:06:25 GMT content-type: text/javascript vary: Accept-Encoding, Origin age: 177369 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	m.stripe.network/out-4.5.43.js	54.240.174.84	200 OK	22 kB
URL GET HTTP/2 m.stripe.network/out-4.5.43.js IP 54.240.174.84:443 ASN #16509 AMAZON-02 Requested by https://m.stripe.network/inner.html#url=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&title=Early%20Vote%20Action&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&muid=NA&sid=NA&version=6&preview=false Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Size 22 kB (22168 bytes) Hash 69cb7809b5011312e716f29b3d19dce6 833dabfb546d57065aeba7190b5ee5a2428dfa47 e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c HTTP Headers `GET /out-4.5.43.js HTTP/1.1 Host: m.stripe.network User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://m.stripe.network/inner.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK content-type: text/javascript; charset=utf-8 last-modified: Fri, 30 Jun 2023 14:32:28 GMT server: Cloudfront content-encoding: br date: Sat, 26 Oct 2024 21:27:38 GMT cache-control: max-age=300, public etag: W/"69cb7809b5011312e716f29b3d19dce6" vary: Accept-Encoding, Origin via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) age: 56 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff x-cache: Hit from cloudfront x-amz-cf-pop: OSL50-P1 x-amz-cf-id: zMriIuxFzKMTsdQJf3VSj1LZwjZSJbEiT3zSZboo2PPQ2eqPdJJthg== X-Firefox-Spdy: h2

	m.stripe.com/6	54.148.147.183	200 OK	156 B
URL POST HTTP/2 m.stripe.com/6 IP 54.148.147.183:443 ASN #16509 AMAZON-02 Requested by https://m.stripe.network/inner.html#url=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&title=Early%20Vote%20Action&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&muid=NA&sid=NA&version=6&preview=false Certificate IssuerDigiCert Inc Subjectm.stripe.com FingerprintDE:63:15:97:DE:67:54:1D:05:AF:32:20:FD:B0:26:E7:D2:11:D6:04 ValidityWed, 21 Aug 2024 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT File type JSON text data Size 156 B (156 bytes) Hash 704193fdf0b9c970dd438c44554f6ab4 c081c0a7fefa202ffa765b6aec7fcfa749675625 7cd3ac24f8d21b517d61ac61d98a76b9f5ce2dbd704fa0e2281d1fa299f0732d HTTP Headers `POST /6 HTTP/1.1 Host: m.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 3920 Origin: https://m.stripe.network DNT: 1 Connection: keep-alive Referer: https://m.stripe.network/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Sat, 26 Oct 2024 21:28:24 GMT content-length: 156 set-cookie: m=b5db42b6-c0a4-402d-a9fe-cad00d6cc76712c1a6;Expires=Mon, 26-Oct-2026 21:28:24 GMT;Secure;HttpOnly; SameSite=None x-content-type-options: nosniff x-stripe-inbound-proxy-type: envoy x-stripe-server-envoy-start-time-us: 1729978104631059 x-stripe-server-envoy-upstream-service-time-ms: 2 x-envoy-attempt-count: 1 x-stripe-bg-intended-route-color: blue x-stripe-outbound-proxy-type: envoy x-stripe-client-envoy-start-time-us: 1729978104630347 x-stripe-upstream-host: 10.72.103.192:1643 access-control-allow-origin: https://m.stripe.network access-control-allow-credentials: true access-control-allow-headers: Content-Type strict-transport-security: max-age=31556926; includeSubDomains; preload content-type: application/json;charset=utf-8 X-Firefox-Spdy: h2

	m.stripe.com/6	54.148.147.183	200 OK	156 B
URL POST HTTP/2 m.stripe.com/6 IP 54.148.147.183:443 ASN #16509 AMAZON-02 Requested by https://m.stripe.network/inner.html#url=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&title=Early%20Vote%20Action&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&muid=NA&sid=NA&version=6&preview=false Certificate IssuerDigiCert Inc Subjectm.stripe.com FingerprintDE:63:15:97:DE:67:54:1D:05:AF:32:20:FD:B0:26:E7:D2:11:D6:04 ValidityWed, 21 Aug 2024 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT File type JSON text data Size 156 B (156 bytes) Hash 704193fdf0b9c970dd438c44554f6ab4 c081c0a7fefa202ffa765b6aec7fcfa749675625 7cd3ac24f8d21b517d61ac61d98a76b9f5ce2dbd704fa0e2281d1fa299f0732d HTTP Headers POST /6 HTTP/1.1 Host: m.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 3980 Origin: https://m.stripe.network DNT: 1 Connection: keep-alive Referer: https://m.stripe.network/ Cookie: m=b5db42b6-c0a4-402d-a9fe-cad00d6cc76712c1a6 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK server: nginx date: Sat, 26 Oct 2024 21:28:24 GMT content-length: 156 set-cookie: m=b5db42b6-c0a4-402d-a9fe-cad00d6cc76712c1a6;Expires=Mon, 26-Oct-2026 21:28:24 GMT;Secure;HttpOnly; SameSite=None x-content-type-options: nosniff x-stripe-inbound-proxy-type: envoy x-stripe-server-envoy-start-time-us: 1729978104907427 x-stripe-server-envoy-upstream-service-time-ms: 2 x-envoy-attempt-count: 1 x-stripe-bg-intended-route-color: blue x-stripe-outbound-proxy-type: envoy x-stripe-client-envoy-start-time-us: 1729978104907128 x-stripe-upstream-host: 10.72.45.29:1643 access-control-allow-origin: https://m.stripe.network access-control-allow-credentials: true access-control-allow-headers: Content-Type strict-transport-security: max-age=31556926; includeSubDomains; preload content-type: application/json;charset=utf-8 X-Firefox-Spdy: h2

	m.stripe.com/6	54.148.147.183	200 OK	156 B
URL POST HTTP/2 m.stripe.com/6 IP 54.148.147.183:443 ASN #16509 AMAZON-02 Requested by https://m.stripe.network/inner.html#url=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&title=Early%20Vote%20Action&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&muid=NA&sid=NA&version=6&preview=false Certificate IssuerDigiCert Inc Subjectm.stripe.com FingerprintDE:63:15:97:DE:67:54:1D:05:AF:32:20:FD:B0:26:E7:D2:11:D6:04 ValidityWed, 21 Aug 2024 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT File type JSON text data Size 156 B (156 bytes) Hash 704193fdf0b9c970dd438c44554f6ab4 c081c0a7fefa202ffa765b6aec7fcfa749675625 7cd3ac24f8d21b517d61ac61d98a76b9f5ce2dbd704fa0e2281d1fa299f0732d HTTP Headers POST /6 HTTP/1.1 Host: m.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 796 Origin: https://m.stripe.network DNT: 1 Connection: keep-alive Referer: https://m.stripe.network/ Cookie: m=b5db42b6-c0a4-402d-a9fe-cad00d6cc76712c1a6 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK server: nginx date: Sat, 26 Oct 2024 21:28:24 GMT content-length: 156 set-cookie: m=b5db42b6-c0a4-402d-a9fe-cad00d6cc76712c1a6;Expires=Mon, 26-Oct-2026 21:28:24 GMT;Secure;HttpOnly; SameSite=None x-content-type-options: nosniff x-stripe-inbound-proxy-type: envoy x-stripe-server-envoy-start-time-us: 1729978104956723 x-stripe-server-envoy-upstream-service-time-ms: 3 x-envoy-attempt-count: 1 x-stripe-bg-intended-route-color: blue x-stripe-outbound-proxy-type: envoy x-stripe-client-envoy-start-time-us: 1729978104956259 x-stripe-upstream-host: 10.72.41.248:1643 access-control-allow-origin: https://m.stripe.network access-control-allow-credentials: true access-control-allow-headers: Content-Type strict-transport-security: max-age=31556926; includeSubDomains; preload content-type: application/json;charset=utf-8 X-Firefox-Spdy: h2

	m.stripe.com/6	54.148.147.183	200 OK	156 B
URL POST HTTP/2 m.stripe.com/6 IP 54.148.147.183:443 ASN #16509 AMAZON-02 Requested by https://m.stripe.network/inner.html#url=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&title=Early%20Vote%20Action&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&muid=NA&sid=NA&version=6&preview=false Certificate IssuerDigiCert Inc Subjectm.stripe.com FingerprintDE:63:15:97:DE:67:54:1D:05:AF:32:20:FD:B0:26:E7:D2:11:D6:04 ValidityWed, 21 Aug 2024 00:00:00 GMT - Thu, 21 Nov 2024 23:59:59 GMT File type JSON text data Size 156 B (156 bytes) Hash 704193fdf0b9c970dd438c44554f6ab4 c081c0a7fefa202ffa765b6aec7fcfa749675625 7cd3ac24f8d21b517d61ac61d98a76b9f5ce2dbd704fa0e2281d1fa299f0732d HTTP Headers POST /6 HTTP/1.1 Host: m.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 792 Origin: https://m.stripe.network DNT: 1 Connection: keep-alive Referer: https://m.stripe.network/ Cookie: m=b5db42b6-c0a4-402d-a9fe-cad00d6cc76712c1a6 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK server: nginx date: Sat, 26 Oct 2024 21:28:25 GMT content-length: 156 set-cookie: m=b5db42b6-c0a4-402d-a9fe-cad00d6cc76712c1a6;Expires=Mon, 26-Oct-2026 21:28:25 GMT;Secure;HttpOnly; SameSite=None x-content-type-options: nosniff x-stripe-inbound-proxy-type: envoy x-stripe-server-envoy-start-time-us: 1729978105006275 x-stripe-server-envoy-upstream-service-time-ms: 4 x-envoy-attempt-count: 1 x-stripe-bg-intended-route-color: blue x-stripe-outbound-proxy-type: envoy x-stripe-client-envoy-start-time-us: 1729978105005889 x-stripe-upstream-host: 10.72.113.113:1643 access-control-allow-origin: https://m.stripe.network access-control-allow-credentials: true access-control-allow-headers: Content-Type strict-transport-security: max-age=31556926; includeSubDomains; preload content-type: application/json;charset=utf-8 X-Firefox-Spdy: h2

