urlscan.io logo urlscan.io
SecurityTrails logo

offer.trumplighters.com Open in urlscan Pro
2606:4700:3033::ac43:83fd  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.shanghaidefeat.net/2003083145/orders/9xmb571z8809001i0a0b6u55h4j/authenticate&ref_=1wq&ref=9ad/&u=522bk/&eid=xeyfkc...
Effective URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&...
Submission: On July 25 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3033::ac43:83fd, located in United States and belongs to CLOUDFLARENET, US. The main domain is offer.trumplighters.com.
TLS certificate: Issued by GTS CA 1P5 on June 3rd 2024. Valid for: 3 months.
This is the only time offer.trumplighters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.3.130.2 36352 (AS-COLOCR...)
1 1 52.32.57.248 16509 (AMAZON-02)
1 1 34.213.228.20 16509 (AMAZON-02)
1 2 35.190.39.198 15169 (GOOGLE)
1 1 72.167.211.14 398101 (GO-DADDY-...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
22 172.67.131.253 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.106.126 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 18.164.96.46 16509 (AMAZON-02)
1 34.252.158.105 16509 (AMAZON-02)
33 8
1    192.3.130.2 (Elk Grove Village, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: nln.slideolive.me
www.shanghaidefeat.net
1    52.32.57.248 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-57-248.us-west-2.compute.amazonaws.com
clktrack11.com
1    34.213.228.20 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-228-20.us-west-2.compute.amazonaws.com
clktrack7.com
2    35.190.39.198 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 198.39.190.35.bc.googleusercontent.com
www.y6hjvtrk.com
1    72.167.211.14 (Ashburn, United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 14.211.167.72.host.secureserver.net
www.toastyheat.com
4    2606:4700:3033::ac43:83fd (United States)

ASN13335 (CLOUDFLARENET, US)
offer.trumplighters.com
22    172.67.131.253 (United States)

ASN13335 (CLOUDFLARENET, US)
offer.trumplighters.com
2    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    108.138.106.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-126.jfk50.r.cloudfront.net
static.hotjar.com
1    2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.164.96.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-46.jfk50.r.cloudfront.net
script.hotjar.com
1    34.252.158.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-158-105.eu-west-1.compute.amazonaws.com
content.hotjar.io
Apex Domain
Subdomains		 Transfer
26 trumplighters.com
offer.trumplighters.com
1 MB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
172 KB
2 y6hjvtrk.com
www.y6hjvtrk.com
10 KB
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 8904
171 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
1 toastyheat.com
www.toastyheat.com
291 B
1 clktrack7.com
clktrack7.com
795 B
1 clktrack11.com
clktrack11.com
280 B
1 shanghaidefeat.net
www.shanghaidefeat.net
232 B
33 10
Domain Requested by
26 offer.trumplighters.com offer.trumplighters.com
2 www.googletagmanager.com offer.trumplighters.com
www.googletagmanager.com
2 www.y6hjvtrk.com 1 redirects www.googletagmanager.com
1 content.hotjar.io script.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.google-analytics.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 www.toastyheat.com 1 redirects
1 clktrack7.com 1 redirects
1 clktrack11.com 1 redirects
1 www.shanghaidefeat.net 1 redirects
33 11

This site contains links to these domains. Also see Links.

Domain
electriclighters.com
Subject Issuer Validity Valid
trumplighters.com
GTS CA 1P5		 2024-06-03 -
2024-09-01		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
y6hjvtrk.com
Starfield Secure Certificate Authority - G2		 2024-04-26 -
2025-05-28		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-01-31 -
2025-03-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Frame ID: 096092DB988236860B7589099F7F639B
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Trump Lighter

Page URL History Show full URLs

  1. https://www.shanghaidefeat.net/2003083145/orders/9xmb571z8809001i0a0b6u55h4j/authenticate&ref_=1wq&ref=9ad/... HTTP 302
    https://clktrack11.com/?a=583&oc=3445&c=14681&s1=9ad&s2=522bk HTTP 302
    https://clktrack7.com/?a=583&oc=3445&c=14681&s1=9ad&s2=522bk&ckmguid=430c816d-8573-4e70-af72-58846... HTTP 302
    https://www.y6hjvtrk.com/262DXM/363TCP/?sub1=583&sub2=87433371 HTTP 302
    https://www.toastyheat.com/trump.php?sub1=583&clickid=6eb778eee5f8460495d70a9fd8d5b9d3&aff=26&utm_sourc... HTTP 302
    https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f84... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

