urlscan.io logo urlscan.io
SecurityTrails logo

free.presidentialgreats.com Open in urlscan Pro
172.67.184.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://psee.io/66wxza
Effective URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=...
Submission: On July 14 via manual from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 14 domains to perform 50 HTTP transactions. The main IP is 172.67.184.25, located in United States and belongs to CLOUDFLARENET, US. The main domain is free.presidentialgreats.com.
TLS certificate: Issued by WE1 on July 9th 2024. Valid for: 3 months.
This is the only time free.presidentialgreats.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    3.232.101.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-101-2.compute-1.amazonaws.com
psee.io
1    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    3.144.17.14 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-144-17-14.us-east-2.compute.amazonaws.com
tn9omrelc.com
1    34.215.35.91 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-35-91.us-west-2.compute.amazonaws.com
tekramnotsob.com
1    35.241.19.31 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 31.19.241.35.bc.googleusercontent.com
www.poptrkr.com
17    172.67.184.25 (United States)

ASN13335 (CLOUDFLARENET, US)
free.presidentialgreats.com
4    2607:f8b0:4004:c06::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2607:f8b0:400d:c04::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    151.101.130.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
static.klaviyo.com
3    2607:f8b0:400d:c0f::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    151.101.2.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
static-tracking.klaviyo.com
fast.a.klaviyo.com
static-forms.klaviyo.com
1    173.194.66.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f157.1e100.net
googleads.g.doubleclick.net
2    2607:f8b0:4004:c08::8a (Washington, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c21::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    172.253.122.99 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f99.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
17 presidentialgreats.com
free.presidentialgreats.com
839 KB
12 klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 3271
static-tracking.klaviyo.com — Cisco Umbrella Rank: 4013
fast.a.klaviyo.com — Cisco Umbrella Rank: 4261
static-forms.klaviyo.com — Cisco Umbrella Rank: 4011
77 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 72
409 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 157
www.google.com — Cisco Umbrella Rank: 5
64 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 69
stats.g.doubleclick.net — Cisco Umbrella Rank: 133
2 KB
3 gstatic.com
fonts.gstatic.com
88 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 240
198 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 67
21 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 74
2 KB
1 poptrkr.com
www.poptrkr.com
792 B
1 tekramnotsob.com
tekramnotsob.com
738 B
1 tn9omrelc.com
tn9omrelc.com Failed
275 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
270 B
1 psee.io
psee.io
2 KB
50 14
Domain Requested by
17 free.presidentialgreats.com 2 redirects psee.io
free.presidentialgreats.com
8 static.klaviyo.com free.presidentialgreats.com
static.klaviyo.com
4 www.googletagmanager.com free.presidentialgreats.com
www.googletagmanager.com
3 fonts.gstatic.com fonts.googleapis.com
3 cdnjs.cloudflare.com free.presidentialgreats.com
cdnjs.cloudflare.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 analytics.google.com www.googletagmanager.com
2 static-tracking.klaviyo.com static.klaviyo.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.google.com free.presidentialgreats.com
1 static-forms.klaviyo.com static-tracking.klaviyo.com
1 fast.a.klaviyo.com static-tracking.klaviyo.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.googleapis.com free.presidentialgreats.com
1 www.poptrkr.com 1 redirects
1 tekramnotsob.com 1 redirects
1 tn9omrelc.com psee.io
1 www.facebook.com psee.io
1 psee.io
50 19

This site contains no links.

Subject Issuer Validity Valid
psee.io
Amazon RSA 2048 M02		 2024-04-05 -
2025-05-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-23 -
2024-07-22		 3 months crt.sh
presidentialgreats.com
WE1		 2024-07-09 -
2024-10-07		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
static.klaviyo.com
R11		 2024-07-11 -
2024-10-09		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
static-tracking.klaviyo.com
R3		 2024-05-20 -
2024-08-18		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
fast.a.klaviyo.com
R11		 2024-07-11 -
2024-10-09		 3 months crt.sh
static-forms.klaviyo.com
R11		 2024-06-19 -
2024-09-17		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Frame ID: F9693095460CFEDE3D7BCAD7B101B2D2
Requests: 48 HTTP requests in this frame

Frame: https://free.presidentialgreats.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js
Frame ID: 4F9E47208122F11B8177A2B7A58499AE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free Take Back America FlagFree Trump 2024 Supporter Flag

Page URL History Show full URLs

  1. https://psee.io/66wxza Page URL
  2. https://tn9omrelc.com/?E=TDtmebpwwNUhdFrhCgbYeYYeZ9uj%2bKn%2b&s1=hell09 HTTP 302
    https://tekramnotsob.com/?E=TDtmebpwwNUhdFrhCgbYeYYeZ9uj%2bKn%2b&s1=hell09&ckmguid=b908f8c8-e3a8-4469... HTTP 302
    https://www.poptrkr.com/FNX4R/9B9DM1/?sub1=9347&sub2=570526889&sub3=hell09 HTTP 302
    https://free.presidentialgreats.com/tabflagnbar?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id... HTTP 301
    https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_i... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • klaviyo\.com

Page Statistics

50
Requests

94 %
HTTPS

41 %
IPv6

14
Domains

19
Subdomains

15
IPs

2
Countries

1637 kB
Transfer

3044 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://psee.io/66wxza Page URL
  2. https://tn9omrelc.com/?E=TDtmebpwwNUhdFrhCgbYeYYeZ9uj%2bKn%2b&s1=hell09 HTTP 302
    https://tekramnotsob.com/?E=TDtmebpwwNUhdFrhCgbYeYYeZ9uj%2bKn%2b&s1=hell09&ckmguid=b908f8c8-e3a8-4469-ba0e-595ceb127914 HTTP 302
    https://www.poptrkr.com/FNX4R/9B9DM1/?sub1=9347&sub2=570526889&sub3=hell09 HTTP 302
    https://free.presidentialgreats.com/tabflagnbar?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e HTTP 301
    https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://free.presidentialgreats.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://free.presidentialgreats.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
66wxza
psee.io/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://psee.io/66wxza
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.101.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-101-2.compute-1.amazonaws.com
Software
Apache/2.4.56 (Debian) / PHP/7.4.33
Resource Hash
68eb6b1faf693f746bf9cd2eea47b1aaf54d24d519c5caf514e7a95d8a5a2ca2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
1576
content-type
text/html; charset=UTF-8
date
Sun, 14 Jul 2024 16:27:40 GMT
server
Apache/2.4.56 (Debian)
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
tr
www.facebook.com/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=210658978467887&ev=ViewContent&cd[content_name]=tn9omrelc.com&cd[content_category]=https%3A%2F%2Ftn9omrelc.com%2F%3FE%3DTDtmebpwwNUhdFrhCgbYeYYeZ9uj%252bKn%252b%26s1%3Dhell09&cd[content_ids]=&_t=1720974460
Requested by
Host: psee.io
URL: https://psee.io/66wxza
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://psee.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1297, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 14 Jul 2024 16:27:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
tn9omrelc.com/ 		0
0
/
tn9omrelc.com/ 		0
0
Primary Request /
free.presidentialgreats.com/tabflagnbar/
Redirect Chain
  • https://tn9omrelc.com/?E=TDtmebpwwNUhdFrhCgbYeYYeZ9uj%2bKn%2b&s1=hell09
  • https://tekramnotsob.com/?E=TDtmebpwwNUhdFrhCgbYeYYeZ9uj%2bKn%2b&s1=hell09&ckmguid=b908f8c8-e3a8-4469-ba0e-595ceb127914
  • https://www.poptrkr.com/FNX4R/9B9DM1/?sub1=9347&sub2=570526889&sub3=hell09
  • https://free.presidentialgreats.com/tabflagnbar?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
  • https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
35 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Requested by
Host: psee.io
URL: https://psee.io/66wxza
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84c3f4c8c57d1c1251b9cb59dd977a9d82492f2561e0fd258292b5ad9bb3c19e