	r.stripe.com/b	54.187.159.182	200 OK	0 B
URL POST HTTP/2 r.stripe.com/b IP 54.187.159.182:443 ASN #16509 AMAZON-02 Requested by https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html#apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&stripeJsId=a8121b6b-c76e-4658-bdce-3e301433711c&controllerCount=1&isCheckout=false&stripeJsLoadTime=1729978098403&manualBrowserDeprecationRollout=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subject.stripe.com Fingerprint3D:F1:F9:E9:33:39:7C:76:C5:04:3B:5B:12:64:E9:99:6E:F7:39:EF ValidityFri, 20 Sep 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /b HTTP/1.1 Host: r.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 4924 Origin: https://js.stripe.com DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK server: nginx date: Sat, 26 Oct 2024 21:28:25 GMT content-length: 0 access-control-allow-origin: https://js.stripe.com access-control-allow-credentials: true access-control-allow-methods: POST x-stripe-inbound-proxy-type: mesh-proxy x-stripe-proxy-response: upstream x-stripe-server-envoy-upstream-service-time-ms: 3 x-stripe-server-envoy-start-time-us: 1729978105093570 x-envoy-attempt-count: 1 x-stripe-bg-intended-route-color: green x-stripe-outbound-proxy-type: envoy x-stripe-client-envoy-start-time-us: 1729978105093396 x-stripe-upstream-host: 10.73.196.251:1643 content-type: text/plain X-Firefox-Spdy: h2

	secure.winred.com/cdn-cgi/rum?	104.19.212.89	204 No Content	0 B
URL POST HTTP/3 secure.winred.com/cdn-cgi/rum? IP 104.19.212.89:443 ASN #13335 CLOUDFLARENET Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerCloudflare, Inc. Subjectsecure.winred.com FingerprintFF:90:12:D2:0A:57:DF:67:0A:A7:6D:39:C1:D1:05:97:5C:75:E9:E1 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/rum? HTTP/1.1 Host: secure.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Content-Type: application/json Content-Length: 1252 Origin: https://secure.winred.com DNT: 1 Connection: keep-alive Cookie: __cf_bm=b6lZVFCBxBdK8lcqgf06YE.TtYdt2DWMgONsgtlgDUo-1729978095-1.0.1.1-dohDVDRLMq7pGUWpzCzr8uUYGHorZWsHUnUCKPB2mjvmUfo8rDuabDgELbt6YbaCkXkOIcsyjhIbehJPGe0hHQ; __production_revv_csrftoken=1729978097%7CNbo5L%2BdgAr%2B7hQgooS%2FewvO39YMGBOinrqBElKYZRTQ%3D%7C%2BYct8j4m85OG%2Fwq9gZuXaEhqJF5%2FZ1QGhwhNemODceM%3D; _revv_v3_session=bGJlZlBZdkNWekdHSUI4YzVsalpUSVY4UitmWG1Oa1RpVWp1R1piVFRLVmJDd01CQXVMVmpiYXcrVExReWVLa0ZicW9DZ0ErZGFlOXBiTkZGUkl5NE96OFArU0kwa283dTlmZjRZYk9FaUZMYTNpbnZSNHZNeCtJTkl5dTZXUnp3SVlkQ3YwdlNnRFJSL1JKZ0VMK2l3bFRGelVhSVVraWh3YXhibEM4alo1YkJ6YkwrQ0lrVVJLRTEwY2oxdWNQRmZmaENFMmJ3eTNHT0gwZTVocmkreGtnSnpvdDV6T2ovaHB4ZGRTUEhzZmJGSHhTbjZtSWx3cjdPdVc5NnNXbURuSnlIbzN3MlJ3OHlQVW94NVQ4eFdMV0pIOUhLSkNPbjBrdlV3N0R4TDA9LS1ucDRJNjNHS1pmd3FGQ2VsWjRHcEp3PT0%3D--40c71bc6b03a507bed8904ac8d53fec15a64caf5; origin_url=https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517; _gcl_au=1.1.265582602.1729978099; __cf_bm=xCP3KRwqKVW2Et0nTSuhLBtHrhIrLeQa.axLxw3VNcw-1729978099-1.0.1.1-2nVoalPKEoLMNacj6OoJfemCVQPU_Ql2W1Ajak0GxB0bQ5htBMzBtzhoJ5lHW5bDckkCoLI32Gf3O1vb0.AtpQ; _ga_X6H0114PDF=GS1.1.1729978099.1.1.1729978121.0.0.1394097767; _ga=GA1.1.852715641.1729978100; _ga_XQC94J3YLE=GS1.1.1729978099.1.0.1729978099.0.0.0; cf_clearance=bgAom9TRdhOnzNrEXB2K2VjzgCnfhZYNRsix2AcyKYI-1729978100-1.2.1.1-r4hSFNg4rmnegQ5qqxRiDL496IeiOE8cIQ_ZRB13hP1pDLY5Chve8eMgMGEP.usZpI4XWUuagUODDO6oNzuXoJb6jlmVm.72ZkOMBJKmAOmkojU6SRVVG5Kg5vsevzB5K5pr2uJ91tEIaboIQDTkvnpcpoTzM2LTBBtVZzTVnzmsxFUXeQ5dns0fVJqBys5R9fVQoLMqyq1bPrHbaJLhbkXeK5WPdv0hDNM7pvchlRnwOrYN4w5ali0dgcFF2thTpFrZREbs3h5LwPS_eZ2Qtc6DgLhY75Ig4XxcmFC8F5AwOBgA2f57tdq99xhezQ6mp6CXTk7DbTSLkEYGMOnXytrfuPCJ3OmpLsYTRsz2IKk1JAWujlyomY7WKPSNKn.h; __stripe_mid=2a9f7d96-9081-4f60-b5c8-d8e6d11c1e75e78e58; __stripe_sid=3ad702f6-5478-4154-b160-d2bb300ee5bf02edef Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/3 204 No Content date: Sat, 26 Oct 2024 21:28:41 GMT access-control-allow-origin: https://secure.winred.com access-control-allow-methods: POST,OPTIONS access-control-max-age: 86400 vary: Origin access-control-allow-credentials: true server: cloudflare cf-ray: 8d8d899a3c0156bf-OSL x-frame-options: DENY x-content-type-options: nosniff`