25 %
IPv6

10
Domains

11
Subdomains

8
IPs

2
Countries

1532 kB
Transfer

2651 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.shanghaidefeat.net/2003083145/orders/9xmb571z8809001i0a0b6u55h4j/authenticate&ref_=1wq&ref=9ad/&u=522bk/&eid=xeyfkc/6b538b6b34e5e68c21cf9bedf6t742b1 HTTP 302
    https://clktrack11.com/?a=583&oc=3445&c=14681&s1=9ad&s2=522bk HTTP 302
    https://clktrack7.com/?a=583&oc=3445&c=14681&s1=9ad&s2=522bk&ckmguid=430c816d-8573-4e70-af72-58846cb2d2e4 HTTP 302
    https://www.y6hjvtrk.com/262DXM/363TCP/?sub1=583&sub2=87433371 HTTP 302
    https://www.toastyheat.com/trump.php?sub1=583&clickid=6eb778eee5f8460495d70a9fd8d5b9d3&aff=26&utm_source=26-583&utm_content=44&evclid=6eb778eee5f8460495d70a9fd8d5b9d3 HTTP 302
    https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pre5
offer.trumplighters.com/trump/en/us/
Redirect Chain
  • https://www.shanghaidefeat.net/2003083145/orders/9xmb571z8809001i0a0b6u55h4j/authenticate&ref_=1wq&ref=9ad/&u=522bk/&eid=xeyfkc/6b538b6b34e5e68c21cf9bedf6t742b1
  • https://clktrack11.com/?a=583&oc=3445&c=14681&s1=9ad&s2=522bk
  • https://clktrack7.com/?a=583&oc=3445&c=14681&s1=9ad&s2=522bk&ckmguid=430c816d-8573-4e70-af72-58846cb2d2e4
  • https://www.y6hjvtrk.com/262DXM/363TCP/?sub1=583&sub2=87433371
  • https://www.toastyheat.com/trump.php?sub1=583&clickid=6eb778eee5f8460495d70a9fd8d5b9d3&aff=26&utm_source=26-583&utm_content=44&evclid=6eb778eee5f8460495d70a9fd8d5b9d3
  • https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:83fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ccfc8b51ef1e4d6aa162d924594955c045f47c07eda17bdabde5e449586845

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
20867
alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
cf-cache-status
DYNAMIC
cf-ray
8a89fdb4ff9f2b5f-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 25 Jul 2024 06:11:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iLmEusKgB1omGADNzoOLeDXdkNB%2Fq2cgk3%2Fy1s6iwG2Al4GAdyvtuoFteWrXT7Dw9PlIH0lDGE3BS7VFX1J1k20zshGiVyWPj7vzmwH3S0X3ALW0cTMjBM%2FJzdl%2FgbAlIrHTfFLC5sKv39tJm47LLBIIby8QVA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-nf-request-id
01J3M87K9SVRABSTVCTK1PJKV3

Redirect headers

content-encoding
br
content-length
5
content-type
text/html; charset=UTF-8
date
Thu, 25 Jul 2024 06:11:09 GMT
location
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
style-pre1.css
offer.trumplighters.com/trump/en/us/css/pre/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:83fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb578811acec354d0efcf56fdd812405b5ef15dbc45f6b306294947bd67e2a1c

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J3KCEE2PBZCTZK5ZSSPX480W
date
Thu, 25 Jul 2024 06:11:10 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"bbf133a6063c9f3cf502b482dd13ca2f-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FL%2F4Xiug3RZvkWfWvJnDxZLUBtw1kgNGJGMORMIABR7Cwl6evU7arIYZ5zyr7fxIjLycfgAi7dl0N%2BZyDboqovECfDZAG97pYoRbG9NdpbPIL9MLMyLkixg9NBmQ%2FDI1bbgTOckgFEVbmZ16WMgbRdjuTChc7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
8a89fdb5c85c2b5f-LAX
alt-svc
h3=":443"; ma=86400
logo.png
offer.trumplighters.com/trump/en/us/img/pre/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer.trumplighters.com/trump/en/us/img/pre/logo.png
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:83fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce6db5e52a303b321fa5f07a6ff4b8d3c030a815234150b8622bd820bbdc39b

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01HYXQYAXRN6S0ESJA9P06E691
date
Thu, 25 Jul 2024 06:11:10 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"054d5555812a45e504f9ab9871185dd6-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aPYuv3HwIninD20ylzXIY4Ze6TS9FT4m7ffyRQZ1%2FQxd0shBJ1XrckqNDjJRL7S3hA8LPSHzgFD8zsd%2BQ96lrPF0NvuzAHR6rAyGJ5pkPiTM%2FIEreQ68yP%2FaGUwunRGxsbkXMKFqB6GCuC1Mh%2F0vRjcKjrEW0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdb5c85f2b5f-LAX
alt-svc
h3=":443"; ma=86400
content-length
4396
author-img.png
offer.trumplighters.com/trump/en/us/img/pre/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer.trumplighters.com/trump/en/us/img/pre/author-img.png
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6318f5d803ae122c3f43a480a870cc8fa6dc0b18198506b95dfb4a3b2b2351d3