Request headers

Referer
https://psee.io/66wxza
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a32e1b6b8c09abf-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 14 Jul 2024 16:27:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pn9d0FmvWJITdRtR5MA%2Brx%2F3C7ly%2B08Se%2FRZfTgYriU66jMfgC5wK9HR5YsMz%2BocHYzUctO1WnjibTy5EJB2KgMKGEqEl5il929b7OqaxpZYqxJmoYEjvC1sM%2BCWu%2BnLj%2Br3GPJbrcyEg4SkZeI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a32e1b5efe59abf-MIA
content-type
text/html; charset=iso-8859-1
date
Sun, 14 Jul 2024 16:27:42 GMT
location
https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=47vmrpZFbbVK29XXASIgKf0VtTrxC1pRn3SeRjGwQUro8tESzB5Hxu9vaV3B8XkvzCCIWRSRh3bZRMTXeARbaCdFuERh2ojZfTIezePk9ZnIqAbVuT4GSHYhMGjiHDXHfeCvS3YPDoPb70CpeCc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
app2.css
free.presidentialgreats.com/tabflagnbar/app/desktop/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://free.presidentialgreats.com/tabflagnbar/app/desktop/css/app2.css?v=2096922665
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
778c5ab6f64f51706c043768a2f27892ece72742641de0c3843b1a2b8b3a0669

Request headers

Referer
https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:42 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 04 Jul 2024 09:12:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mQ5CwOuYlObYEB7VQGlG%2Bm4DgIrYJgNkK2WIkoteY72HDZrwYe7ihRFTkSM%2FzhizJ0SV4hFqLsgJl7TeHsvy%2FJPPbmytVLiXVvM2flFbbW6owYNtMHKJDBjC17yGBTgpGR58FvzV1%2BeOZ8pt%2Bi8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a32e1b769819abf-MIA
alt-svc
h3=":443"; ma=86400
content-length
2779
js
www.googletagmanager.com/gtag/ 		208 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-57087514-15
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa9a748543531c9c2b327bd2840fdada5ae0359d765f1f4198859155f74b0d54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76820
x-xss-protection
0
last-modified
Sun, 14 Jul 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Jul 2024 16:27:42 GMT
js
www.googletagmanager.com/gtag/ 		374 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1003840432
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
99dc0e84664265a094780938c79c424ca44a0465eb9eeaa1aad671b060be5860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
123085
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jul 2024 16:27:42 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/ 		101 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ceaaba22d75b58e04150311f596306562a3e595e27ed4b1dfa451b82dda9e50
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://free.presidentialgreats.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
249688
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18938
last-modified
Wed, 03 Apr 2024 02:35:32 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"660cc074-49fa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=maOHvggl4g%2B9ePnl%2FvU%2FmPTkNWcDLRYa13ijwqtGeD7%2FfQ7a5kCcG3d3L9OrLp7Pf2LFERQXJg0QVIzubAgvdt%2Bkf8zb8ivuAgXP%2F8LSRHd5Czsqc2Nj2B5QsHIgkcgYYr12StTb"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a32e1b7ad259071-MIA
expires
Fri, 04 Jul 2025 16:27:42 GMT
css
fonts.googleapis.com/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Manrope:regular,bold,400|Libre+Franklin:regular,bold,400|Noto+Sans%20NKo%20Unjoined:regular,bold,400|Open+Sans:regular,bold,500|
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
70372697c8ee6aa3f8004fc18513f64e47b8e400ccc59505e69994aa05caebd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jul 2024 16:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jul 2024 16:27:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jul 2024 16:27:42 GMT
custom.css
free.presidentialgreats.com/tabflagnbar/app/desktop/css/ 		83 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://free.presidentialgreats.com/tabflagnbar/app/desktop/css/custom.css
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5a7e20a3a42f94c81aa73f1adcd03dcc41a76f7270f7d53f384fd9f0fd44c5f

Request headers

Referer
https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:42 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 09:12:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
808
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OsKtRMJop3CKOA3aSRP59mGASWN%2F%2FMr8T5O2UYeQMxnAYz8M7lKGJAzlgTu%2BLofn7bbaOZVUQVpzNvp%2FQ9crGK%2B5TblHf4Un%2F4nnWJGlI6%2F7mM1%2Fvby4yJpoYdW6k8hNKG%2BcJ3RIzBMfFVtE1Z8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a32e1b769879abf-MIA
alt-svc
h3=":443"; ma=86400
content-length
10182
page-index.css
free.presidentialgreats.com/tabflagnbar/app/desktop/css/ 		44 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://free.presidentialgreats.com/tabflagnbar/app/desktop/css/page-index.css
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f1775b3dd2bbf835db48afa0b39cc1cbb9999636feb62ef239879f76b821b69

Request headers

Referer
https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:42 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 09:12:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
808
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JudzD42on6EhO6BLLwyYDR3R322OYoO%2BnncAHX1a2ZFpt2wqV%2BxKwlWLkTXnSPzO%2Fo1XaPltqlzO2c6WMgmcFmUMPrh9ypBmWZC0ydtNP9%2FHX3PzPVaBxmY%2FvsvJyE70IQJQQJ4HwQ1dk9CtpS4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a32e1b769899abf-MIA
alt-svc
h3=":443"; ma=86400
content-length
4808
2c3c7a4d824bd109f5ea9c5609b252ef.jpg
free.presidentialgreats.com/tabflagnbar/app/desktop/images/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://free.presidentialgreats.com/tabflagnbar/app/desktop/images/2c3c7a4d824bd109f5ea9c5609b252ef.jpg
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4b1c2c48463d5e84952802e49876d9b80154655b7c5d9aedda679f0e549b27b