	secure.winred.com/cdn-cgi/challenge-platform/h/b/jsd/r/8d8d89065b4b56bf	104.19.212.89	200 OK	0 B
URL POST HTTP/3 secure.winred.com/cdn-cgi/challenge-platform/h/b/jsd/r/8d8d89065b4b56bf IP 104.19.212.89:443 ASN #13335 CLOUDFLARENET Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerCloudflare, Inc. Subjectsecure.winred.com FingerprintFF:90:12:D2:0A:57:DF:67:0A:A7:6D:39:C1:D1:05:97:5C:75:E9:E1 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/challenge-platform/h/b/jsd/r/8d8d89065b4b56bf HTTP/1.1 Host: secure.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 12293 Origin: https://secure.winred.com DNT: 1 Connection: keep-alive Referer: https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Cookie: __cf_bm=b6lZVFCBxBdK8lcqgf06YE.TtYdt2DWMgONsgtlgDUo-1729978095-1.0.1.1-dohDVDRLMq7pGUWpzCzr8uUYGHorZWsHUnUCKPB2mjvmUfo8rDuabDgELbt6YbaCkXkOIcsyjhIbehJPGe0hHQ; cf_clearance=fwgu4tkM3CYUh1zPvP2Qp7AVSUZSwUCEMVh1R3QPtvY-1729978095-1.2.1.1-hLMcWqZybSGFM92fSHC7MWkVtyMNXM0nZDOALBwWNjhu_ymt.FOYuk8_EVr6mGaZBubeYWFsSoaab4JCJIJdJNR2_dOxucCH7AxSCDC3hW4nme0Z0MJqSsnw.HQBVSSU4upeNUbKmG67MDjLIzWW8YXWPorlfHJ5fZED3VWzd3.6k_H.2VDfOywrQ1aReJRQ3o_5Pvi2jzqcWVuh8Z4V12Dkt53W.y9FKmj70mk_Nt6bUsM02PRBg4yONv6rnJw_YuPPRPDq7GqvhzlWB.wOVcUKnIuwFIb15QlyfTOTypcMTa.duSmsvkEZOZqPjfPTI9ovsC5mfuBi1QGy1SshWpdj1_0Z3OrdjSlQfgiUpPpcnAosXhhQQ2Q0B5rz1tCk; __production_revv_csrftoken=1729978097%7CNbo5L%2BdgAr%2B7hQgooS%2FewvO39YMGBOinrqBElKYZRTQ%3D%7C%2BYct8j4m85OG%2Fwq9gZuXaEhqJF5%2FZ1QGhwhNemODceM%3D; _revv_v3_session=bGJlZlBZdkNWekdHSUI4YzVsalpUSVY4UitmWG1Oa1RpVWp1R1piVFRLVmJDd01CQXVMVmpiYXcrVExReWVLa0ZicW9DZ0ErZGFlOXBiTkZGUkl5NE96OFArU0kwa283dTlmZjRZYk9FaUZMYTNpbnZSNHZNeCtJTkl5dTZXUnp3SVlkQ3YwdlNnRFJSL1JKZ0VMK2l3bFRGelVhSVVraWh3YXhibEM4alo1YkJ6YkwrQ0lrVVJLRTEwY2oxdWNQRmZmaENFMmJ3eTNHT0gwZTVocmkreGtnSnpvdDV6T2ovaHB4ZGRTUEhzZmJGSHhTbjZtSWx3cjdPdVc5NnNXbURuSnlIbzN3MlJ3OHlQVW94NVQ4eFdMV0pIOUhLSkNPbjBrdlV3N0R4TDA9LS1ucDRJNjNHS1pmd3FGQ2VsWjRHcEp3PT0%3D--40c71bc6b03a507bed8904ac8d53fec15a64caf5; origin_url=https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517; _gcl_au=1.1.265582602.1729978099; __cf_bm=xCP3KRwqKVW2Et0nTSuhLBtHrhIrLeQa.axLxw3VNcw-1729978099-1.0.1.1-2nVoalPKEoLMNacj6OoJfemCVQPU_Ql2W1Ajak0GxB0bQ5htBMzBtzhoJ5lHW5bDckkCoLI32Gf3O1vb0.AtpQ; _ga_X6H0114PDF=GS1.1.1729978099.1.0.1729978099.0.0.1394097767; _ga=GA1.1.852715641.1729978100; _ga_XQC94J3YLE=GS1.1.1729978099.1.0.1729978099.0.0.0 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:20 GMT content-type: text/plain; charset=UTF-8 content-length: 0 set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.secure.winred.com; Priority=High; HttpOnly; Secure; SameSite=None cf_clearance=bgAom9TRdhOnzNrEXB2K2VjzgCnfhZYNRsix2AcyKYI-1729978100-1.2.1.1-r4hSFNg4rmnegQ5qqxRiDL496IeiOE8cIQ_ZRB13hP1pDLY5Chve8eMgMGEP.usZpI4XWUuagUODDO6oNzuXoJb6jlmVm.72ZkOMBJKmAOmkojU6SRVVG5Kg5vsevzB5K5pr2uJ91tEIaboIQDTkvnpcpoTzM2LTBBtVZzTVnzmsxFUXeQ5dns0fVJqBys5R9fVQoLMqyq1bPrHbaJLhbkXeK5WPdv0hDNM7pvchlRnwOrYN4w5ali0dgcFF2thTpFrZREbs3h5LwPS_eZ2Qtc6DgLhY75Ig4XxcmFC8F5AwOBgA2f57tdq99xhezQ6mp6CXTk7DbTSLkEYGMOnXytrfuPCJ3OmpLsYTRsz2IKk1JAWujlyomY7WKPSNKn.h; Path=/; Expires=Sun, 26-Oct-25 21:28:20 GMT; Domain=.secure.winred.com; Priority=High; HttpOnly; Secure; SameSite=None; Partitioned strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff server: cloudflare cf-ray: 8d8d89159b0e56bf-OSL alt-svc: h3=":443"; ma=86400

	newassets.hcaptcha.com/captcha/v1/8352e07/static/hcaptcha.html	104.19.229.21	200 OK	359 kB
URL GET HTTP/3 newassets.hcaptcha.com/captcha/v1/8352e07/static/hcaptcha.html IP 104.19.229.21:443 ASN #13335 CLOUDFLARENET Requested by https://b.stripecdn.com/stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.html?id=bd2b9dcd-1e41-452c-9c2e-35c638de5bfa&origin=https%3A%2F%2Fjs.stripe.com Certificate IssuerGoogle Trust Services Subjecthcaptcha.com Fingerprint88:FF:9C:DC:27:99:24:BE:11:6A:8A:2A:CD:49:CD:45:93:8C:4E:AD ValiditySat, 07 Sep 2024 22:14:18 GMT - Fri, 06 Dec 2024 22:14:17 GMT File type Size 359 kB (359430 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /captcha/v1/8352e07/static/hcaptcha.html HTTP/1.1 Host: newassets.hcaptcha.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b.stripecdn.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:21 GMT content-type: text/html cache-control: max-age=3600 vary: Accept-Encoding, Origin alt-svc: h3=":443"; ma=86400 cf-cache-status: HIT strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff content-security-policy: report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1; server: cloudflare cf-ray: 8d8d891c4bedb51e-OSL content-encoding: br

	d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/001/142/139/large/Lara_Scott.png	54.240.174.73	200 OK	3.3 MB
URL GET HTTP/2 d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/001/142/139/large/Lara_Scott.png IP 54.240.174.73:443 ASN #16509 AMAZON-02 Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerAmazon Subject.cloudfront.net Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62 ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT File type Size 3.3 MB (3260930 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /logos/logo_assets/001/142/139/large/Lara_Scott.png HTTP/1.1 Host: d35ligi1n5bgzc.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: image/png content-length: 3260930 last-modified: Wed, 09 Oct 2024 21:42:11 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: .e8Ew7aENfgxpRVSqX.yhGpy3W74zFyT accept-ranges: bytes server: AmazonS3 date: Sat, 26 Oct 2024 21:28:18 GMT etag: "13824eda3aab97fedc99de204d507ca4" x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: zyCGQxScD46aGtjO83Ly-S9cnws7X6HlLb0j1_sguSHMgfZeK-n4lQ== age: 55206 X-Firefox-Spdy: h2