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J2HGW82NCVJX50C3J9XN4952
date
Thu, 25 Jul 2024 06:11:10 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"08b8c15d6aad33ad50fd2132a8f4f7e6-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=92LqJbLBnw54xhTFc%2BX1xviebzK5Zx%2FHq%2Bw2X308fo0W3SUQqGGTwvgjXrtJQraggMV5MTiwYbGS8paqX5DvWBejaQluU7RsTg%2FJfD%2FcVGnzyqvnHNrkKyrTJo71ad%2BPU%2FMbF4StraGirQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdb698762b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
6336
Rectangle%2036.jpg
offer.trumplighters.com/trump/en/us/img/pre/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer.trumplighters.com/trump/en/us/img/pre/Rectangle%2036.jpg
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:83fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa12c82c086b1e0aab0944417ac77add7f2cefa828940637f686cd29ff7a899c

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01HYXQYAXRB3DKNCX9KA0W84S5
date
Thu, 25 Jul 2024 06:11:10 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"e7084b406f4b6eb938ec98cd81252902-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B34AW%2Fhnj3R1nkpjyGmfaQQaeEZLGqy2HJbOyEUb4dTGbKETlPiJwIP09CfzKiGb8%2FcOav%2FSmJ0Uu4o6SWBYiIBNCGvTZQV3wgA%2F53DK%2BmZGJeExP5w4NMbPQadMewjjTwlDxvS%2FrxOajzDDRkjhLd0shZDtVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdb5c8602b5f-LAX
alt-svc
h3=":443"; ma=86400
content-length
38941
Rectangle%2054.jpg
offer.trumplighters.com/trump/en/us/img/pre/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer.trumplighters.com/trump/en/us/img/pre/Rectangle%2054.jpg
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f364f10c2ee55cda4e6279af70d8059f7571277c8971649c4a56b2320d508f3

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J06TVFPAE430TZCM8XVA36NH
date
Thu, 25 Jul 2024 06:11:10 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"5de9f5f2a1aafb3caee378ffa4481230-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5t4VZOlMUdN6epYmHcQAn%2BmH7SbhtW%2BY%2FecluNIiSlBHCyG%2B2Qp%2Fn7frXeeHaof8DJXcc70T7i4dZqFltLQYs%2B%2F6l7%2BkEAsxLFb%2F68l3E29mlan8lNKbTcbRv7mOYdmP6MwwGsv6LKeFbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdb6884f2b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
93091
Group%20248.png
offer.trumplighters.com/trump/en/us/img/pre/ 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer.trumplighters.com/trump/en/us/img/pre/Group%20248.png
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4d781b20d03091203589da1c2e8871f79f04f858ce95311c3977645cbd34731

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J2KKK4ZW70TV92BHCMH8QJG2
date
Thu, 25 Jul 2024 06:11:10 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"e8fdde36a6f691529f15f932b83c8f80-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbgDjFq%2FiqS2zqem2N7DiK4EQT%2BwlJ%2BF6J4O1H26rey0Negeo9txRMSR7q6jh8FDfOmbgAHFwQ%2BVJ0Uk6PjHS0%2B0SZQzCng%2BYKXon7M%2F1qxRq6rIJavp9%2BH%2B8n0EcQMLVY45VAEPG40YQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdb688552b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
156135
right-img3.jpg
offer.trumplighters.com/trump/en/us/img/pre/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer.trumplighters.com/trump/en/us/img/pre/right-img3.jpg
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a8318a4b95a737f39f6bbdacf9b47140b6acc336054bf3a9731f34e96f583f

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J2FHPPYNE357QPM801W5ZYKB
date
Thu, 25 Jul 2024 06:11:10 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"96fa553d925497aa8e08921d0df640aa-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yk%2Fq2POO0Jzr%2BfoTwFMZva2huyoW4TbQBkMaP6b2Rs04MINqTjJMpnFLiN0rCo1yiGUvY%2B1FcgdiB64volMz0uqwCFIzSGWT9jb8%2FgcuMVqvBYfWo0QAIvIoj7Qk22cD6tXAD2vg6hW%2FAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdb698652b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
132512
cut-icn.png
offer.trumplighters.com/trump/en/us/img/pre/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer.trumplighters.com/trump/en/us/img/pre/cut-icn.png
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76f1f6526cb7d13d927dd098ab11b373d670c5bfe824d3afcb2b9c132ec25583