Request headers

Referer
https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:42 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 09:12:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
808
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NvQQrceUd2kFICwp1T8tIFNwL9n2G6LnPCvuF%2FH%2FSLGnGHmLGQLbMQw4w86FMIMohc%2F%2B2HfxfMYeWmqfCclSx56bmB%2BEOqyPdu%2F3cZtusu9fyrkS9zDbZXfUiTO7FBpWI1nmuMRTfklyMCekU8U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a32e1b7698a9abf-MIA
alt-svc
h3=":443"; ma=86400
content-length
56693
8426c2b33feb0766bfc7d344b80cfa29.jpg
free.presidentialgreats.com/tabflagnbar/app/desktop/images/ 		217 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://free.presidentialgreats.com/tabflagnbar/app/desktop/images/8426c2b33feb0766bfc7d344b80cfa29.jpg
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae452fcb2656f2104bd80d59c03aecbd6aee1683bf6451d8c2bbcbf793f1599

Request headers

Referer
https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:42 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 09:12:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
808
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hNe35vtFAu2UIsBt%2B%2BPv6rogJ%2BalnfR142%2BKDByNPmgn1ZmJZckQjGFBKpPCeX0sn83ZP%2BlIfWsHZuhLcHmZjlhIX1ChU8Q6i1fdSl%2BvKgvbzY8IOGA12lUsaV4aX%2Fh7YBQSKMTi3RPHnj%2F0HhM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a32e1b7698b9abf-MIA
alt-svc
h3=":443"; ma=86400
content-length
222435
bbe30e2fa65539452245b5ba7c11dd3e.jpg
free.presidentialgreats.com/tabflagnbar/app/desktop/images/ 		148 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://free.presidentialgreats.com/tabflagnbar/app/desktop/images/bbe30e2fa65539452245b5ba7c11dd3e.jpg
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e1314d4fa15ffc61a3d294b56dc5e3f33e96f4d09e73d3ccc6ac7464d3657a

Request headers

Referer
https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:42 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 09:12:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2357
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ipqK3Ry6CVT0JhGsK0Dz9PHGvSd1dPKwvPauKpzy7j%2FnCV%2BdxiwAcsF7CY4NmuMgtb6en%2BXEnY%2FM4dUy58x%2FjXFgi%2FZ5ORRZda1%2Fwv%2FlPfTPLVQ1LuK7XlrEyRXc0%2FezQ7zuweHjd2J5VN%2BKVgo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a32e1b84a949abf-MIA
alt-svc
h3=":443"; ma=86400
content-length
152038
6c4958aa8dbc1f6f63087bcdbc5cbe34.webp
free.presidentialgreats.com/tabflagnbar/app/desktop/images/ 		182 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://free.presidentialgreats.com/tabflagnbar/app/desktop/images/6c4958aa8dbc1f6f63087bcdbc5cbe34.webp
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e1a59ff1e52ad93f69b086e98b34a660ac4c861bbf2e86bd0d259f38bbd4cd

Request headers

Referer
https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:42 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 09:12:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6083
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DD5E3ABESHRW1UxQg0rnl1NrCkSlUjqMGYgv66Z222LAPNSDdT%2FF7MqVYhCwjMNzSHQcrjfjym%2BnWrQWCoIHQ0d0C9JnLy97fg7JG9gc8UrHfPF7gLoZsi0uVI4Yt7f6%2BhuPzwrtOirrGwdxSrA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
cf-ray
8a32e1b84a979abf-MIA
alt-svc
h3=":443"; ma=86400
082f01314eb4ff790d3f5ae93fcd2ea3.png
free.presidentialgreats.com/tabflagnbar/app/desktop/images/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://free.presidentialgreats.com/tabflagnbar/app/desktop/images/082f01314eb4ff790d3f5ae93fcd2ea3.png
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a751fa8edb64ed014b2215bc910491a6136b74fc7f62ab8edb458e59380dd7d

Request headers

Referer
https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:42 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 09:12:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
808
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=udbOdhzEQufl%2BTOsvGDOUe4vLbLPOQ0YgC0hDiSFKXFJCNGSaKhs7w5%2FvIsoS5bhQNPeseLWpLEhhTMvI%2F7U5WwoBKWMJrRmMpMvKaKQiVz%2F%2F8feF%2BBqcZouHxQqmOEpWP5f7re2KXfS3jcY8aA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a32e1b84a989abf-MIA
alt-svc
h3=":443"; ma=86400
content-length
53755
codebase.min.js
free.presidentialgreats.com/tabflagnbar/assets/dist/ 		163 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://free.presidentialgreats.com/tabflagnbar/assets/dist/codebase.min.js
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0682aae7fa0402a8cd80cff9b5ab6055a4cebc032e659f97cee9b7aa5f8a014

Request headers

Referer
https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:42 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 25 Jun 2024 14:48:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2357
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1AgSjC7hvG6dIXuvBzxLThqvrJkSPLOQ5evYChPJvhwrbWwRwUT1a2NouoAlEtYVS3BgphxaACcXYo1tkz9KdIMI3VbhCFRpfrlqctL3ZZVxFuVshA7%2BJSxRO8YRp18F9O%2F4LTukVtZxcIyftSg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a32e1b84a9a9abf-MIA
alt-svc
h3=":443"; ma=86400
content-length
46313
klaviyo.js
static.klaviyo.com/onsite/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDVQcy
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a035f47965856f7bef4da0bef6ffdf2386bae05e2de2edfb94c77f0f482da583
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Sun, 14 Jul 2024 16:27:42 GMT
age
146316
x-cache
HIT, HIT
content-length
1058
x-served-by
cache-lga13622-LGA, cache-mia-kmia1760025-MIA
server
nginx
x-timer
S1720974463.861398,VS0,VE0
etag
"20e2adff9d815b4bdfa626495288204c"
allow
GET, OPTIONS
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-language
en-us
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
content-type
application/javascript
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
1, 1138
be20f000fef2cb9e8ff3dd0cd25f7a32.png
free.presidentialgreats.com/tabflagnbar/app/desktop/images/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://free.presidentialgreats.com/tabflagnbar/app/desktop/images/be20f000fef2cb9e8ff3dd0cd25f7a32.png
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/app/desktop/css/page-index.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
970c8bc364e90402e313db319339abc7e5f0547da30d10e02b323a892f024688