	js.stripe.com/v3/hcaptcha-invisible-1c9f48dc4b3b032d0e71a60ef1d512ed.html	151.101.128.176	200 OK	75 kB
URL GET HTTP/3 js.stripe.com/v3/hcaptcha-invisible-1c9f48dc4b3b032d0e71a60ef1d512ed.html IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type Size 75 kB (75066 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /v3/hcaptcha-invisible-1c9f48dc4b3b032d0e71a60ef1d512ed.html HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-length: 23875 last-modified: Fri, 25 Oct 2024 20:04:30 GMT etag: "6e7da96a3d8a76b25a219614ea7c9bdd" cache-control: max-age=31536000 content-type: text/html; charset=utf-8 content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-JvG3zQYgqbTdVEKRftDpujtPU85Cv43+5YQGZtaJQU0='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report origin-agent-cluster: ?1 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:20 GMT via: 1.1 varnish age: 91093 x-request-id: d7aca003-d14f-43cb-ace6-a7bb8dda9d76 x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 4180 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	secure.winred.com/assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css	104.19.212.89	200 OK	225 kB
URL GET HTTP/3 secure.winred.com/assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css IP 104.19.212.89:443 ASN #13335 CLOUDFLARENET Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerCloudflare, Inc. Subjectsecure.winred.com FingerprintFF:90:12:D2:0A:57:DF:67:0A:A7:6D:39:C1:D1:05:97:5C:75:E9:E1 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type ASCII text, with very long lines (33312) Size 225 kB (224788 bytes) Hash 5030377e9c49bbfeef738cbc9371dd80 98bfda49f298cdc15a0998714ed3a342ecd454ab c55f9ced964923aa6bb9767c8c4ac9d7f18572bcbe9ae8ee1f0c1637c679a169 HTTP Headers GET /assets/landing_page-6039c7fb49af57af18c66c1f088ebc528623b4d6ac05ce2e3229ba0b335bc92b.css HTTP/1.1 Host: secure.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 DNT: 1 Connection: keep-alive Cookie: __cf_bm=b6lZVFCBxBdK8lcqgf06YE.TtYdt2DWMgONsgtlgDUo-1729978095-1.0.1.1-dohDVDRLMq7pGUWpzCzr8uUYGHorZWsHUnUCKPB2mjvmUfo8rDuabDgELbt6YbaCkXkOIcsyjhIbehJPGe0hHQ; cf_clearance=fwgu4tkM3CYUh1zPvP2Qp7AVSUZSwUCEMVh1R3QPtvY-1729978095-1.2.1.1-hLMcWqZybSGFM92fSHC7MWkVtyMNXM0nZDOALBwWNjhu_ymt.FOYuk8_EVr6mGaZBubeYWFsSoaab4JCJIJdJNR2_dOxucCH7AxSCDC3hW4nme0Z0MJqSsnw.HQBVSSU4upeNUbKmG67MDjLIzWW8YXWPorlfHJ5fZED3VWzd3.6k_H.2VDfOywrQ1aReJRQ3o_5Pvi2jzqcWVuh8Z4V12Dkt53W.y9FKmj70mk_Nt6bUsM02PRBg4yONv6rnJw_YuPPRPDq7GqvhzlWB.wOVcUKnIuwFIb15QlyfTOTypcMTa.duSmsvkEZOZqPjfPTI9ovsC5mfuBi1QGy1SshWpdj1_0Z3OrdjSlQfgiUpPpcnAosXhhQQ2Q0B5rz1tCk; __production_revv_csrftoken=1729978097%7CNbo5L%2BdgAr%2B7hQgooS%2FewvO39YMGBOinrqBElKYZRTQ%3D%7C%2BYct8j4m85OG%2Fwq9gZuXaEhqJF5%2FZ1QGhwhNemODceM%3D; _revv_v3_session=bGJlZlBZdkNWekdHSUI4YzVsalpUSVY4UitmWG1Oa1RpVWp1R1piVFRLVmJDd01CQXVMVmpiYXcrVExReWVLa0ZicW9DZ0ErZGFlOXBiTkZGUkl5NE96OFArU0kwa283dTlmZjRZYk9FaUZMYTNpbnZSNHZNeCtJTkl5dTZXUnp3SVlkQ3YwdlNnRFJSL1JKZ0VMK2l3bFRGelVhSVVraWh3YXhibEM4alo1YkJ6YkwrQ0lrVVJLRTEwY2oxdWNQRmZmaENFMmJ3eTNHT0gwZTVocmkreGtnSnpvdDV6T2ovaHB4ZGRTUEhzZmJGSHhTbjZtSWx3cjdPdVc5NnNXbURuSnlIbzN3MlJ3OHlQVW94NVQ4eFdMV0pIOUhLSkNPbjBrdlV3N0R4TDA9LS1ucDRJNjNHS1pmd3FGQ2VsWjRHcEp3PT0%3D--40c71bc6b03a507bed8904ac8d53fec15a64caf5 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:18 GMT content-type: text/css cf-ray: 8d8d8908df6d56bf-OSL cf-cache-status: HIT age: 1142 cache-control: public, max-age=14400 etag: W/"0d589e3ee739618497567fffac3f6955" expires: Sun, 27 Oct 2024 01:28:18 GMT last-modified: Tue, 10 Sep 2024 01:04:23 GMT strict-transport-security: max-age=15552000; includeSubDomains vary: Accept-Encoding cf-bgj: minify cf-polished: origSize=227910 x-amz-id-2: WEbeGdWNeXkN1BqnJpmrZCYIeBQueHaVhg6shOaF7sYdOWnOU3YXuHcg4FlWU6QYCOErujyYL4E= x-amz-request-id: YHQZ234JS81VP5ZN x-amz-version-id: jaJu5n8rkue_aoApaBzavM.XHiOtZ73c x-content-type-options: nosniff server: cloudflare content-encoding: br alt-svc: h3=":443"; ma=86400

	gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je4ao0v867905447z872410129za200zb72410129&_p=1729978098041&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=852715641.1729978100&ecid=1394097767&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&frm=0&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.tft=1729978098041&sst.ude=0&_s=2&sid=1729978099&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&dr=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&dt=Early%20Vote%20Action&en=user%20session%20start&ep.pagepath=%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024&epn.load_time_sec=-1729978097.6&epn.event_fire_time=1729978099159&ep.event_uuid=7b51d9e0-b52e-4dcd-8655-5cee8790df5c&ep.isVideoPage=f&ep.referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&tfd=2482&richsstsse	104.16.229.52	403 Forbidden	18 kB
URL GET HTTP/3 gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je4ao0v867905447z872410129za200zb72410129&_p=1729978098041&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=852715641.1729978100&ecid=1394097767&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&frm=0&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.tft=1729978098041&sst.ude=0&_s=2&sid=1729978099&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&dr=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&dt=Early%20Vote%20Action&en=user%20session%20start&ep.pagepath=%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024&epn.load_time_sec=-1729978097.6&epn.event_fire_time=1729978099159&ep.event_uuid=7b51d9e0-b52e-4dcd-8655-5cee8790df5c&ep.isVideoPage=f&ep.referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&tfd=2482&richsstsse IP 104.16.229.52:443 ASN #13335 CLOUDFLARENET Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerGoogle Trust Services Subjectwinred.com FingerprintEA:31:83:1F:08:96:E5:29:67:8F:95:7B:B7:30:79:D3:65:41:E4:73 ValiditySat, 28 Sep 2024 05:50:45 GMT - Fri, 27 Dec 2024 05:50:44 GMT File type HTML document, ASCII text, with very long lines (17951), with no line terminators Size 18 kB (17951 bytes) Hash 86cdb417d51aa5d48eadeeb5b8e63ed2 3c69cc19ab373419b85a710a8417969b053f1d38 3b5246f330b6b778ad36601596e2df62283ad550349bdb0984aba18aa257f250 HTTP Headers GET /g/collect?v=2&tid=G-X6H0114PDF&gtm=45je4ao0v867905447z872410129za200zb72410129&_p=1729978098041&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=852715641.1729978100&ecid=1394097767&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&frm=0&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.tft=1729978098041&sst.ude=0&_s=2&sid=1729978099&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&dr=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&dt=Early%20Vote%20Action&en=user%20session%20start&ep.pagepath=%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024&epn.load_time_sec=-1729978097.6&epn.event_fire_time=1729978099159&ep.event_uuid=7b51d9e0-b52e-4dcd-8655-5cee8790df5c&ep.isVideoPage=f&ep.referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&tfd=2482&richsstsse HTTP/1.1 Host: gtm.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ Origin: https://secure.winred.com DNT: 1 Connection: keep-alive Cookie: _revv_v3_session=bGJlZlBZdkNWekdHSUI4YzVsalpUSVY4UitmWG1Oa1RpVWp1R1piVFRLVmJDd01CQXVMVmpiYXcrVExReWVLa0ZicW9DZ0ErZGFlOXBiTkZGUkl5NE96OFArU0kwa283dTlmZjRZYk9FaUZMYTNpbnZSNHZNeCtJTkl5dTZXUnp3SVlkQ3YwdlNnRFJSL1JKZ0VMK2l3bFRGelVhSVVraWh3YXhibEM4alo1YkJ6YkwrQ0lrVVJLRTEwY2oxdWNQRmZmaENFMmJ3eTNHT0gwZTVocmkreGtnSnpvdDV6T2ovaHB4ZGRTUEhzZmJGSHhTbjZtSWx3cjdPdVc5NnNXbURuSnlIbzN3MlJ3OHlQVW94NVQ4eFdMV0pIOUhLSkNPbjBrdlV3N0R4TDA9LS1ucDRJNjNHS1pmd3FGQ2VsWjRHcEp3PT0%3D--40c71bc6b03a507bed8904ac8d53fec15a64caf5; _gcl_au=1.1.265582602.1729978099; __cf_bm=xCP3KRwqKVW2Et0nTSuhLBtHrhIrLeQa.axLxw3VNcw-1729978099-1.0.1.1-2nVoalPKEoLMNacj6OoJfemCVQPU_Ql2W1Ajak0GxB0bQ5htBMzBtzhoJ5lHW5bDckkCoLI32Gf3O1vb0.AtpQ; _ga_X6H0114PDF=GS1.1.1729978099.1.0.1729978099.0.0.1394097767; _ga=GA1.1.852715641.1729978100; _ga_XQC94J3YLE=GS1.1.1729978099.1.0.1729978099.0.0.0 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 403 Forbidden date: Sat, 26 Oct 2024 21:28:20 GMT content-type: text/html; charset=UTF-8 accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy: same-origin x-content-options: nosniff x-frame-options: SAMEORIGIN cf-mitigated: challenge cf-chl-out: +x6qbp/shEXgjgYMhEV7g7gZX7dm6UeJFvGoGT7N5OM6dWIPRIEprzAjKyX22exY3p+UFDkGjAa3MZGm1P68zlDkDMmh25bw0Tkrk9gytz1YWt6dc05SzgwM/myzMpKQy9cFd7De9PxQyRc+RDrMsg==$OB0c8YP+uIBe0jsIwRBJqA== cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires: Thu, 01 Jan 1970 00:00:01 GMT vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff server: cloudflare cf-ray: 8d8d8915fa38b515-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	m.stripe.network/inner.html	54.240.174.84	200 OK	930 B
URL GET HTTP/2 m.stripe.network/inner.html IP 54.240.174.84:443 ASN #16509 AMAZON-02 Requested by https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&title=Early%20Vote%20Action&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&muid=NA&sid=NA&version=6&preview=false Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type HTML document, ASCII text, with very long lines (950), with no line terminators Size 930 B (930 bytes) Hash f965fbd577896cec85e53f8723dd00c1 8f1efde6d3060695e8c4b15570dcc602d5217836 8203a3820f68e42441db1690aee0059757efb30a2862add5dd250f106f1a08e2 HTTP Headers `GET /inner.html HTTP/1.1 Host: m.stripe.network User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/html; charset=utf-8 content-length: 930 last-modified: Fri, 30 Jun 2023 14:32:28 GMT accept-ranges: bytes server: Cloudfront date: Sat, 26 Oct 2024 21:27:30 GMT cache-control: max-age=300, public etag: "06bfcd88af438673a8bf9b845a11aa6e" vary: Accept-Encoding, Origin via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) age: 54 content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff x-cache: Hit from cloudfront x-amz-cf-pop: OSL50-P1 x-amz-cf-id: BSyJ1F4-KGPZ912lhYScrR9V4t2G6K_g92g9khwr0HvA5KTVy6TMSA== X-Firefox-Spdy: h2