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J2KKK5CV6R16GQFB3Z6HE6SD
date
Thu, 25 Jul 2024 06:11:10 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"282e413e5bdedaebbfae92bad8bfa6c0-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Wod9jlVA7JnZUqrhA7WOB4ihsrrX91Grah7ghbrpK0RbxYy%2FGAre99hzkntnZDBju1bfA5uH1UlNDbEoME076e0cyHux3S%2B0%2BUhx9l3xBAXz9v0ObAu9QLEg7%2BStYVrZTam1FwJdEVm1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdb698772b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
3554
yello-bdr-tick.png
offer.trumplighters.com/trump/en/us/img/pre/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer.trumplighters.com/trump/en/us/img/pre/yello-bdr-tick.png
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfb127f31cb64bbf68d03d747caa6e5c94c139f37c0b4c538f706ba7e0626e93

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J15K07ZZ06XJVPSC968YNGZZ
date
Thu, 25 Jul 2024 06:11:10 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"0568b01bf1fe436e420bc79c63aa8945-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TduY0lFFMKhwD7TrSc%2FSRtuL7EODfHFYDzmU1aDuh8Ayj0z9W06e%2Ff6D%2B8OD5agTumngePgi64L4MDhI7unNjFMO%2FaGoBWPla5yoatJha0l%2Fb9AeKYZKw5GhwBMl9DduZ9l0F2dPenjTcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdb698782b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
2385
Group%20253.png
offer.trumplighters.com/trump/en/us/img/pre/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer.trumplighters.com/trump/en/us/img/pre/Group%20253.png
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae01720dd802bf5224efe3f6f44380d324dc049fdacb2754eb403c34e492273

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01HYXQYAYCXP1PY17AF2W7N007
date
Thu, 25 Jul 2024 06:11:10 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"94b4625f8e8c9ade198718040dab5323-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AAf0JFBHYqR0%2BL2%2FMoWh%2BVnNYysykPRI7pmIxHlJLjov6KOnMdPKqFrKrjZWTgS%2BISvKBnJOLAR5TmY3424qTCV4Lbn%2BfXvgkZKv8KkePW1cswZqq6N2HAYBgnQ%2BdqscVQr%2B9pPLZCd9CA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdb698792b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
18824
s7-card-1.png
offer.trumplighters.com/trump/en/us/img/pre/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer.trumplighters.com/trump/en/us/img/pre/s7-card-1.png
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a538fdf41aff5cb1c6c89d3ce52bac81d0b42e4116feea7b14d21036fa2195c5

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J0SA4164X7MF8EQ8GDZAE095
date
Thu, 25 Jul 2024 06:11:10 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"0a404773d180ae31cac82162850687b0-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9lIxNUuX05xmSsEor9ShcJBjf55N96m7%2BQyg29%2FOnnIcxd7AnFJlwXn72xyHN5vKIjJ1aLgMgGVh2waAtlpQCAoLvu2jHp5970%2BtPslx8%2F9y%2FXBWoVH4fEiHl%2BXR470lw77FZk57gNoWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdb6987b2b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
23281
Group%20250.png
offer.trumplighters.com/trump/en/us/img/pre/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer.trumplighters.com/trump/en/us/img/pre/Group%20250.png
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b691dd6aecaa3ece62e9afd6bdb265a918dfc12cb9e8ad2b24a1e0726ee650d

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01HYYJ732R1VX1MYA6ZE8YH5TY
date
Thu, 25 Jul 2024 06:11:10 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"09eb1c4c4512a0935279a67060503211-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uz1A4gR%2FES1yTSHXPLHNNBZeLL0pBzI2BwMo2JJAivZvZU78QWUDCDBkwoNCuW7SJ0DdqpOLO%2FYP3C6XBRg%2B2FjADCjKik1Eipz0RRel8qATPJTQo4g3ZBRL3i73WCgHSeaamsJvyLKabg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdb6987c2b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
13270
btn-arw.png
offer.trumplighters.com/trump/en/us/img/pre/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer.trumplighters.com/trump/en/us/img/pre/btn-arw.png
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af43b4c9ff0572b4fed1935a9bde8986d0adb73484dca46a5489e337b866e30d

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J15K07ZZ06MTSARX400026MT
date
Thu, 25 Jul 2024 06:11:10 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"cea4c51cd237871514e8eadf94a9d2b1-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A691p6QT4MfjX9eZrgGeHPBwrM6J2tcG1vhbu9wYM6megRmXUiPYdfJ39qMPMmsPXir5ok2eG4zreqLqs4XeRCdqJw9lZc5jgGGQMUY6vBExa0su%2FJ3lCHvKZrjol9kCSwDQHsWM8IDZ1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdb6987d2b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
1063
LogoF.png
offer.trumplighters.com/trump/en/us/img/pre/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer.trumplighters.com/trump/en/us/img/pre/LogoF.png
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf6ba2b04ebea1f8b07edb4267779c5170b0cfaba01075372d7ee2522ece9ee

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J2M5J66FTSD8VZAA248KYC7C
date
Thu, 25 Jul 2024 06:11:10 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"4a16ee19f89a7e5cdc960ba340960397-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YPXweptGtiRqzpEOHXynyX7zctupfKAM4DyVESsU%2BMlVhiyF5KRwYORH1pBv0LSSb2QMemAyyC99crxOVbahuG%2B4Wc46byAyF3LBtt6tMy92hQ2q%2FhlQEcFWfjcaDc78tWLLD9H96W1VbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdb6987f2b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
6126
email-decode.min.js
offer.trumplighters.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offer.trumplighters.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 06:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2024 17:12:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6696a9e8-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zu%2BxCDyhnR%2FpkYJAf1pmUb2V09DQZFB23EgALdql%2Fj86PG530d%2BOfVavoOmqjOhj3ctzhYLf6DHndO7yf6ZWPJtIHEvvfkbEVcQH4J2tG5%2F6pkHB8nX3%2FAVcmeo6foN62A1jXUPFlsrC%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8a89fdb6986e2b58-LAX
expires
Sat, 27 Jul 2024 06:11:10 GMT
jquery-3.6.0.min.js
offer.trumplighters.com/trump/en/us/js/pre/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offer.trumplighters.com/trump/en/us/js/pre/jquery-3.6.0.min.js
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J3K64Q4JD5BGNWZVDVDXFBCB
date
Thu, 25 Jul 2024 06:11:10 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"d02571e3593c7ac903004599031cdc0e-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6PE1FG360HwJftITT767w9Cip5vFObVKWuzixOUjB79R11%2FKXOsvdUzmUfkY6vEyPlYqXAtQYvVGqob%2FfqBePLI%2BL92bu%2FGaGcqicmz0NB7vPXyR%2Fs6MrPxrtTAdGgZx0PxCp2V%2FlKAHIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
8a89fdb698732b58-LAX
alt-svc
h3=":443"; ma=86400
jquery.sticky.js
offer.trumplighters.com/trump/en/us/js/pre/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offer.trumplighters.com/trump/en/us/js/pre/jquery.sticky.js
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cf7833ee174c4af5765d79030bd45b759e7c1d47799e4062b8ad64cf7b3d581

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J3KNASCWY2DM7DJKY5WE0B1A
date
Thu, 25 Jul 2024 06:11:10 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"4d0cd952936b15bf95416a49f2f8ffd1-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QItdeI%2FBzts9vAb8ZgtjZrsodqkmVE7iHOk6c94Jtj7SuimSZjzmSRuuBeDcscKN7TEoxkMVqIvbhbY6cpvEp7L80EtCs2LDsg6GUpc6ZMwRyTY3X6kjI5LybfI5dsMW0q9m%2BWagGXc5Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
8a89fdb698742b58-LAX
alt-svc
h3=":443"; ma=86400
campaign.js
offer.trumplighters.com/trump/en/us/js/pre/ 		24 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offer.trumplighters.com/trump/en/us/js/pre/campaign.js
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9ea17f3b92f547393274b661ed542513d53e8a8e95da34aa92ae11e2744f5bb

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J3KCEE31C9GAW90GHPGCBMPP
date
Thu, 25 Jul 2024 06:11:10 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"79ca8a82abeb3c905014d956d4f6753a-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QYiYMIr1WJGumgMWn4qyaiZzxcx51fWo1RS5Il0enNXqtBUd2MaezYAoc5qBrU%2FQUyYIMJg2S44N0GbNTkrjVwF%2FqQzXlhUe%2F%2BuQMcJy%2Fk19MqEwBTFJ9iOgxAKfKfAAk3tNmOIs3ney8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
8a89fdb698752b58-LAX
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		200 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T6J4G4J
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8daac37b7af5dd7bb435ad174c6d704078658902a6197313816b27c60cccca95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://offer.trumplighters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 06:11:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
71925
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 Jul 2024 06:11:10 GMT
Group%20255.png
offer.trumplighters.com/trump/en/us/img/pre/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer.trumplighters.com/trump/en/us/img/pre/Group%20255.png
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beefc344e4a6c4a5e667bb68de613543765c946d454b8c5dc78997a5e47764c4

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J29HXTAASJRQ2NM9X4W7CP88
date
Thu, 25 Jul 2024 06:11:10 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"d8db728b46f33764d7f003ea377a2f69-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NKMEYUYy592ztTFLrfEeMQdsHvkGSMfLM3%2FAkP%2BW57jz6BNZ4I2XlV322h2KGdmh%2BjrpilCI2BUfl1Uf0rLF0EDlY9mXK4bUHexo%2F6zjeq1ug93TroGVhZX2JDcokqHO26az%2FSkgEuRupQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdb698812b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
61774
Group%20249.png
offer.trumplighters.com/trump/en/us/img/pre/ 		217 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer.trumplighters.com/trump/en/us/img/pre/Group%20249.png
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
627483e2cdfe6ea853aed8560860b80dcedfae93bd2e85f8c8c4d2c3cfee823c

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J2KKK5PEMX81EW16ZNYMVR0N
date
Thu, 25 Jul 2024 06:11:10 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"718107a0db9d48fd169c2f537e2895fd-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pen83Er1QDPSedwGpG2uNHY6zdIEYCi7Ty%2FPSRzpnfXO48o3cWN2nkXfSHiUJSiDcNrFjqYslcBVJ%2F3TrokJchcdYcoI55l8s1RDf8gmWXzDtTGxmO1qsFeS53ZXW66fSshi1P9kiusb0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdb698822b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
222370
Inter-Regular.ttf
offer.trumplighters.com/trump/en/us/css/pre/ 		303 KB
140 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://offer.trumplighters.com/trump/en/us/css/pre/Inter-Regular.ttf
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3127f0b873387ee37e2040135a06e9e9c05030f509eb63689529becf28b50384

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Origin
https://offer.trumplighters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J29P9M8E6DTCJS982MKY82WC
date
Thu, 25 Jul 2024 06:11:10 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"798536f5da2329d2a37de67236c0ff0f-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Jy1VmtOdvp%2Fe1AXgNxwaHcI9chTZGvuzSagd5Q5bldDSb%2FFeQhgQDAgoMf1QCz5QHVFqkfedAu%2Fqq7crLpcxA1g8D12fokZd0s316CyNwWYPGZajibH8C7oa7qSYAG1%2FwBLHr7ctSM31g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
public, max-age=14400, must-revalidate
cf-ray
8a89fdb6c8b02b58-LAX
alt-svc
h3=":443"; ma=86400
Monarcha%20W01%20Regular.woff2
offer.trumplighters.com/trump/en/us/css/pre/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://offer.trumplighters.com/trump/en/us/css/pre/Monarcha%20W01%20Regular.woff2
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f14094f640c5cd971656c6e59efdbdcc7bf4468a78ae4decd012bed0bd49d777

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Origin
https://offer.trumplighters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J2M8V8ESC924K2GB5ANYX53T
date
Thu, 25 Jul 2024 06:11:10 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"8f31c9da01f3110c6ce848b4cc2c3a76-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h6mIFuyQamlRSh5LhYqMXNPH6DwcW85Dnhowf4t5rotr0papSDMk381h1HiwokiwhEOGY974p0WAzvRcUeAikSh5Y7NwFKShpTpeQS5JrdgWWCMAlgOh%2BjpUP%2BLP4sg06gtIuEfWp4zSTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdb6c8b22b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
20544
Inter-Bold.ttf
offer.trumplighters.com/trump/en/us/css/pre/ 		309 KB
151 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://offer.trumplighters.com/trump/en/us/css/pre/Inter-Bold.ttf
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
412c068eab6f36e6807d630ff89127165e8e4d3e8653434cdfb56b60cdcc3a32

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Origin
https://offer.trumplighters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J2M8V8NC63X7K4GZ3D54Z4R2
date
Thu, 25 Jul 2024 06:11:10 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"5dd1b2eaa6391e430b738445c110195e-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0wwwtKkH8PLtZx8q90s%2FV9oPPUIP4ZNOHbHF639fkenwrYiKYPQaji4iQqQ4TtQGun6Ot4BgFbWbQQdFj3dUNaXGFYoFvZRTK7x1H3nXD5nIlHgkiDrZ%2BHOq0d%2B2dXv8nuu4WuPJyIJgWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
public, max-age=14400, must-revalidate
cf-ray
8a89fdb6c8b42b58-LAX
alt-svc
h3=":443"; ma=86400
Inter-Semibold.ttf
offer.trumplighters.com/trump/en/us/css/pre/ 		309 KB
150 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://offer.trumplighters.com/trump/en/us/css/pre/Inter-Semibold.ttf
Requested by
Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0b540e69bf6717016e33874670e09acf4bffc2ca3f4c1cf174a4ff696308c65

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Origin
https://offer.trumplighters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J2M8V8EJMJPQ6QP8BKWKXQQJ
date
Thu, 25 Jul 2024 06:11:10 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"e325e00a37e13471c206ac1103d0ff30-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HG78n%2FakjFu1BHv3qikBivnjEODo3E0jkbZur3zufnItk8OUIsdVwVAunN8vivXi05PHxWVMKb9h7gG2JLqCEYPIETYL%2BiqC2belAH3Nn%2FyezIcDK%2BQsKzB9nOJmvdlW6lk18zktk4IkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
public, max-age=14400, must-revalidate
cf-ray
8a89fdb6c8b72b58-LAX
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		306 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-05H6BTS6HK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6J4G4J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c24ad494f3eb43f7f905a841671f8b31e2f798210200ce8a21d228af8ac2ca1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://offer.trumplighters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 06:11:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103742
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 Jul 2024 06:11:11 GMT
hotjar-3644136.js
static.hotjar.com/c/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3644136.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6J4G4J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-126.jfk50.r.cloudfront.net
Software
/
Resource Hash
908d0dbac3e2efcf89178b3a82e35694d1cb9fa8dbd7b66badafec79d4862e3d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.trumplighters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 25 Jul 2024 06:11:11 GMT
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/f852ff6fe9c3f8c768c9d221022e2341
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
z2jsIX5qauA1uIHN3tcUBTN9X-KDJFvLANQzPodtPl4fcEWfYBUymw==
everflow.js
www.y6hjvtrk.com/scripts/sdk/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.y6hjvtrk.com/scripts/sdk/everflow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6J4G4J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.198 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
198.39.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ec9c252a62d8ad0711306d5d0d2261cb1a52f7ce7454c6c46691598146a7e4e1

Request headers

Referer
https://offer.trumplighters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 06:11:11 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server
nginx
vary
Origin
content-type
text/javascript
cache-control
max-age=14400
x-eflow-request-id
0996c60b-8d3c-425a-a77e-b0d4b1253979
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-05H6BTS6HK&gtm=45je47o0v9116032628z89116025465za200zb9116025465&_p=1721887870457&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1827248585.1721887872&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721887871&sct=1&seg=0&dl=https%3A%2F%2Foffer.trumplighters.com%2Ftrump%2Fen%2Fus%2Fpre5%3Fpackage%3D4%26bar%3Dn%26sub1%3Dlighter4pre5no-26%26evclid%3D6eb778eee5f8460495d70a9fd8d5b9d3%26utm_source%3Dlighter4pre5no-26%26aff%3D26&dt=Trump%20Lighter&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4098
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-05H6BTS6HK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://offer.trumplighters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jul 2024 06:11:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offer.trumplighters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.6c69b5997f314810cfe8.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.6c69b5997f314810cfe8.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3644136.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-46.jfk50.r.cloudfront.net
Software
/
Resource Hash
228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.trumplighters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 09:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
160205
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56293
last-modified
Tue, 23 Jul 2024 09:40:30 GMT
etag
"30c513084f4759247a82ab90e6ffe4cb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
oI4721TJ4BkyIvRVMLcz0U_ypj5i9lRPnMLwgzpzOPt7I6X-Z1sukQ==
/
content.hotjar.io/ 		56 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=3644136&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6c69b5997f314810cfe8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.252.158.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-158-105.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ca1e8be5066b2480940cf30f28ec60424666c96656f11e1f4c678e0a471f4d8e

Request headers

Referer
https://offer.trumplighters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 25 Jul 2024 06:11:13 GMT
content-length
56
access-control-max-age
86400
content-type
application/json
favicon.png
offer.trumplighters.com/trump/en/us/img/pre/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://offer.trumplighters.com/trump/en/us/img/pre/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26b43226bd2cdc442af79b9185e075cdbae727bcf5ba10c02984a7ae412e102b

Request headers

Referer
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-26&evclid=6eb778eee5f8460495d70a9fd8d5b9d3&utm_source=lighter4pre5no-26&aff=26
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J1FZCK6RDADPZ28EDM9HVBCS
date
Thu, 25 Jul 2024 06:11:12 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"4694db8fd0ff763dc4453fbf1a01743b-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u5xiUlEGYBihdUURnthRd%2F%2FYj9srkO9AVHMhBmMBBsQ7oGTLb%2F%2FyXphpfHMc5QV9GaCv6M1NtAL4kQ7d5SUmBV%2BJn27kh53eop1azpwXVybUetHwJ9AAf7oqOZRxqHuVWoaof86%2BfMVD6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8a89fdc31edf2b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
1875

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| getDate object| dataLayer object| year function| $ function| jQuery object| path string| campaignPath string| base object| url function| stickycall object| $elem object| $window number| docViewBottom number| elemTop number| elemBottom object| google_tag_manager object| google_tag_data function| hj object| _hjSettings object| EF function| onYouTubeIframeAPIReady object| gaGlobal object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled

10 Cookies

Domain/Path Name / Value
.clktrack7.com/ Name: sid
Value: TcFOEyX9AVSUA/LGcpq4CuwuTrI4tWWkawicqG8lO/VPBXYQju2EFg==
.clktrack7.com/ Name: trk
Value: KEkj0Odb5cGUA/LGcpq4CuwuTrI4tWWkawicqG8lO/VPBXYQju2EFg==
.clktrack7.com/ Name: c2395
Value: TcFOEyX9AVSNeah130CowXbnbgLfeFXIjb9RbZnyU+8=
www.y6hjvtrk.com/ Name: uniqueClick_363TCP
Value: cb074d7c-bb3a-4da6-8356-9ec4e078e15f:1721887869
www.y6hjvtrk.com/ Name: transaction_id
Value: 6eb778eee5f8460495d70a9fd8d5b9d3
www.toastyheat.com/ Name: link
Value: 1
.trumplighters.com/ Name: _ga_05H6BTS6HK
Value: GS1.1.1721887871.1.0.1721887871.0.0.0
.trumplighters.com/ Name: _ga
Value: GA1.1.1827248585.1721887872
.trumplighters.com/ Name: _hjSessionUser_3644136
Value: eyJpZCI6ImVhZTI5ZWFmLWMwYmYtNWUwNy04ODBiLWUxNDM5MjczZGZiMyIsImNyZWF0ZWQiOjE3MjE4ODc4NzI0MTYsImV4aXN0aW5nIjp0cnVlfQ==
.trumplighters.com/ Name: _hjSession_3644136
Value: eyJpZCI6ImE1MTEzOWViLTU0ZDEtNGY4Ni05NTljLWY4MGNhZjI1ZmY0OSIsImMiOjE3MjE4ODc4NzI0MTcsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clktrack11.com
clktrack7.com
content.hotjar.io
offer.trumplighters.com
script.hotjar.com
static.hotjar.com
www.google-analytics.com
www.googletagmanager.com
www.shanghaidefeat.net
www.toastyheat.com
www.y6hjvtrk.com
108.138.106.126
172.67.131.253
18.164.96.46
192.3.130.2
2606:4700:3033::ac43:83fd
2607:f8b0:4006:80e::200e
2607:f8b0:4006:821::2008
34.213.228.20
34.252.158.105
35.190.39.198
52.32.57.248
72.167.211.14
228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26b43226bd2cdc442af79b9185e075cdbae727bcf5ba10c02984a7ae412e102b
2cf7833ee174c4af5765d79030bd45b759e7c1d47799e4062b8ad64cf7b3d581
2f364f10c2ee55cda4e6279af70d8059f7571277c8971649c4a56b2320d508f3
3127f0b873387ee37e2040135a06e9e9c05030f509eb63689529becf28b50384
412c068eab6f36e6807d630ff89127165e8e4d3e8653434cdfb56b60cdcc3a32
4ae01720dd802bf5224efe3f6f44380d324dc049fdacb2754eb403c34e492273
53a8318a4b95a737f39f6bbdacf9b47140b6acc336054bf3a9731f34e96f583f
5c24ad494f3eb43f7f905a841671f8b31e2f798210200ce8a21d228af8ac2ca1
627483e2cdfe6ea853aed8560860b80dcedfae93bd2e85f8c8c4d2c3cfee823c
6318f5d803ae122c3f43a480a870cc8fa6dc0b18198506b95dfb4a3b2b2351d3
76f1f6526cb7d13d927dd098ab11b373d670c5bfe824d3afcb2b9c132ec25583
7b691dd6aecaa3ece62e9afd6bdb265a918dfc12cb9e8ad2b24a1e0726ee650d
8ce6db5e52a303b321fa5f07a6ff4b8d3c030a815234150b8622bd820bbdc39b
8daac37b7af5dd7bb435ad174c6d704078658902a6197313816b27c60cccca95
908d0dbac3e2efcf89178b3a82e35694d1cb9fa8dbd7b66badafec79d4862e3d
a538fdf41aff5cb1c6c89d3ce52bac81d0b42e4116feea7b14d21036fa2195c5
af43b4c9ff0572b4fed1935a9bde8986d0adb73484dca46a5489e337b866e30d
b0b540e69bf6717016e33874670e09acf4bffc2ca3f4c1cf174a4ff696308c65
b1ccfc8b51ef1e4d6aa162d924594955c045f47c07eda17bdabde5e449586845
b4d781b20d03091203589da1c2e8871f79f04f858ce95311c3977645cbd34731
beefc344e4a6c4a5e667bb68de613543765c946d454b8c5dc78997a5e47764c4
c9ea17f3b92f547393274b661ed542513d53e8a8e95da34aa92ae11e2744f5bb
ca1e8be5066b2480940cf30f28ec60424666c96656f11e1f4c678e0a471f4d8e
cb578811acec354d0efcf56fdd812405b5ef15dbc45f6b306294947bd67e2a1c
cbf6ba2b04ebea1f8b07edb4267779c5170b0cfaba01075372d7ee2522ece9ee
cfb127f31cb64bbf68d03d747caa6e5c94c139f37c0b4c538f706ba7e0626e93
ec9c252a62d8ad0711306d5d0d2261cb1a52f7ce7454c6c46691598146a7e4e1
f14094f640c5cd971656c6e59efdbdcc7bf4468a78ae4decd012bed0bd49d777
fa12c82c086b1e0aab0944417ac77add7f2cefa828940637f686cd29ff7a899c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e