Request headers

Referer
https://free.presidentialgreats.com/tabflagnbar/app/desktop/css/page-index.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:42 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 09:12:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
808
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kpJv7eg14Pi3mSVWAlThcuDeFW6pep8qcBxuuNEZH6qhlRMjoTn1o2LLDWRJ%2Fm43a%2BHW4QqpZBt65V4jVb33RXlSy1mAlKGbksUIGDd1zVIgIgUgfQhUWxzmhlFIj1nC6gLK0VHY9LL6o4Zupcg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a32e1b8fb6e9abf-MIA
alt-svc
h3=":443"; ma=86400
content-length
104056
xn7gYHE41ni1AdIRggexSg.woff2
fonts.gstatic.com/s/manrope/v15/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Manrope:regular,bold,400|Libre+Franklin:regular,bold,400|Noto+Sans%20NKo%20Unjoined:regular,bold,400|Open+Sans:regular,bold,500|
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://free.presidentialgreats.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 20:23:31 GMT
x-content-type-options
nosniff
age
331452
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24376
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:22:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jul 2025 20:23:31 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/webfonts/ 		153 KB
153 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css
Origin
https://free.presidentialgreats.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:42 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6294557
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
156400
last-modified
Wed, 03 Apr 2024 02:35:32 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"660cc074-262f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wrswwDocLhvuKNPJLlCfU6MCrKZvtYrvu3VKRmJAwWwqGrj2hZYj%2Fa3RCRmqZhc6Vcu4lEFlyNla1kUNgh7HVEibYIC4ZPc6%2B7Hoegw0yXMHkr99PPA%2Bg%2FVglv4uthk1Jd6xfKTu"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a32e1b958c39071-MIA
expires
Fri, 04 Jul 2025 16:27:42 GMT
MCoCzBjx1d3VUhJFK9MYlNCXJ6VvqwGPz3szFuxpFw.woff2
fonts.gstatic.com/s/notosansnkounjoined/v2/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosansnkounjoined/v2/MCoCzBjx1d3VUhJFK9MYlNCXJ6VvqwGPz3szFuxpFw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Manrope:regular,bold,400|Libre+Franklin:regular,bold,400|Noto+Sans%20NKo%20Unjoined:regular,bold,400|Open+Sans:regular,bold,500|
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c466698030afbffec5a24969ad4af119799efa4a698a991ac7fde5f2330e8025
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://free.presidentialgreats.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 14:39:56 GMT
x-content-type-options
nosniff
age
6467
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17180
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 15:41:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Jul 2025 14:39:56 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/webfonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27da6f833431da5aa295c44540bfac0fd8270ba6a3c4346427006d8a7b34b76
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css
Origin
https://free.presidentialgreats.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:42 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
186091
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25392
last-modified
Wed, 03 Apr 2024 02:35:32 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"660cc074-6330"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZXRoTAHiZJJyd%2BikT350TXU0DEml%2FQOmiUzbkAjkyFAFxaJW9aEhfow%2BBmFY0ajzeO6U%2BhC91VrzrygjsFrNFysHfimf2%2BfJtc6bYtACEarxS3dC60s1G6d602%2FKn%2FDtCJVKRW8F"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a32e1b958c69071-MIA
expires
Fri, 04 Jul 2025 16:27:42 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Manrope:regular,bold,400|Libre+Franklin:regular,bold,400|Noto+Sans%20NKo%20Unjoined:regular,bold,400|Open+Sans:regular,bold,500|
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://free.presidentialgreats.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 14:31:02 GMT
x-content-type-options
nosniff
age
352601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jul 2025 14:31:02 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LV9NEE34GX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57087514-15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5404b7f4cd2f217ae85bfb3ef1aaeec14e50a74deee9a3fb32308df6088731b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94648
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jul 2024 16:27:43 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57087514-15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 14 Jul 2024 16:14:27 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
796
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 14 Jul 2024 18:14:27 GMT
js
www.googletagmanager.com/gtag/ 		374 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1003840432&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57087514-15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f0a4a56cec8e8530dcdbfa2997a07d62a59a1f63c0c6f838f9963c0faaa2876e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
123040
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jul 2024 16:27:43 GMT
klaviyo.js
static.klaviyo.com/onsite/js/ 		4 KB
110 B 		Other
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDVQcy
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a035f47965856f7bef4da0bef6ffdf2386bae05e2de2edfb94c77f0f482da583
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:43 GMT
via
1.1 varnish
content-encoding
br
content-security-policy
object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
age
146316
x-cache
HIT
content-length
1058
x-served-by
cache-mia-kmia1760025-MIA
server
nginx
x-timer
S1720974463.008589,VS0,VE0
etag
"20e2adff9d815b4bdfa626495288204c"
vary
Accept-Encoding
access-control-allow-methods
GET
content-language
en-us
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
access-control-max-age
86400
accept-ranges
bytes
access-control-allow-headers
allow
GET, OPTIONS
x-cache-hits
1139
fender_analytics.f692ee00c71150d7db91.js
static-tracking.klaviyo.com/onsite/js/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/fender_analytics.f692ee00c71150d7db91.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDVQcy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56

Request headers

Referer
https://free.presidentialgreats.com/
Origin
https://free.presidentialgreats.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
5WJy..Lo4mK2jnII0rHa1l5haINArMgZ
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Sun, 14 Jul 2024 16:27:43 GMT
x-amz-request-id
41Y2RTP149KA3F25
age
146322
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
12748
x-amz-id-2
mKL1xWMRGO3xerTYlPL0yRvVbZ5DZgnzOEYw7UzT/IairFK8mTlaNUFMOeD5za6kjnB4D8Fzjtw=
x-served-by
cache-lga21947-LGA, cache-mia-kmia1760047-MIA
last-modified
Thu, 11 Apr 2024 15:48:20 GMT
server
AmazonS3
etag
"cb6418619f08d5e582cf68f2d2432438"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
f762585ddd3a013913c4e420e75aa2819d1084f2
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
2, 91701
static.500134348b1f0969ffe3.js
static-tracking.klaviyo.com/onsite/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDVQcy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

Referer
https://free.presidentialgreats.com/
Origin
https://free.presidentialgreats.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
2L_.X11dgB5ItJdIxOLpsdUl7RuAaHwi
via
1.1 varnish, 1.1 varnish
date
Sun, 14 Jul 2024 16:27:43 GMT
x-amz-request-id
F82JVRQFRQE0D0ND
age
146322
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
2183
x-amz-id-2
XmO+iStmg5njyuMH7vXkQdM03SQBJDOIcVKuFvHQmczFeeUes7JtthO+XbG+RcAUTnJlfLyP1tUWCT8PTcmHv+9kgXg+SY0S
x-served-by
cache-lga21976-LGA, cache-mia-kmia1760047-MIA
last-modified
Wed, 27 Mar 2024 10:30:34 GMT
server
AmazonS3
etag
"64de10774c3382fe4adddab07ea17f0d"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
2825b63e6933b08d1be25eea4d99ad73625b8faa
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
3129, 100951
runtime.765ff78e9894f774c2b4.js
static.klaviyo.com/onsite/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/runtime.765ff78e9894f774c2b4.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDVQcy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8f8c0775cc2ea1769238d75afb9f2af2108e115eadd7e26bdace4e48de9b19b