	merchant-ui-api.stripe.com/elements/wallet-config	54.170.183.1	200 OK	3.0 kB
URL POST HTTP/2 merchant-ui-api.stripe.com/elements/wallet-config IP 54.170.183.1:443 ASN #16509 AMAZON-02 Requested by https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html#apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&stripeJsId=a8121b6b-c76e-4658-bdce-3e301433711c&controllerCount=1&isCheckout=false&stripeJsLoadTime=1729978098403&manualBrowserDeprecationRollout=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subject*.stripe.com Fingerprint3D:F1:F9:E9:33:39:7C:76:C5:04:3B:5B:12:64:E9:99:6E:F7:39:EF ValidityFri, 20 Sep 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type troff or preprocessor input, ASCII text, with very long lines (3232), with no line terminators Size 3.0 kB (3024 bytes) Hash af7d5cfb0010ecfefa9e64b78456ff69 411bb8be0e5783dbcd90119c5ed8543fb29b914f 48a268b74f5092501cad01cb37041ea183cc58a3a41aee187bdf6b5ded2ca2ee HTTP Headers POST /elements/wallet-config HTTP/1.1 Host: merchant-ui-api.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://js.stripe.com/ Content-Type: application/x-www-form-urlencoded Content-Length: 157 Origin: https://js.stripe.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx date: Sat, 26 Oct 2024 21:28:20 GMT content-type: application/json; charset=UTF-8 content-length: 3024 access-control-allow-credentials: true access-control-allow-methods: GET, POST access-control-allow-origin: https://js.stripe.com access-control-expose-headers: Request-Id access-control-max-age: 300 cache-control: max-age=0, no-cache, no-store, must-revalidate content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self' cross-origin-opener-policy-report-only: same-origin; report-to="coop" cross-origin-resource-policy: same-site expires: 0 pragma: no-cache referrer-policy: strict-origin-when-cross-origin report-to: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report?s=merchant-ui-api-srv"}],"include_subdomains":true} reporting-endpoints: coop="https://q.stripe.com/coop-report?s=merchant-ui-api-srv" request-id: req_Mso2JpRWAIpcjl vary: Origin x-content-type-options: nosniff x-robots-tag: none x-stripe-inbound-proxy-type: envoy x-stripe-outbound-proxy-type: envoy x-stripe-upstream-host: 10.72.3.41:1643 x-wc: A strict-transport-security: max-age=63072000; includeSubDomains; preload X-Firefox-Spdy: h2

	secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/e1a56f38220d/main.js?	104.19.212.89	200 OK	8.1 kB
URL GET HTTP/3 secure.winred.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/e1a56f38220d/main.js? IP 104.19.212.89:443 ASN #13335 CLOUDFLARENET Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerCloudflare, Inc. Subjectsecure.winred.com FingerprintFF:90:12:D2:0A:57:DF:67:0A:A7:6D:39:C1:D1:05:97:5C:75:E9:E1 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (8130), with no line terminators Size 8.1 kB (8130 bytes) Hash a9242773845d85fb032b1204e65823ca f8a0cbf0b85aa19e96a06abf8e44eea9cbfe54f6 314f94072b17532f42ab6034d8ac9ddb6ba69ccc311490e4fe6a7b07c2152442 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/e1a56f38220d/main.js? HTTP/1.1 Host: secure.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: __cf_bm=b6lZVFCBxBdK8lcqgf06YE.TtYdt2DWMgONsgtlgDUo-1729978095-1.0.1.1-dohDVDRLMq7pGUWpzCzr8uUYGHorZWsHUnUCKPB2mjvmUfo8rDuabDgELbt6YbaCkXkOIcsyjhIbehJPGe0hHQ; cf_clearance=fwgu4tkM3CYUh1zPvP2Qp7AVSUZSwUCEMVh1R3QPtvY-1729978095-1.2.1.1-hLMcWqZybSGFM92fSHC7MWkVtyMNXM0nZDOALBwWNjhu_ymt.FOYuk8_EVr6mGaZBubeYWFsSoaab4JCJIJdJNR2_dOxucCH7AxSCDC3hW4nme0Z0MJqSsnw.HQBVSSU4upeNUbKmG67MDjLIzWW8YXWPorlfHJ5fZED3VWzd3.6k_H.2VDfOywrQ1aReJRQ3o_5Pvi2jzqcWVuh8Z4V12Dkt53W.y9FKmj70mk_Nt6bUsM02PRBg4yONv6rnJw_YuPPRPDq7GqvhzlWB.wOVcUKnIuwFIb15QlyfTOTypcMTa.duSmsvkEZOZqPjfPTI9ovsC5mfuBi1QGy1SshWpdj1_0Z3OrdjSlQfgiUpPpcnAosXhhQQ2Q0B5rz1tCk; __production_revv_csrftoken=1729978097%7CNbo5L%2BdgAr%2B7hQgooS%2FewvO39YMGBOinrqBElKYZRTQ%3D%7C%2BYct8j4m85OG%2Fwq9gZuXaEhqJF5%2FZ1QGhwhNemODceM%3D; _revv_v3_session=bGJlZlBZdkNWekdHSUI4YzVsalpUSVY4UitmWG1Oa1RpVWp1R1piVFRLVmJDd01CQXVMVmpiYXcrVExReWVLa0ZicW9DZ0ErZGFlOXBiTkZGUkl5NE96OFArU0kwa283dTlmZjRZYk9FaUZMYTNpbnZSNHZNeCtJTkl5dTZXUnp3SVlkQ3YwdlNnRFJSL1JKZ0VMK2l3bFRGelVhSVVraWh3YXhibEM4alo1YkJ6YkwrQ0lrVVJLRTEwY2oxdWNQRmZmaENFMmJ3eTNHT0gwZTVocmkreGtnSnpvdDV6T2ovaHB4ZGRTUEhzZmJGSHhTbjZtSWx3cjdPdVc5NnNXbURuSnlIbzN3MlJ3OHlQVW94NVQ4eFdMV0pIOUhLSkNPbjBrdlV3N0R4TDA9LS1ucDRJNjNHS1pmd3FGQ2VsWjRHcEp3PT0%3D--40c71bc6b03a507bed8904ac8d53fec15a64caf5; origin_url=https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517; _gcl_au=1.1.265582602.1729978099; __cf_bm=xCP3KRwqKVW2Et0nTSuhLBtHrhIrLeQa.axLxw3VNcw-1729978099-1.0.1.1-2nVoalPKEoLMNacj6OoJfemCVQPU_Ql2W1Ajak0GxB0bQ5htBMzBtzhoJ5lHW5bDckkCoLI32Gf3O1vb0.AtpQ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:19 GMT content-type: application/javascript; charset=UTF-8 cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public x-content-type-options: nosniff vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains server: cloudflare cf-ray: 8d8d89137fa556bf-OSL content-encoding: br alt-svc: h3=":443"; ma=86400`

	b.stripecdn.com/stripethirdparty-srv/assets/v21.23/vendors~AddressAutocomplete~AffirmInContext~AfterpayInContext~AmazonPayButton~ApplePay~AuthMap~DataD~5ed5705f.7ef5482d15f388ab21cd.bundle.js	151.101.128.176	200 OK	126 kB
URL GET HTTP/3 b.stripecdn.com/stripethirdparty-srv/assets/v21.23/vendors~AddressAutocomplete~AffirmInContext~AfterpayInContext~AmazonPayButton~ApplePay~AuthMap~DataD~5ed5705f.7ef5482d15f388ab21cd.bundle.js IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://b.stripecdn.com/stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.html?id=bd2b9dcd-1e41-452c-9c2e-35c638de5bfa&origin=https%3A%2F%2Fjs.stripe.com Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type Size 126 kB (126411 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /stripethirdparty-srv/assets/v21.23/vendors~AddressAutocomplete~AffirmInContext~AfterpayInContext~AmazonPayButton~ApplePay~AuthMap~DataD~5ed5705f.7ef5482d15f388ab21cd.bundle.js HTTP/1.1 Host: b.stripecdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.html?id=bd2b9dcd-1e41-452c-9c2e-35c638de5bfa&origin=https%3A%2F%2Fjs.stripe.com Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-length: 36644 cache-control: max-age=31536000, public content-type: text/javascript; charset=utf-8 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:20 GMT via: 1.1 varnish age: 698113 x-request-id: 040a632d-9c6d-41cd-9e73-e84f79c89654 x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 30619 vary: Accept-Encoding, Origin location: https://checkout.stripe.com/stripethirdparty-srv/assets/v21.23/vendors~AddressAutocomplete~AffirmInContext~AfterpayInContext~AmazonPayButton~ApplePay~AuthMap~DataD~5ed5705f.7ef5482d15f388ab21cd.bundle.js timing-allow-origin: *

	newassets.hcaptcha.com/c/0d69d1a359119bd0e2c5ca7f11f300ac050517fd19b612f86c0c75a2b0b39cbe/hsw.js	104.19.229.21	200 OK	684 kB
URL GET HTTP/3 newassets.hcaptcha.com/c/0d69d1a359119bd0e2c5ca7f11f300ac050517fd19b612f86c0c75a2b0b39cbe/hsw.js IP 104.19.229.21:443 ASN #13335 CLOUDFLARENET Requested by https://newassets.hcaptcha.com/captcha/v1/8352e07/static/hcaptcha.html#frame=challenge&id=06rdjcqiyj0s&host=b.stripecdn.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&size=invisible&theme=light&origin=https%3A%2F%2Fb.stripecdn.com Certificate IssuerGoogle Trust Services Subjecthcaptcha.com Fingerprint88:FF:9C:DC:27:99:24:BE:11:6A:8A:2A:CD:49:CD:45:93:8C:4E:AD ValiditySat, 07 Sep 2024 22:14:18 GMT - Fri, 06 Dec 2024 22:14:17 GMT File type Size 684 kB (683743 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /c/0d69d1a359119bd0e2c5ca7f11f300ac050517fd19b612f86c0c75a2b0b39cbe/hsw.js HTTP/1.1 Host: newassets.hcaptcha.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://newassets.hcaptcha.com/captcha/v1/8352e07/static/hcaptcha.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:21 GMT content-type: application/javascript etag: W/"d490ba95de99d7c025179f7883fed554" cache-control: max-age=3024000 content-encoding: gzip vary: Accept-Encoding, Origin alt-svc: h3=":443"; ma=86400 cf-cache-status: HIT strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 8d8d891f691eb51e-OSL`

	js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html	151.101.128.176	200 OK	1.1 kB
URL GET HTTP/3 js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type HTML document, ASCII text, with very long lines (1090), with no line terminators Size 1.1 kB (1058 bytes) Hash 6071f9fd9efd1bbe6c93830833cf7901 f1c93fe115a28f17a62ba5fcad522eca89317ce1 0b77bc4459e271addf73e4a3b68bc06c91579231fc801de206f0da7b2db9deab HTTP Headers GET /v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-length: 514 last-modified: Fri, 25 Oct 2024 20:04:14 GMT etag: "dc733d8bac067db718e4883c0151251f" cache-control: max-age=31536000 content-type: text/html; charset=utf-8 content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report origin-agent-cluster: ?1 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:18 GMT via: 1.1 varnish age: 91094 x-request-id: 5cd90d41-8152-4f7b-b414-d7589676e8e2 x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 4008 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	js.stripe.com/v3/fingerprinted/js/ui-shared-cc08c9f0ed787cd214292085313bb8e1.js	151.101.128.176	200 OK	470 kB
URL GET HTTP/3 js.stripe.com/v3/fingerprinted/js/ui-shared-cc08c9f0ed787cd214292085313bb8e1.js IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html#locale=en&wait=false&mids[guid]=NA&mids[muid]=NA&mids[sid]=NA&style[base][iconColor]=%23697A8B&style[base][color]=%23354B70&style[base][lineHeight]=24px&style[base][fontFamily]=%22Helvetica+Neue%22%2C+Helvetica%2C+sans-serif&style[base][fontSmoothing]=antialiased&style[base][fontSize]=15px&style[base][fontWeight]=600&style[base][::placeholder][color]=%23697A8B&style[invalid][color]=%23ff4d55&style[invalid][::placeholder][color]=%23ff4d55&style[invalid][iconColor]=%23ff4d55&rtl=false&componentName=card&keyMode=live&apiKey=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&controllerId=__privateStripeController9151 Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type Size 470 kB (469751 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /v3/fingerprinted/js/ui-shared-cc08c9f0ed787cd214292085313bb8e1.js HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://js.stripe.com/v3/elements-inner-card-dc733d8bac067db718e4883c0151251f.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK content-length: 117570 last-modified: Fri, 25 Oct 2024 20:04:30 GMT etag: "f9b0460ab82c4471e2ba9e11da09143f" cache-control: max-age=31536000 content-type: text/javascript; charset=utf-8 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:19 GMT via: 1.1 varnish age: 91093 x-request-id: 637ddd95-0edb-4388-8fd1-a4069f777da9 x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 4632 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit	104.19.229.21	200 OK	151 kB
URL GET HTTP/2 hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit IP 104.19.229.21:443 ASN #13335 CLOUDFLARENET Requested by https://b.stripecdn.com/stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.html?id=bd2b9dcd-1e41-452c-9c2e-35c638de5bfa&origin=https%3A%2F%2Fjs.stripe.com Certificate IssuerGoogle Trust Services Subjecthcaptcha.com Fingerprint88:FF:9C:DC:27:99:24:BE:11:6A:8A:2A:CD:49:CD:45:93:8C:4E:AD ValiditySat, 07 Sep 2024 22:14:18 GMT - Fri, 06 Dec 2024 22:14:17 GMT File type Size 151 kB (150620 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /1/api.js?onload=captchaLoad&render=explicit HTTP/1.1 Host: hcaptcha.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b.stripecdn.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Sat, 26 Oct 2024 21:28:21 GMT content-type: application/javascript cf-ray: 8d8d891b58a8569c-OSL cf-cache-status: HIT age: 0 cache-control: private, max-age=300 etag: W/"2af278e106346ae2019b3a79b35d7861" strict-transport-security: max-age=31536000; includeSubDomains; preload vary: Origin, Accept-Encoding alt-svc: h3=":443"; ma=86400 cross-origin-resource-policy: cross-origin x-content-type-options: nosniff server: cloudflare content-encoding: br X-Firefox-Spdy: h2`

	gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je4ao0v867905447z872410129za200zb72410129&_p=1729978098041&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=852715641.1729978100&ecid=1394097767&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&frm=0&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.tft=1729978098041&sst.ude=0&_s=3&sid=1729978099&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&dr=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&dt=Early%20Vote%20Action&en=page_load_time_event&ep.pagepath=%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024&epn.load_time_sec=2.5&epn.event_fire_time=1729978100135&ep.event_uuid=07a66785-6729-46af-9f49-8a281f3cb10b&ep.isVideoPage=f&ep.referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&epn.loading_time_sec_on_window_load=2.48&tfd=7516&richsstsse	104.16.229.52	403 Forbidden	18 kB
URL GET HTTP/3 gtm.winred.com/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je4ao0v867905447z872410129za200zb72410129&_p=1729978098041&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=852715641.1729978100&ecid=1394097767&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&frm=0&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.tft=1729978098041&sst.ude=0&_s=3&sid=1729978099&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&dr=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&dt=Early%20Vote%20Action&en=page_load_time_event&ep.pagepath=%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024&epn.load_time_sec=2.5&epn.event_fire_time=1729978100135&ep.event_uuid=07a66785-6729-46af-9f49-8a281f3cb10b&ep.isVideoPage=f&ep.referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&epn.loading_time_sec_on_window_load=2.48&tfd=7516&richsstsse IP 104.16.229.52:443 ASN #13335 CLOUDFLARENET Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerGoogle Trust Services Subjectwinred.com FingerprintEA:31:83:1F:08:96:E5:29:67:8F:95:7B:B7:30:79:D3:65:41:E4:73 ValiditySat, 28 Sep 2024 05:50:45 GMT - Fri, 27 Dec 2024 05:50:44 GMT File type HTML document, ASCII text, with very long lines (17696), with no line terminators Size 18 kB (17696 bytes) Hash 31104e06c129776257cbe10243d1a757 2a15087dfc92465ba800510f1231529d6abc63a1 ad9af64a0002c202cb4c7219b593cbbb1947df8ee6e737850f73183e129c8a33 HTTP Headers GET /g/collect?v=2&tid=G-X6H0114PDF&gtm=45je4ao0v867905447z872410129za200zb72410129&_p=1729978098041&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=852715641.1729978100&ecid=1394097767&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&frm=0&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.tft=1729978098041&sst.ude=0&_s=3&sid=1729978099&sct=1&seg=0&dl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517&dr=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&dt=Early%20Vote%20Action&en=page_load_time_event&ep.pagepath=%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F&ep.pagehostname=secure.winred.com&ep.parsedurl=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024&epn.load_time_sec=2.5&epn.event_fire_time=1729978100135&ep.event_uuid=07a66785-6729-46af-9f49-8a281f3cb10b&ep.isVideoPage=f&ep.referrer=https%3A%2F%2Fsecure.winred.com%2Fearly-vote%2Feva_don_tma_ptp_sp-bc_rs_20241024%2F%3Fex_tid%3D20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517%26__cf_chl_tk%3DS8YaAo8OFZuS5tncScJHvQA50JzWkW5gSoHrXeoyQlI-1729978095-1.0.1.1-QVidAsAOofkpO.TItezUXujLUWz5lniBoCdtPjIFd_8&ep.category=donation%20landing%20page&ep.action=user%20session%20start&ep.label=landing%20page%20settings&ep.customCSS=f&ep.usercategory=anonymous&epn.loading_time_sec_on_window_load=2.48&tfd=7516&richsstsse HTTP/1.1 Host: gtm.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ Origin: https://secure.winred.com DNT: 1 Connection: keep-alive Cookie: _revv_v3_session=bGJlZlBZdkNWekdHSUI4YzVsalpUSVY4UitmWG1Oa1RpVWp1R1piVFRLVmJDd01CQXVMVmpiYXcrVExReWVLa0ZicW9DZ0ErZGFlOXBiTkZGUkl5NE96OFArU0kwa283dTlmZjRZYk9FaUZMYTNpbnZSNHZNeCtJTkl5dTZXUnp3SVlkQ3YwdlNnRFJSL1JKZ0VMK2l3bFRGelVhSVVraWh3YXhibEM4alo1YkJ6YkwrQ0lrVVJLRTEwY2oxdWNQRmZmaENFMmJ3eTNHT0gwZTVocmkreGtnSnpvdDV6T2ovaHB4ZGRTUEhzZmJGSHhTbjZtSWx3cjdPdVc5NnNXbURuSnlIbzN3MlJ3OHlQVW94NVQ4eFdMV0pIOUhLSkNPbjBrdlV3N0R4TDA9LS1ucDRJNjNHS1pmd3FGQ2VsWjRHcEp3PT0%3D--40c71bc6b03a507bed8904ac8d53fec15a64caf5; _gcl_au=1.1.265582602.1729978099; __cf_bm=xCP3KRwqKVW2Et0nTSuhLBtHrhIrLeQa.axLxw3VNcw-1729978099-1.0.1.1-2nVoalPKEoLMNacj6OoJfemCVQPU_Ql2W1Ajak0GxB0bQ5htBMzBtzhoJ5lHW5bDckkCoLI32Gf3O1vb0.AtpQ; _ga_X6H0114PDF=GS1.1.1729978099.1.0.1729978100.0.0.1394097767; _ga=GA1.1.852715641.1729978100; _ga_XQC94J3YLE=GS1.1.1729978099.1.0.1729978099.0.0.0 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/3 403 Forbidden date: Sat, 26 Oct 2024 21:28:25 GMT content-type: text/html; charset=UTF-8 accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy: same-origin x-content-options: nosniff x-frame-options: SAMEORIGIN cf-mitigated: challenge cf-chl-out: WLTHWyXPGmWhzzMChUF5P/Ko08PWo7OA1/iORRyO+1s2cY6SGRvh/Zjv7o/fEF+0sWBdieQ7l92JOPcYaX2ssTne9uXpmB/x/RQMr0iabTvsNrgPbaGC1LAqseVUeDSolh33HiXnooySuybfYn3Aiw==$t17GlWmGH0PwtFIaKBW81g== cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires: Thu, 01 Jan 1970 00:00:01 GMT vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff server: cloudflare cf-ray: 8d8d89353a6bb515-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	secure.winred.com/stylesheets/rv_page_01jb07d25gdvkg8nyt69tcjd9t/1729808652.css	104.19.212.89	200 OK	8.5 kB
URL GET HTTP/3 secure.winred.com/stylesheets/rv_page_01jb07d25gdvkg8nyt69tcjd9t/1729808652.css IP 104.19.212.89:443 ASN #13335 CLOUDFLARENET Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerCloudflare, Inc. Subjectsecure.winred.com FingerprintFF:90:12:D2:0A:57:DF:67:0A:A7:6D:39:C1:D1:05:97:5C:75:E9:E1 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type ASCII text, with very long lines (8505), with no line terminators Size 8.5 kB (8498 bytes) Hash ec079325ab54a29dec1b4323a313a87a 74e78a921ab1c65ff62531633f66e177ce5c3410 6e545f1e141d95f17e3ef023e5a43e51edef28ae91c374958cd96503440a7d47 HTTP Headers GET /stylesheets/rv_page_01jb07d25gdvkg8nyt69tcjd9t/1729808652.css HTTP/1.1 Host: secure.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 DNT: 1 Connection: keep-alive Cookie: __cf_bm=b6lZVFCBxBdK8lcqgf06YE.TtYdt2DWMgONsgtlgDUo-1729978095-1.0.1.1-dohDVDRLMq7pGUWpzCzr8uUYGHorZWsHUnUCKPB2mjvmUfo8rDuabDgELbt6YbaCkXkOIcsyjhIbehJPGe0hHQ; cf_clearance=fwgu4tkM3CYUh1zPvP2Qp7AVSUZSwUCEMVh1R3QPtvY-1729978095-1.2.1.1-hLMcWqZybSGFM92fSHC7MWkVtyMNXM0nZDOALBwWNjhu_ymt.FOYuk8_EVr6mGaZBubeYWFsSoaab4JCJIJdJNR2_dOxucCH7AxSCDC3hW4nme0Z0MJqSsnw.HQBVSSU4upeNUbKmG67MDjLIzWW8YXWPorlfHJ5fZED3VWzd3.6k_H.2VDfOywrQ1aReJRQ3o_5Pvi2jzqcWVuh8Z4V12Dkt53W.y9FKmj70mk_Nt6bUsM02PRBg4yONv6rnJw_YuPPRPDq7GqvhzlWB.wOVcUKnIuwFIb15QlyfTOTypcMTa.duSmsvkEZOZqPjfPTI9ovsC5mfuBi1QGy1SshWpdj1_0Z3OrdjSlQfgiUpPpcnAosXhhQQ2Q0B5rz1tCk; __production_revv_csrftoken=1729978097%7CNbo5L%2BdgAr%2B7hQgooS%2FewvO39YMGBOinrqBElKYZRTQ%3D%7C%2BYct8j4m85OG%2Fwq9gZuXaEhqJF5%2FZ1QGhwhNemODceM%3D; _revv_v3_session=bGJlZlBZdkNWekdHSUI4YzVsalpUSVY4UitmWG1Oa1RpVWp1R1piVFRLVmJDd01CQXVMVmpiYXcrVExReWVLa0ZicW9DZ0ErZGFlOXBiTkZGUkl5NE96OFArU0kwa283dTlmZjRZYk9FaUZMYTNpbnZSNHZNeCtJTkl5dTZXUnp3SVlkQ3YwdlNnRFJSL1JKZ0VMK2l3bFRGelVhSVVraWh3YXhibEM4alo1YkJ6YkwrQ0lrVVJLRTEwY2oxdWNQRmZmaENFMmJ3eTNHT0gwZTVocmkreGtnSnpvdDV6T2ovaHB4ZGRTUEhzZmJGSHhTbjZtSWx3cjdPdVc5NnNXbURuSnlIbzN3MlJ3OHlQVW94NVQ4eFdMV0pIOUhLSkNPbjBrdlV3N0R4TDA9LS1ucDRJNjNHS1pmd3FGQ2VsWjRHcEp3PT0%3D--40c71bc6b03a507bed8904ac8d53fec15a64caf5 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:18 GMT content-type: text/css; charset=utf-8 cf-ray: 8d8d8908df7256bf-OSL cf-cache-status: HIT cache-control: public, max-age=31556952 content-encoding: gzip expires: Mon, 27 Oct 2025 03:17:30 GMT last-modified: Fri, 25 Oct 2024 13:58:23 GMT strict-transport-security: max-age=15552000; includeSubDomains vary: Accept-Encoding referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-download-options: noopen x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-rack-cors: miss; no-origin x-request-id: 036671eb-86ff-4205-8001-cf14d54a4abc x-runtime: 0.032355 x-xss-protection: 1; mode=block server: cloudflare alt-svc: h3=":443"; ma=86400