Request headers

Referer
https://free.presidentialgreats.com/
Origin
https://free.presidentialgreats.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
08T5eBkGgVEwE7Dlo2aL9lUWz2jOTXjT
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Sun, 14 Jul 2024 16:27:43 GMT
x-amz-request-id
C6TPXJF0XZ0PW9PA
age
146322
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
7694
x-amz-id-2
jA9nmQ6C+ZMPLNY0GP61q6ts3NqdiTzQROPFJG6o4nTvNKPqlQ2Q0oZLtVUUpB0LlbuUC+B7kNE=
x-served-by
cache-lga21947-LGA, cache-mia-kmia1760056-MIA
last-modified
Fri, 12 Jul 2024 18:29:33 GMT
server
AmazonS3
etag
"9a28566b6cf85f3a7f7c50956b1a4c51"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
5951a217769c58abb4323a4ac993e2aaaacfdc16
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
42, 118478
sharedUtils.58c71a5d906c1c27c8e6.js
static.klaviyo.com/onsite/js/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/sharedUtils.58c71a5d906c1c27c8e6.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDVQcy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
43f84fc07ca84521ccdd33195be1d62cbe8b43720aecc3e26d859b15061c3b30

Request headers

Referer
https://free.presidentialgreats.com/
Origin
https://free.presidentialgreats.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
ITWaxvCLmiXAceusM0.5yRJFy.eMUuuz
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Sun, 14 Jul 2024 16:27:43 GMT
x-amz-request-id
FY7ATG7XXCNQ66H2
age
146322
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
17916
x-amz-id-2
dnsW8FA9YHOznUgcBOOipeCChPutGh4+MstMRwg50IZcDj4sMsAEPm03Ts6wH4QAP830M5Y+miU=
x-served-by
cache-lga21941-LGA, cache-mia-kmia1760056-MIA
last-modified
Thu, 27 Jun 2024 09:36:48 GMT
server
AmazonS3
etag
"6cc01be3baf017cfa85878bcac0f9e8f"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
912e2bb7dd18552828727b3c1954397389e047e7
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
155, 107526
vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js
static.klaviyo.com/onsite/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDVQcy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2222a907ad2fb7ba41f4a997ef171321add118fc95f14be074debc3290e1ac59

Request headers

Referer
https://free.presidentialgreats.com/
Origin
https://free.presidentialgreats.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Ez16MoxhPquxXdlhYF9sWgpH9m1QDXhm
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Sun, 14 Jul 2024 16:27:43 GMT
x-amz-request-id
RC12JSQ3R2B07EYD
age
146322
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
4100
x-amz-id-2
p7UZsp5JEN6wbLK2qdMQiZclhFKdFs4cb20pOOn9PVKbj9SooS36vR7ofoo/uX+CX/Nk+9WS8KGYF+3M3QRlD7eNxjq71Z+e
x-served-by
cache-lga21980-LGA, cache-mia-kmia1760056-MIA
last-modified
Mon, 24 Jun 2024 13:00:51 GMT
server
AmazonS3
etag
"9ffe3c33ee0912112ebffc1673dcb79e"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
1ba971f639266cabe55904cbeae0edad9add3ed4
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
8, 82864
vendors~signup_forms.02363fe5acd5fa75cb6b.js
static.klaviyo.com/onsite/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDVQcy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0a9caf662f6ac36c25690c76124101ec7ee0d8937734ddf35ffa89dfb7120ad

Request headers

Referer
https://free.presidentialgreats.com/
Origin
https://free.presidentialgreats.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Mekwof6XjI4q2BHYhTSsMqFmFe4SDBfo
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Sun, 14 Jul 2024 16:27:43 GMT
x-amz-request-id
RC1EAVJFCYCYTEDW
age
146322
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
6996
x-amz-id-2
hXz2idQOMfvufPQKWZX9zk3PUt+OZnC/NjRGF7CqBFcdHgDlBey9v48kAMOPi/ieP96Pmm9RUjHnRiSsZxSO8IqTE5wpOq6A
x-served-by
cache-lga21949-LGA, cache-mia-kmia1760056-MIA
last-modified
Mon, 24 Jun 2024 13:00:51 GMT
server
AmazonS3
etag
"61ccc2011600d4f458768ffe94ddb555"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
1ba971f639266cabe55904cbeae0edad9add3ed4
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
7, 81251
default~signup_forms~onsite-triggering.880bde204b8ee5a4bc37.js
static.klaviyo.com/onsite/js/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/default~signup_forms~onsite-triggering.880bde204b8ee5a4bc37.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDVQcy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
914f159ab6f0a08a1cec049c6ed2b02c6dce9a3c6a5d7103c1028baf5c6ddfcd

Request headers

Referer
https://free.presidentialgreats.com/
Origin
https://free.presidentialgreats.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
TCLdJkL8Iy0EL9kJPG2XU3Ulc0EcHiYO
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Sun, 14 Jul 2024 16:27:43 GMT
x-amz-request-id
CPRP7MF7AHSYEWER
age
146322
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
9251
x-amz-id-2
l0ozQ6LhzI0QJ2qQ8NlubwXKpVFMEIUuoPByJZARCUQQstPH1mf16K7R9fasrlb/iNTN3TvJjF/eidQgRixc35EZNsNmmsKcBHPQS18HQKo=
x-served-by
cache-lga21940-LGA, cache-mia-kmia1760056-MIA
last-modified
Tue, 02 Jul 2024 18:50:16 GMT
server
AmazonS3
etag
"d6b76df89ecf86204b5fe867d284de34"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
c4f147782cde260d619a1c566ff3b2560e3ad660
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
77, 82499
signup_forms.6a972a58c16254a9f1c7.js
static.klaviyo.com/onsite/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/signup_forms.6a972a58c16254a9f1c7.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDVQcy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4f459599d92979623b52c45d6b3775486f92cb00db55621b43799cfd91bf98f

Request headers

Referer
https://free.presidentialgreats.com/
Origin
https://free.presidentialgreats.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
bQ2zCRyZKHh.rDJ1xI_V0BLETa9p9yAu
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Sun, 14 Jul 2024 16:27:43 GMT
x-amz-request-id
XB5KNB0S4CZMK3XP
age
146322
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
5138
x-amz-id-2
Fu134mf2p8y4q4ahgn0Dld8hhdu6CEIgNaRdH8F5QSURuwehsLpLtLCbR5Sgu2uU4nzuUbMdQI4=
x-served-by
cache-lga21931-LGA, cache-mia-kmia1760056-MIA
last-modified
Thu, 27 Jun 2024 16:31:42 GMT
server
AmazonS3
etag
"eed975187f707457bafc3d36797f3ab1"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
dab50ba5f2ff41d14ab217987084867b2749f75b
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
7, 83247
main.js
free.presidentialgreats.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/ Frame 4F9E
Redirect Chain
  • https://free.presidentialgreats.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://free.presidentialgreats.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://free.presidentialgreats.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H3
Server
172.67.184.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a0569dc533cb7cb395a13260ac7c5fdb54102ff50885faf2cc7a6993adfdf04
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:43 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HDqKOnkiWPSVLRJPjyNCt05%2FbXeFxI7YIy3QFvN4MorcK1cq%2BswfV17njNBiCTzljkRwe23%2FgT4jsPvXXN%2BJMmBLePqfkUCyDECzIO%2B1btVGECFYhU1YvrS079ZiYB1Ae0qb0xX0WOjVrdy7sh4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8a32e1ba5ceb9abf-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 14 Jul 2024 16:27:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Zsnax9RvJPAq63YVO5789w7hvaoOmjnljca8mF4N%2BG4mncGaw54ELJtcYDWoi2%2FCwNAu6Dntzt7U4KqlCS81WbYjbBwiK%2B6u5o%2BHuL4rG6WUtk%2BZ0ybQmglWZm1%2BhE8YqDl%2Fbv7ktKuOprBpTY%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?
access-control-allow-origin
*
cache-control
max-age: 300, public
cf-ray
8a32e1b9cc589abf-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1003840432/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1003840432/?random=1720974463030&cv=11&fst=1720974463030&bg=ffffff&guid=ON&async=1&gtm=45be4790v873130318za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffree.presidentialgreats.com%2Ftabflagnbar%2F%3F_ef_transaction_id%3D955cff4d24024de09e6009cf032d2a6e%26affiliate_id%3D10%26sub1%3D9347%26sub2%3D570526889%26sub3%3Dhell09%26click_id%3D955cff4d24024de09e6009cf032d2a6e&ref=https%3A%2F%2Fpsee.io%2F&hn=www.googleadservices.com&frm=0&tiba=Free%20Take%20Back%20America%20Flag&npa=0&pscdl=noapi&auid=1728843360.1720974463&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1003840432
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f157.1e100.net
Software
cafe /
Resource Hash
c27af6a0e3e08ebf63daafc5e12790cdfcdf5e0684b9c46f8a3cb391204aba44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jul 2024 16:27:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1444
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-93JDM8GEBP&gtm=45be4790v873130318za200&_p=1720974462745&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=267299643.1720974463&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720974463&sct=1&seg=0&dl=https%3A%2F%2Ffree.presidentialgreats.com%2Ftabflagnbar%2F%3F_ef_transaction_id%3D955cff4d24024de09e6009cf032d2a6e%26affiliate_id%3D10%26sub1%3D9347%26sub2%3D570526889%26sub3%3Dhell09%26click_id%3D955cff4d24024de09e6009cf032d2a6e&dr=https%3A%2F%2Fpsee.io%2F&dt=Free%20Take%20Back%20America%20Flag&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1923&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1003840432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jul 2024 16:27:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://free.presidentialgreats.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-93JDM8GEBP&cid=267299643.1720974463&gtm=45be4790v873130318za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1003840432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jul 2024 16:27:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://free.presidentialgreats.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
set-ga-client-id
free.presidentialgreats.com/tabflagnbar/ajax.php/ 		17 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://free.presidentialgreats.com/tabflagnbar/ajax.php/set-ga-client-id
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/assets/dist/codebase.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa77f8eb1f30058b94e618e616c6777ac66c411e5dc0659b663a3825a741bd24

Request headers

Accept
*/*
Referer
https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=47S%2BD0RmXhSBwDnbezsE%2BmSfQgjwdq2Mz0uKFZ%2BSpuvo6KdLIOJcsWAjeMh3dN4HIy%2BvvpkQnBLRoKugUWX6dWbd52n%2BlMmy54yMwKyiVlXD8hewg5kfG6NMANYkemHwZlOUYhH597wJjZyEF6E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache
cf-ray
8a32e1ba5cf19abf-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-LV9NEE34GX&gtm=45je4790v9115395116za200&_p=1720974462745&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=267299643.1720974463&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1720974463&sct=1&seg=0&dl=https%3A%2F%2Ffree.presidentialgreats.com%2Ftabflagnbar%2F%3F_ef_transaction_id%3D955cff4d24024de09e6009cf032d2a6e%26affiliate_id%3D10%26sub1%3D9347%26sub2%3D570526889%26sub3%3Dhell09%26click_id%3D955cff4d24024de09e6009cf032d2a6e&dr=https%3A%2F%2Fpsee.io%2F&dt=Free%20Take%20Back%20America%20Flag&en=page_view&_fv=1&_ss=1&tfd=1983&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LV9NEE34GX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jul 2024 16:27:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://free.presidentialgreats.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
46 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LV9NEE34GX&cid=267299643.1720974463&gtm=45je4790v9115395116za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LV9NEE34GX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jul 2024 16:27:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://free.presidentialgreats.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
onsite
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 		38 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=SDVQcy
Requested by
Host: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.f692ee00c71150d7db91.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e769f1228524350dccb247e0853f0a74548b621ae5dc95c4535be926e0b3ab48
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
Strict-Transport-Security max-age=900

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
via
1.1 varnish, 1.1 varnish
date
Sun, 14 Jul 2024 16:27:43 GMT
strict-transport-security
max-age=900
age
2785315
x-cache
HIT, HIT
content-length
38
x-served-by
cache-bos4642-BOS, cache-mia-kmia1760025-MIA
server
nginx
allow
GET, HEAD, OPTIONS
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-language
en-us
cache-control
max-age=10
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
vary
Accept-Language, Cookie
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
2792, 4
full-forms
static-forms.klaviyo.com/forms/api/v7/SDVQcy/ 		85 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static-forms.klaviyo.com/forms/api/v7/SDVQcy/full-forms
Requested by
Host: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.f692ee00c71150d7db91.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d2f07f1a4311082ddd837e7c201cd87cdf141a38075ab3a668b4dd205971a53

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
9ra6lGhXyKBDlN0l4Z7bdSMzgD5Sf.UV
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 Jul 2024 16:27:43 GMT
x-amz-request-id
Y2NGZ1NY6QQPGGZV
age
1052582
x-amz-server-side-encryption
AES256
x-cache
HIT
client-geo-continent
NA
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
full-forms/shared full-forms/SDVQcy custom-fonts/SDVQcy
content-length
6382
x-amz-id-2
Z5NgP8wV1HZlZIwAXPSdfWpsp0yqrNp6m7YStNWEbUi0tWk3MLYj4aK1b/N5jMefY2dXDiMclwQ=
x-served-by
cache-mia-kmia1760037-MIA
client-geo-country
US
last-modified
Tue, 07 May 2024 15:29:00 GMT
server
AmazonS3
x-timer
S1720974463.260309,VS0,VE0
etag
"9381bf78973046fdfeadd773d232adec"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
client-geo-continent, client-geo-country
cache-control
max-age=5
accept-ranges
bytes
x-cache-hits
24
collect
www.google-analytics.com/j/ 		1 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=127842812&t=pageview&_s=1&dl=https%3A%2F%2Ffree.presidentialgreats.com%2Ftabflagnbar%2F%3F_ef_transaction_id%3D955cff4d24024de09e6009cf032d2a6e%26affiliate_id%3D10%26sub1%3D9347%26sub2%3D570526889%26sub3%3Dhell09%26click_id%3D955cff4d24024de09e6009cf032d2a6e&dr=https%3A%2F%2Fpsee.io%2F&ul=en-us&de=UTF-8&dt=Free%20Take%20Back%20America%20Flag&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1216377093&gjid=211349127&cid=267299643.1720974463&tid=UA-57087514-15&_gid=1131159452.1720974463&_r=1&gtm=457e4790za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&jsscut=1&z=1820345828
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Jul 2024 16:27:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://free.presidentialgreats.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
8a32e1b6b8c09abf
free.presidentialgreats.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 4F9E 		0
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://free.presidentialgreats.com/cdn-cgi/challenge-platform/h/g/jsd/r/8a32e1b6b8c09abf
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Jul 2024 16:27:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BkyxqDXE%2Fi3YmDay5oEELN4Km5XZGtbLXPTd%2B8ymPnyqb61n2afjkhxsJOG5J0gkX9jITCMJiL3%2BTrKJnimnfWAlzcUXxaEu1j49epuP17ri5wPigg24m0lCuJI1XrQQNexChyx9O4bSUqyofM0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8a32e1bb7e289abf-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/1003840432/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1003840432/?random=1720974463030&cv=11&fst=1720972800000&bg=ffffff&guid=ON&async=1&gtm=45be4790v873130318za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffree.presidentialgreats.com%2Ftabflagnbar%2F%3F_ef_transaction_id%3D955cff4d24024de09e6009cf032d2a6e%26affiliate_id%3D10%26sub1%3D9347%26sub2%3D570526889%26sub3%3Dhell09%26click_id%3D955cff4d24024de09e6009cf032d2a6e&ref=https%3A%2F%2Fpsee.io%2F&hn=www.googleadservices.com&frm=0&tiba=Free%20Take%20Back%20America%20Flag&npa=0&pscdl=noapi&auid=1728843360.1720974463&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLrmMprLSBhFYw-GeGyluCLKNKbBAUmg&random=1162243159&rmt_tld=0&ipr=y
Requested by
Host: free.presidentialgreats.com
URL: https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://free.presidentialgreats.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jul 2024 16:27:43 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.png
free.presidentialgreats.com/tabflagnbar/app/desktop/images1/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://free.presidentialgreats.com/tabflagnbar/app/desktop/images1/favicon.png?v=1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c63cee8a1fbf4c825f6d93cd34129c519cb25ff7858d08e5bffb44b4e9467e2

Request headers

Referer
https://free.presidentialgreats.com/tabflagnbar/?_ef_transaction_id=955cff4d24024de09e6009cf032d2a6e&affiliate_id=10&sub1=9347&sub2=570526889&sub3=hell09&click_id=955cff4d24024de09e6009cf032d2a6e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 16:27:43 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Jul 2024 09:12:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
801
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Vk3B%2B%2F10v2OYkSqydBlOSlQyRKY09%2FHSTw1QtvyxHmSKvxj0TZY13nln%2FHJMZ9scaqoX4Qfzm9SyTBau10evq%2Fhp6fHqK9jntSOvwg6WAgy%2FCjq1%2BycPwY%2FFCDLzf3GBc5BJ5EsOKtKquwAJdw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a32e1bccfb29abf-MIA
alt-svc
h3=":443"; ma=86400
content-length
1185

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tn9omrelc.com
URL
https://tn9omrelc.com/?E=TDtmebpwwNUhdFrhCgbYeYYeZ9uj%2bKn%2b&s1=hell09
Domain
tn9omrelc.com
URL
https://tn9omrelc.com/?E=TDtmebpwwNUhdFrhCgbYeYYeZ9uj%2bKn%2b&s1=hell09

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer string| AJAX_PATH object| app_config object| app_lang object| cbUtilConfig object| google_tag_manager object| google_tag_data object| validator object| cb object| FwUtils number| cSpeed number| cWidth number| cHeight number| cTotalFrames number| cFrameWidth string| cImageSrc function| startAnimation function| continueAnimation function| stopAnimation function| imageLoader function| openNewWindow function| openWindow function| queryString function| asyncProspect object| AppHelpers object| appLocation function| xverifyCustomHtml function| getClientId function| setClientId function| addCsrfTokenToForm function| ouibounce function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| _learnq string| __klKey function| onYouTubeIframeAPIReady object| GooglebQhCsO object| gaGlobal object| webpackChunk_klaviyo_onsite_modules object| _klOnsite object| klaviyo object| gaplugins object| gaData

19 Cookies

Domain/Path Name / Value
free.presidentialgreats.com/tabflagnbar/ Name: PHPSESSID
Value: 83d12d62da0d1e2b1f9792b29c164e1a
.psee.io/66wxza Name: /66wxza
Value: 1
psee.io/ Name: browser_uuid
Value: BECEA4C8-91CB-CF59-3116-DB2371610EAB
psee.io/ Name: v_0
Value: 0
psee.io/ Name: lang
Value: en-us
.tekramnotsob.com/ Name: sq
Value: Yi7MUUOohshrEKfoF/SKP3+fotKuUeQDlGxm+S4VMm+w3836tqDmmg==
.tekramnotsob.com/ Name: tm
Value: 8Ova4MjBNmGINY2Ch3gWAH+fotKuUeQDlGxm+S4VMm+w3836tqDmmg==
.tekramnotsob.com/ Name: c8384
Value: Yi7MUUOohsiubgfxRAGz+lWo5rlkNYcm7HEIGGsVyonxRuI69Wqnbg==
www.poptrkr.com/ Name: uniqueClick_9B9DM1
Value: ede013f5-d392-4491-a9cd-e596faa333ac:1720974462
www.poptrkr.com/ Name: transaction_id
Value: 955cff4d24024de09e6009cf032d2a6e
.presidentialgreats.com/ Name: _gcl_au
Value: 1.1.1728843360.1720974463
.presidentialgreats.com/ Name: _ga_93JDM8GEBP
Value: GS1.1.1720974463.1.0.1720974463.60.0.0
.presidentialgreats.com/ Name: _ga_LV9NEE34GX
Value: GS1.1.1720974463.1.0.1720974463.60.0.0
free.presidentialgreats.com/ Name: __kla_id
Value: eyJjaWQiOiJaVGxsWW1aaU1qQXRPVE0wWkMwME1ERTRMV0ZpWldJdFpUWmpNV0ppWVdRMk1qTm0iLCIkcmVmZXJyZXIiOnsidHMiOjE3MjA5NzQ0NjMsInZhbHVlIjoiaHR0cHM6Ly9wc2VlLmlvLyIsImZpcnN0X3BhZ2UiOiJodHRwczovL2ZyZWUucHJlc2lkZW50aWFsZ3JlYXRzLmNvbS90YWJmbGFnbmJhci8/X2VmX3RyYW5zYWN0aW9uX2lkPTk1NWNmZjRkMjQwMjRkZTA5ZTYwMDljZjAzMmQyYTZlJmFmZmlsaWF0ZV9pZD0xMCZzdWIxPTkzNDcmc3ViMj01NzA1MjY4ODkmc3ViMz1oZWxsMDkmY2xpY2tfaWQ9OTU1Y2ZmNGQyNDAyNGRlMDllNjAwOWNmMDMyZDJhNmUifSwiJGxhc3RfcmVmZXJyZXIiOnsidHMiOjE3MjA5NzQ0NjMsInZhbHVlIjoiaHR0cHM6Ly9wc2VlLmlvLyIsImZpcnN0X3BhZ2UiOiJodHRwczovL2ZyZWUucHJlc2lkZW50aWFsZ3JlYXRzLmNvbS90YWJmbGFnbmJhci8/X2VmX3RyYW5zYWN0aW9uX2lkPTk1NWNmZjRkMjQwMjRkZTA5ZTYwMDljZjAzMmQyYTZlJmFmZmlsaWF0ZV9pZD0xMCZzdWIxPTkzNDcmc3ViMj01NzA1MjY4ODkmc3ViMz1oZWxsMDkmY2xpY2tfaWQ9OTU1Y2ZmNGQyNDAyNGRlMDllNjAwOWNmMDMyZDJhNmUifX0=
.presidentialgreats.com/ Name: _ga
Value: GA1.2.267299643.1720974463
.presidentialgreats.com/ Name: _gid
Value: GA1.2.1131159452.1720974463
.presidentialgreats.com/ Name: _gat_gtag_UA_57087514_15
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.presidentialgreats.com/ Name: cf_clearance
Value: GGXd0Yc9bVuLuoqG6xNgs4olXhSrCeCeYRbku5c6e.U-1720974463-1.0.1.1-oEnovKPoIqKLp5mUmN9Qo8ohs1SvZtZRvJq0ZOLPV.kuph2A7VSOEKBZd8bF6Ioqrz9ePu3h7WN.0MaKuYfWcA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdnjs.cloudflare.com
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
free.presidentialgreats.com
googleads.g.doubleclick.net
psee.io
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.klaviyo.com
stats.g.doubleclick.net
tekramnotsob.com
tn9omrelc.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.poptrkr.com
tn9omrelc.com
104.17.25.14
151.101.130.133
151.101.2.133
172.253.122.99
172.67.184.25
173.194.66.157
2001:4860:4802:32::178
2607:f8b0:4004:c06::61
2607:f8b0:4004:c08::8a
2607:f8b0:4004:c21::9a
2607:f8b0:400d:c04::5f
2607:f8b0:400d:c0f::5e
2a03:2880:f103:181:face:b00c:0:25de
3.144.17.14
3.232.101.2
34.215.35.91
35.241.19.31
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56
19e1a59ff1e52ad93f69b086e98b34a660ac4c861bbf2e86bd0d259f38bbd4cd
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1c63cee8a1fbf4c825f6d93cd34129c519cb25ff7858d08e5bffb44b4e9467e2
2222a907ad2fb7ba41f4a997ef171321add118fc95f14be074debc3290e1ac59
2f1775b3dd2bbf835db48afa0b39cc1cbb9999636feb62ef239879f76b821b69
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
43f84fc07ca84521ccdd33195be1d62cbe8b43720aecc3e26d859b15061c3b30
5404b7f4cd2f217ae85bfb3ef1aaeec14e50a74deee9a3fb32308df6088731b0
5ceaaba22d75b58e04150311f596306562a3e595e27ed4b1dfa451b82dda9e50
68eb6b1faf693f746bf9cd2eea47b1aaf54d24d519c5caf514e7a95d8a5a2ca2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d2f07f1a4311082ddd837e7c201cd87cdf141a38075ab3a668b4dd205971a53
70372697c8ee6aa3f8004fc18513f64e47b8e400ccc59505e69994aa05caebd5
778c5ab6f64f51706c043768a2f27892ece72742641de0c3843b1a2b8b3a0669
84c3f4c8c57d1c1251b9cb59dd977a9d82492f2561e0fd258292b5ad9bb3c19e
8a0569dc533cb7cb395a13260ac7c5fdb54102ff50885faf2cc7a6993adfdf04
8a751fa8edb64ed014b2215bc910491a6136b74fc7f62ab8edb458e59380dd7d
8ae452fcb2656f2104bd80d59c03aecbd6aee1683bf6451d8c2bbcbf793f1599
914f159ab6f0a08a1cec049c6ed2b02c6dce9a3c6a5d7103c1028baf5c6ddfcd
970c8bc364e90402e313db319339abc7e5f0547da30d10e02b323a892f024688
99dc0e84664265a094780938c79c424ca44a0465eb9eeaa1aad671b060be5860
a035f47965856f7bef4da0bef6ffdf2386bae05e2de2edfb94c77f0f482da583
a4b1c2c48463d5e84952802e49876d9b80154655b7c5d9aedda679f0e549b27b
ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f
b4f459599d92979623b52c45d6b3775486f92cb00db55621b43799cfd91bf98f
c0682aae7fa0402a8cd80cff9b5ab6055a4cebc032e659f97cee9b7aa5f8a014
c0a9caf662f6ac36c25690c76124101ec7ee0d8937734ddf35ffa89dfb7120ad
c27af6a0e3e08ebf63daafc5e12790cdfcdf5e0684b9c46f8a3cb391204aba44
c27da6f833431da5aa295c44540bfac0fd8270ba6a3c4346427006d8a7b34b76
c466698030afbffec5a24969ad4af119799efa4a698a991ac7fde5f2330e8025
c5e1314d4fa15ffc61a3d294b56dc5e3f33e96f4d09e73d3ccc6ac7464d3657a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a7e20a3a42f94c81aa73f1adcd03dcc41a76f7270f7d53f384fd9f0fd44c5f
e769f1228524350dccb247e0853f0a74548b621ae5dc95c4535be926e0b3ab48
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a4a56cec8e8530dcdbfa2997a07d62a59a1f63c0c6f838f9963c0faaa2876e
f8f8c0775cc2ea1769238d75afb9f2af2108e115eadd7e26bdace4e48de9b19b
fa77f8eb1f30058b94e618e616c6777ac66c411e5dc0659b663a3825a741bd24
fa9a748543531c9c2b327bd2840fdada5ae0359d765f1f4198859155f74b0d54