	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	104.16.79.73	200 OK	20 kB
URL GET HTTP/2 static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.79.73:443 ASN #13335 CLOUDFLARENET Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerGoogle Trust Services Subjectcloudflareinsights.com FingerprintFB:0A:B6:18:33:15:47:A9:D8:B5:ED:D3:1B:EE:13:FF:3F:80:C4:E6 ValidityTue, 03 Sep 2024 08:38:23 GMT - Mon, 02 Dec 2024 08:38:22 GMT File type JavaScript source, ASCII text, with very long lines (19948), with no line terminators Size 20 kB (19948 bytes) Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f HTTP Headers `GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1 Host: static.cloudflareinsights.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ Origin: https://secure.winred.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Sat, 26 Oct 2024 21:28:18 GMT content-type: text/javascript;charset=UTF-8 access-control-allow-origin: * cache-control: public, max-age=86400 etag: W/"2024.6.1" last-modified: Thu, 06 Jun 2024 15:52:56 GMT cross-origin-resource-policy: cross-origin vary: Accept-Encoding server: cloudflare cf-ray: 8d8d8908e98b569d-OSL content-encoding: gzip X-Firefox-Spdy: h2`

	secure.winred.com/assets/win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg	104.19.212.89	200 OK	20 kB
URL GET HTTP/3 secure.winred.com/assets/win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg IP 104.19.212.89:443 ASN #13335 CLOUDFLARENET Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerCloudflare, Inc. Subjectsecure.winred.com FingerprintFF:90:12:D2:0A:57:DF:67:0A:A7:6D:39:C1:D1:05:97:5C:75:E9:E1 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT File type SVG Scalable Vector Graphics image Size 20 kB (19707 bytes) Hash d31530d4186af669daf4f47099614593 9d5cb2e3ddbf0574c08e6dc6404b12368bb83731 5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848 HTTP Headers GET /assets/win-red-full-red-5c68c8aaba76ec9fb516f84adaf0f4b53240d5730f4ab8339417725a536ea848.svg HTTP/1.1 Host: secure.winred.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 DNT: 1 Connection: keep-alive Cookie: __cf_bm=b6lZVFCBxBdK8lcqgf06YE.TtYdt2DWMgONsgtlgDUo-1729978095-1.0.1.1-dohDVDRLMq7pGUWpzCzr8uUYGHorZWsHUnUCKPB2mjvmUfo8rDuabDgELbt6YbaCkXkOIcsyjhIbehJPGe0hHQ; cf_clearance=fwgu4tkM3CYUh1zPvP2Qp7AVSUZSwUCEMVh1R3QPtvY-1729978095-1.2.1.1-hLMcWqZybSGFM92fSHC7MWkVtyMNXM0nZDOALBwWNjhu_ymt.FOYuk8_EVr6mGaZBubeYWFsSoaab4JCJIJdJNR2_dOxucCH7AxSCDC3hW4nme0Z0MJqSsnw.HQBVSSU4upeNUbKmG67MDjLIzWW8YXWPorlfHJ5fZED3VWzd3.6k_H.2VDfOywrQ1aReJRQ3o_5Pvi2jzqcWVuh8Z4V12Dkt53W.y9FKmj70mk_Nt6bUsM02PRBg4yONv6rnJw_YuPPRPDq7GqvhzlWB.wOVcUKnIuwFIb15QlyfTOTypcMTa.duSmsvkEZOZqPjfPTI9ovsC5mfuBi1QGy1SshWpdj1_0Z3OrdjSlQfgiUpPpcnAosXhhQQ2Q0B5rz1tCk; __production_revv_csrftoken=1729978097%7CNbo5L%2BdgAr%2B7hQgooS%2FewvO39YMGBOinrqBElKYZRTQ%3D%7C%2BYct8j4m85OG%2Fwq9gZuXaEhqJF5%2FZ1QGhwhNemODceM%3D; _revv_v3_session=bGJlZlBZdkNWekdHSUI4YzVsalpUSVY4UitmWG1Oa1RpVWp1R1piVFRLVmJDd01CQXVMVmpiYXcrVExReWVLa0ZicW9DZ0ErZGFlOXBiTkZGUkl5NE96OFArU0kwa283dTlmZjRZYk9FaUZMYTNpbnZSNHZNeCtJTkl5dTZXUnp3SVlkQ3YwdlNnRFJSL1JKZ0VMK2l3bFRGelVhSVVraWh3YXhibEM4alo1YkJ6YkwrQ0lrVVJLRTEwY2oxdWNQRmZmaENFMmJ3eTNHT0gwZTVocmkreGtnSnpvdDV6T2ovaHB4ZGRTUEhzZmJGSHhTbjZtSWx3cjdPdVc5NnNXbURuSnlIbzN3MlJ3OHlQVW94NVQ4eFdMV0pIOUhLSkNPbjBrdlV3N0R4TDA9LS1ucDRJNjNHS1pmd3FGQ2VsWjRHcEp3PT0%3D--40c71bc6b03a507bed8904ac8d53fec15a64caf5 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:18 GMT content-type: image/svg+xml cf-ray: 8d8d8908ef9956bf-OSL cf-cache-status: HIT age: 1142 cache-control: public, max-age=14400 etag: W/"d31530d4186af669daf4f47099614593" expires: Sun, 27 Oct 2024 01:28:18 GMT last-modified: Tue, 10 Sep 2024 01:04:24 GMT strict-transport-security: max-age=15552000; includeSubDomains vary: Accept-Encoding x-amz-id-2: VC8mug8GtJ3bnmDqn9DC/M67uAfT/YlgQrKTzTRn5mHOBgLIu4maGR39DGWsEHot34+N1V3/zGI= x-amz-request-id: VS4XF1CAFDXEY509 x-amz-version-id: 86XNNdFFxo22qzydWU6UeObHymgx_nvv x-content-type-options: nosniff server: cloudflare content-encoding: br alt-svc: h3=":443"; ma=86400

	js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html	151.101.128.176	200 OK	651 B
URL GET HTTP/3 js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type HTML document, ASCII text, with very long lines (669), with no line terminators Size 651 B (651 bytes) Hash fb6e7f3e90bd5e897991d8ef214b8598 35949e7cc041a82426aa3721a9bb66d232d704ce f417448941aeb83185ee20eb4b11ee7948ee1d20f4b5827f22f8cae2179cb6f1 HTTP Headers GET /v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-length: 401 last-modified: Fri, 25 Oct 2024 20:04:14 GMT etag: "1a6a00ea4cc8720448dc91f1c79dd208" cache-control: max-age=60, stale-while-revalidate=900 content-type: text/html; charset=utf-8 content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report origin-agent-cluster: ?1 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:18 GMT via: 1.1 varnish age: 48 x-request-id: ae348462-3756-4e70-90df-38ea8cb870f5 x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 11 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

	newassets.hcaptcha.com/captcha/v1/8352e07/static/hcaptcha.html	104.19.229.21	200 OK	359 kB
URL GET HTTP/3 newassets.hcaptcha.com/captcha/v1/8352e07/static/hcaptcha.html IP 104.19.229.21:443 ASN #13335 CLOUDFLARENET Requested by https://b.stripecdn.com/stripethirdparty-srv/assets/v21.23/HCaptchaInvisible.html?id=bd2b9dcd-1e41-452c-9c2e-35c638de5bfa&origin=https%3A%2F%2Fjs.stripe.com Certificate IssuerGoogle Trust Services Subjecthcaptcha.com Fingerprint88:FF:9C:DC:27:99:24:BE:11:6A:8A:2A:CD:49:CD:45:93:8C:4E:AD ValiditySat, 07 Sep 2024 22:14:18 GMT - Fri, 06 Dec 2024 22:14:17 GMT File type Size 359 kB (359430 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /captcha/v1/8352e07/static/hcaptcha.html HTTP/1.1 Host: newassets.hcaptcha.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b.stripecdn.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Sat, 26 Oct 2024 21:28:21 GMT content-type: text/html cache-control: max-age=3600 vary: Accept-Encoding, Origin alt-svc: h3=":443"; ma=86400 cf-cache-status: HIT strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff content-security-policy: report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1; server: cloudflare cf-ray: 8d8d891c4beab51e-OSL content-encoding: br

	js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html	151.101.128.176	200 OK	200 B
URL GET HTTP/3 js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html IP 151.101.128.176:443 ASN #54113 FASTLY Requested by https://secure.winred.com/early-vote/eva_don_tma_ptp_sp-bc_rs_20241024/?ex_tid=20241026_ScillaXL-GPM14.115118_ballot-chasers_t1571772-3517 Certificate IssuerDigiCert Inc Subjecta.stripecdn.com Fingerprint0E:17:43:FE:6D:ED:6B:F2:F6:7A:FD:9D:07:5E:99:A6:66:F9:98:16 ValidityThu, 29 Aug 2024 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT File type HTML document, ASCII text, with no line terminators Size 200 B (200 bytes) Hash 17d1120334cb0cb3cd8a62fc03671010 b40ef341ad651dcdb89d6a510fe324a79e18fc37 b37c9e71ffd7587b59be57d9644c546deae50598348d3f057ef3e971d2d7285c HTTP Headers GET /v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.winred.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-length: 154 last-modified: Fri, 11 Nov 2022 20:25:37 GMT etag: "3437aaddcdf6922d623e172c2d6f9278" cache-control: max-age=31536000 content-type: text/html; charset=utf-8 content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Sat, 26 Oct 2024 21:28:23 GMT via: 1.1 varnish age: 2228491 x-request-id: bfa89ba7-81e6-49d5-87ed-34f5f92b330e x-served-by: cache-hel1410031-HEL x-cache: HIT x-cache-hits: 514517 vary: Accept-Encoding timing-allow-origin: * alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

JavaScript (67)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash