blog.trump-shops.com Open in urlscan Pro
2a01:4f8:d0a:63ec::2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.trump-shops.com/
Submission: On August 17 via api (August 17th 2024, 8:42:35 am UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 15 domains to perform 64 HTTP transactions. The main IP is 2a01:4f8:d0a:63ec::2, located in Bad Soden-Salmuenster, Germany and belongs to HETZNER-AS, DE. The main domain is blog.trump-shops.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on August 15th 2024. Valid for: a year.

This is the only time blog.trump-shops.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2a01:4f8:d0a:... 2a01:4f8:d0a:63ec::2	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
11	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:133e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:15b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:18f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.66.122.68 18.66.122.68	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700::68... 2606:4700::6812:f9e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
64	14

26 2a01:4f8:d0a:63ec::2 (Bad Soden-Salmuenster, Germany)

ASN24940 (HETZNER-AS, DE)

blog.trump-shops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

app.groove.cm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.groovetech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
matomo.groovetech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:133e (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:15b4 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.grooveapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:645 (United States)

ASN13335 (CLOUDFLARENET, US)

conversations-widget.brevo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
in-automate.brevo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18f3 (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-68.fra60.r.cloudfront.net

web-sdk.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f9e9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

conversations-widget.sendinblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	trump-shops.com blog.trump-shops.com	857 KB
9	groovetech.io images.groovetech.io — Cisco Umbrella Rank: 537311 matomo.groovetech.io — Cisco Umbrella Rank: 547176	241 KB
4	brevo.com conversations-widget.brevo.com — Cisco Umbrella Rank: 166193 in-automate.brevo.com — Cisco Umbrella Rank: 34591	31 KB
3	gstatic.com fonts.gstatic.com	55 KB
3	grooveapps.com assets.grooveapps.com — Cisco Umbrella Rank: 501638	1 MB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	283 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	74 KB
2	smartlook.com web-sdk.smartlook.com — Cisco Umbrella Rank: 30663	23 KB
2	sibautomation.com sibautomation.com — Cisco Umbrella Rank: 34099	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	176 KB
2	groove.cm app.groove.cm — Cisco Umbrella Rank: 437942	75 KB
1	sendinblue.com 1 redirects conversations-widget.sendinblue.com — Cisco Umbrella Rank: 300182	363 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
1	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3618
64	15

	Domain	Requested by
26	blog.trump-shops.com	blog.trump-shops.com
7	images.groovetech.io	blog.trump-shops.com
3	fonts.gstatic.com	fonts.googleapis.com
3	conversations-widget.brevo.com	blog.trump-shops.com conversations-widget.sendinblue.com
3	assets.grooveapps.com	blog.trump-shops.com
3	fonts.googleapis.com	blog.trump-shops.com app.groove.cm
2	www.facebook.com	blog.trump-shops.com
2	connect.facebook.net	blog.trump-shops.com connect.facebook.net
2	matomo.groovetech.io	blog.trump-shops.com matomo.groovetech.io
2	web-sdk.smartlook.com	blog.trump-shops.com web-sdk.smartlook.com
2	sibautomation.com	blog.trump-shops.com sibautomation.com
2	www.googletagmanager.com	blog.trump-shops.com www.googletagmanager.com
2	app.groove.cm	blog.trump-shops.com
1	in-automate.brevo.com	sibautomation.com
1	conversations-widget.sendinblue.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	kit.fontawesome.com	blog.trump-shops.com
64	17

This site contains links to these domains. Also see Links.

Domain
trump-shops.com

Subject Issuer	Validity	Valid
blog.trump-shops.com Encryption Everywhere DV TLS CA - G2	`2024-08-15` - `2025-08-14`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
groove.cm E5	`2024-07-05` - `2024-10-03`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
grooveapps.com Cloudflare Inc ECC CA-3	`2023-10-07` - `2024-10-06`	a year	crt.sh
groovetech.io WE1	`2024-08-10` - `2024-11-08`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
brevo.com WE1	`2024-06-21` - `2024-09-19`	3 months	crt.sh
sibautomation.com WE1	`2024-08-05` - `2024-11-03`	3 months	crt.sh
web-sdk.smartlook.com Amazon RSA 2048 M02	`2024-06-13` - `2025-07-12`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-26` - `2024-08-24`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://blog.trump-shops.com/
Frame ID: 60F2E65BF134AC1801A18610C6478CE4
Requests: 62 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=gi9zsib1oo3mid1ckfvvv7zr
Frame ID: 59E9C8BA133C7596C9F383C907F66A64
Requests: 1 HTTP requests in this frame

Frame: https://conversations-widget.brevo.com/?isModern=true
Frame ID: 873C7C9BF2C435486071C92B4E61EA07
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Prelander – Trump Shops

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets
<link [^>]*href=(?:"|')[^"']*uploads/elementor/css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

64
Requests

95 %
HTTPS

93 %
IPv6

15
Domains

17
Subdomains

14
IPs

2
Countries

2865 kB
Transfer

5321 kB
Size

22
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://trump-shops.com/shop/think-big-act-bold-trumps-blueprint-for-leadership-success/

Search URL Search Domain Scan URL

URL: https://trump-shops.com/shop/think-big-act-bold-trumps-blueprint-for-leadership-success/?utm_source=lander&utm_medium=social&utm_campaign=trump-shops-1508-leadscampaign

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://conversations-widget.sendinblue.com/sib-conversations.js HTTP 301
https://conversations-widget.brevo.com/sib-conversations.js

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
blog.trump-shops.com/ 207 KB
208 KB 789ms
578ms Document
text/html 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 83673d07cef3cfcacfb50b62af83c157792d33522dd2a4c3bee812e8baff056b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 17 Aug 2024 08:42:28 GMT
link: <https://blog.trump-shops.com/wp-json/>; rel="https://api.w.org/", <https://blog.trump-shops.com/wp-json/wp/v2/pages/21>; rel="alternate"; title="JSON"; type="application/json", <https://blog.trump-shops.com/>; rel=shortlink
server: Apache

GET
H2 200 style.min.css
blog.trump-shops.com/wp-content/themes/hello-elementor/ 5 KB
5 KB 67ms
33ms Stylesheet
text/css 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/themes/hello-elementor/style.min.css?ver=3.1.1
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 0f3d863879ef08a122ac5540fce116b6644fc764baa5c3d626844a1916f9916c

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 09:55:09 GMT
server: Apache
accept-ranges: bytes
etag: "157d-61fb5d695c914"
content-length: 5501
content-type: text/css

GET
H2 200 theme.min.css
blog.trump-shops.com/wp-content/themes/hello-elementor/ 5 KB
5 KB 68ms
34ms Stylesheet
text/css 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/themes/hello-elementor/theme.min.css?ver=3.1.1
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 99d5027485ea4cc43f6b2a648b1a67213fabeffaea5f1f0b5a1d6fe9c1badf13

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 09:55:09 GMT
server: Apache
accept-ranges: bytes
etag: "141a-61fb5d695d8b4"
content-length: 5146
content-type: text/css

GET
H2 200 header-footer.min.css
blog.trump-shops.com/wp-content/themes/hello-elementor/ 7 KB
7 KB 69ms
36ms Stylesheet
text/css 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/themes/hello-elementor/header-footer.min.css?ver=3.1.1
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e4c904ca22994aca271b12b0715582029ca1b4339c85722d89e008b568fabfb8

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 09:55:09 GMT
server: Apache
accept-ranges: bytes
etag: "1c2c-61fb5d695c914"
content-length: 7212
content-type: text/css

GET
H2 200 frontend-lite.min.css
blog.trump-shops.com/wp-content/plugins/elementor/assets/css/ 207 KB
207 KB 68ms
35ms Stylesheet
text/css 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.23.4
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 6f69140fa5c83536f52bcd3c902b44f35d9e9386d1575c6eb46b061893e3837d

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 09:55:19 GMT
server: Apache
accept-ranges: bytes
etag: "33c98-61fb5d726223f"
content-length: 212120
content-type: text/css

GET
H2 200 post-9.css
blog.trump-shops.com/wp-content/uploads/elementor/css/ 1 KB
1 KB 98ms
66ms Stylesheet
text/css 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/uploads/elementor/css/post-9.css?ver=1723733747
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 3d6118c6a6e31a9d0bf1d942e03447ee46c2ee63657ea1dcbc36e9eb198dd3d3

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 14:55:47 GMT
server: Apache
accept-ranges: bytes
etag: "51f-61fba09af8109"
content-length: 1311
content-type: text/css

GET
H2 200 swiper.min.css
blog.trump-shops.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/ 16 KB
16 KB 97ms
67ms Stylesheet
text/css 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 09:55:19 GMT
server: Apache
accept-ranges: bytes
etag: "4057-61fb5d729009f"
content-length: 16471
content-type: text/css

GET
H2 200 global.css
blog.trump-shops.com/wp-content/uploads/elementor/css/ 9 KB
9 KB 96ms
70ms Stylesheet
text/css 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/uploads/elementor/css/global.css?ver=1723733747
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 60e3083dd987ec50c560bf8219fd9dfb1a6f3b546c405be9218448f7e0bb9368

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 14:55:47 GMT
server: Apache
accept-ranges: bytes
etag: "2503-61fba09b0d8c9"
content-length: 9475
content-type: text/css

GET
H2 200 post-21.css
blog.trump-shops.com/wp-content/uploads/elementor/css/ 437 B
485 B 107ms
81ms Stylesheet
text/css 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/uploads/elementor/css/post-21.css?ver=1723733747
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 9df116c3e745586a007e2e8794869bcb6c041b075eb4945a0a04b23129c1e298

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 14:55:47 GMT
server: Apache
accept-ranges: bytes
etag: "1b5-61fba09b107a9"
content-length: 437
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 49 KB
2 KB 280ms
51ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6.1

Requested by

Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0fa06655078e0ac20e2af926a55c9e56ce3484ddc439cb4643a7f8c8f6ac031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Aug 2024 08:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Aug 2024 08:35:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Aug 2024 08:42:29 GMT

GET
H2 200 jquery.min.js Show response
blog.trump-shops.com/wp-includes/js/jquery/ 86 KB
86 KB 93ms
69ms Script
application/javascript 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: Apache
accept-ranges: bytes
etag: "15601-603fed35e19c0"
content-length: 87553
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
blog.trump-shops.com/wp-includes/js/jquery/ 13 KB
13 KB 118ms
94ms Script
application/javascript 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: Apache
accept-ranges: bytes
etag: "3509-5fdabee5f2100"
content-length: 13577
content-type: application/javascript

GET
H2 200 js.cookie.js Show response
blog.trump-shops.com/wp-content/plugins/handl-utm-grabber/js/ 3 KB
4 KB 119ms
96ms Script
application/javascript 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/plugins/handl-utm-grabber/js/js.cookie.js?ver=6.6.1
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: be9fd8fcea458eae07d70cfbb97851f8aaffa032eb02faafe871b30b2df13d60

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 10:08:23 GMT
server: Apache
accept-ranges: bytes
etag: "df1-61fb605e474ed"
content-length: 3569
content-type: application/javascript

GET
H2 200 handl-utm-grabber.js Show response
blog.trump-shops.com/wp-content/plugins/handl-utm-grabber/js/ 1 KB
2 KB 117ms
97ms Script
application/javascript 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/plugins/handl-utm-grabber/js/handl-utm-grabber.js?ver=6.6.1
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 36cc3d1c89238b48ce5998ea5d9a130ecf7311973abba6a9253c5fa616bc8511

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 10:08:23 GMT
server: Apache
accept-ranges: bytes
etag: "5f5-61fb605e4654d"
content-length: 1525
content-type: application/javascript

GET
H2 200 jquery.bind-first-0.2.3.min.js Show response
blog.trump-shops.com/wp-content/plugins/pixelyoursite/dist/scripts/ 1 KB
1 KB 118ms
98ms Script
application/javascript 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.6.1
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 14:55:09 GMT
server: Apache
accept-ranges: bytes
etag: "525-61fba0776f60b"
content-length: 1317
content-type: application/javascript

GET
H2 200 js.cookie-2.1.3.min.js Show response
blog.trump-shops.com/wp-content/plugins/pixelyoursite/dist/scripts/ 2 KB
2 KB 115ms
99ms Script
application/javascript 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 14:55:09 GMT
server: Apache
accept-ranges: bytes
etag: "6ad-61fba0776f60b"
content-length: 1709
content-type: application/javascript

GET
H2 200 public.js Show response
blog.trump-shops.com/wp-content/plugins/pixelyoursite/dist/scripts/ 118 KB
118 KB 116ms
100ms Script
application/javascript 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.7.1
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 7bb69f2363b8d61ca79aa77346468236ea06c62560a5b58bdff97e99c3bd7d65

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 14:55:09 GMT
server: Apache
accept-ranges: bytes
etag: "1d87e-61fba0776f60b"
content-length: 120958
content-type: application/javascript

GET
H2 200 css2
fonts.googleapis.com/ 763 KB
141 KB 55ms
51ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Requested by

Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e126947de08d7072bfd7cdbe36262f3b5ce5750a1eaccfdd3d2b4f182ffa8088

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Aug 2024 08:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Aug 2024 08:34:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Aug 2024 08:42:29 GMT

GET
H2 200 inpage_published_parsed.css
app.groove.cm/groovepages/css/ 462 KB
67 KB 964ms
796ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/css/inpage_published_parsed.css
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b88460b901184a8c110874fae048b1c8e2ad98bd5e61db8ce6c94059be477b1c

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 01 Aug 2024 22:16:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66ac0946-739ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VKvtMwiXV9pWE6p0sxABzDpeNyE6JdlOMezRMKGezufGYtwa%2FlFdUsL8k8iozVpCfDIMFKPzF0KqZfBYInHTGfmHizSW7pKgpEkPLohSK4rHdKTH5iAUmIgeAvM%2FJgpIr5BzBgbWXUxzIGXR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b485efefee3381a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 403 e7647a48d4.js
kit.fontawesome.com/ 0
0 374ms
206ms Script
text/plain 2606:4700::6812:133e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/e7647a48d4.js
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:133e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://blog.trump-shops.com/
Origin: https://blog.trump-shops.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
cf-cache-status: MISS
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
vary: Accept-Encoding
cf-ray: 8b485efef8092c43-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
content-length: 9
x-request-id: F-x3gCiRvQGp18pczG6C

GET
H2 404 index.css
blog.trump-shops.com/ 0
0 236ms
233ms Stylesheet
text/html 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/index.css?v=1.1723731214
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Wed, 11 Jan 1984 05:00:00 GMT
date: Sat, 17 Aug 2024 08:42:29 GMT
cache-control: no-cache, must-revalidate, max-age=0
server: Apache
link: <https://blog.trump-shops.com/wp-json/>; rel="https://api.w.org/"
content-type: text/html; charset=UTF-8

GET
H2 200 1631285437_As-seen-on.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/ 261 KB
262 KB 355ms
188ms Image
image/webp 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1631285437_As-seen-on.png
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57b3ca9ce410af539ec9d41a6dac01cfd7ab08057d765148e41248633349fb76

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=566722
x-guploader-uploadid: AHxI1nMEaDLaFnXESdufr2DPJyclDldr5EVxIhkAxvEIAo8JOGpMcgnqvkgPPf5h_p7P_d-DLzUZA8DQeQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1631285437_As-seen-on.webp"
content-length: 267298
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Sep 2021 14:50:38 GMT
server: cloudflare
etag: "e2e479df5534b02e628fce90f5ac4681"
vary: Accept
x-goog-generation: 1631285437975950
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=vYb30w==, md5=4uR531U0sC5ij86Q9axGgQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 566722
accept-ranges: bytes
cf-ray: 8b485efefc2b6910-FRA
expires: Sat, 17 Aug 2024 12:42:29 GMT

GET
H3 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzM1YjExMDJhLWRhMjYtNDIyYS05NzBmLWEzMDExYjkyNmVhNi8xNzIzNTgyMDE3X2Vic3prYmlic3IzaGVuc3Y1ZjM5NmRiYmMxMTBjLmpwZw.webp
images.groovetech.io/sTRlMqK2REvDFQpNNXXGn5yTW5_atxcRDDfqd0Xait4/rs:fit:0:0:0/g:no:0:0/c:0:0/ 27 KB
28 KB 1005ms
882ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/sTRlMqK2REvDFQpNNXXGn5yTW5_atxcRDDfqd0Xait4/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzM1YjExMDJhLWRhMjYtNDIyYS05NzBmLWEzMDExYjkyNmVhNi8xNzIzNTgyMDE3X2Vic3prYmlic3IzaGVuc3Y1ZjM5NmRiYmMxMTBjLmpwZw.webp

Requested by

Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f6450f2c1471c850daa140c041abb0c1f8bd1b8336240a53b604e318f6cd53e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:30 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1723582017_ebszkbibsr3hensv5f396dbbc110c.webp"
alt-svc: h3=":443"; ma=86400
content-length: 27692
x-request-id: ebfab1dd814503823ecb3e5e3d280c76
last-modified: Sat, 17 Aug 2024 08:42:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F5lrPPzFJl4JvpXvYZVZizwdShzfKjRUWkHGGoNGx4%2FxfWkgHTOq%2BDWyzc%2F%2FP5IsYS9H1ocGaSN4zxKCZ9nOA7Rd40V5BgTdjKywbXK6cKXLEnoBkpEUIztarq3n%2Fj8gu86w%2FPRyOXRjPYiYhKT2xBcHgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b485efeac373687-FRA

GET
H3 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzM1YjExMDJhLWRhMjYtNDIyYS05NzBmLWEzMDExYjkyNmVhNi8xNzIzNzMwMDA3Xy5wbmc.webp
images.groovetech.io/ClRg3gQ3BUegYfYqq9tSblu53UNfII8qXEOYkevCK6s/rs:fit:0:0:0/g:no:0:0/c:0:0/ 49 KB
50 KB 683ms
656ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/ClRg3gQ3BUegYfYqq9tSblu53UNfII8qXEOYkevCK6s/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzM1YjExMDJhLWRhMjYtNDIyYS05NzBmLWEzMDExYjkyNmVhNi8xNzIzNzMwMDA3Xy5wbmc.webp

Requested by

Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

312b49a6454e84b05cbc72fbb61217c2b4e7d1cba1b1993293072396276fc188

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:30 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1723730007_.webp"
alt-svc: h3=":443"; ma=86400
content-length: 50330
x-request-id: 67ccb4dcf17f133434211bbc5e857cfe
last-modified: Sat, 17 Aug 2024 08:42:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VT8rqtGQ3eUcfVOuLGpu3RqgJICXmQL%2BuJRNLP%2FDov%2FZlxzMBw3ulkRdm1hztUSuh9b1laiwFTX5PIGNUlml1eSJU7lb9evTUx%2F3mi9JiN4KUrURp4Zd7Q%2FeIQ6fGvduPQCVSOneog8K%2BJT5TZixQnh%2FvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b485efeac263687-FRA

GET
H2 200 1631107507_Course-Mockup.png
assets.grooveapps.com/images/5f2966e7896b1600384f7f84/ 768 KB
769 KB 226ms
156ms Image
image/webp 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f2966e7896b1600384f7f84/1631107507_Course-Mockup.png
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1590e5397c2ead18aed5c0773f42cfb0c51aa70bd84b5f74fae4b14ccf36cf05

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=1223908
x-guploader-uploadid: AHxI1nP3k5xTJYLy5w_KB9-iIF9ti4gwT0_lXYlQ2rj1fR9XepdXURqNfz-97_2EMgjukSHu-k8YdsBJfw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1631107507_Course-Mockup.webp"
content-length: 786342
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Sep 2021 13:25:08 GMT
server: cloudflare
etag: "228c0f227ac39f6c6b4c8da8d1d8b4c5"
vary: Accept
x-goog-generation: 1631107507992063
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=Dw7ivw==, md5=IowPInrDn2xrTI2o0di0xQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 1223908
accept-ranges: bytes
cf-ray: 8b485efefc316910-FRA
expires: Sat, 17 Aug 2024 12:42:29 GMT

GET
H3 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzM1YjExMDJhLWRhMjYtNDIyYS05NzBmLWEzMDExYjkyNmVhNi8xNzIzNTgyNDYxX0RTQzA3NTA3LmpwZw.webp
images.groovetech.io/BDi1aU8Tbd3kWTfQeMvvMskn4DkMZShxL2Tk4fD6fOk/rs:fit:0:0:0/g:no:0:0/c:0:0/ 34 KB
34 KB 678ms
651ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/BDi1aU8Tbd3kWTfQeMvvMskn4DkMZShxL2Tk4fD6fOk/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzM1YjExMDJhLWRhMjYtNDIyYS05NzBmLWEzMDExYjkyNmVhNi8xNzIzNTgyNDYxX0RTQzA3NTA3LmpwZw.webp

Requested by

Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aa17ffa3e7cf0f4705a2d85980ad25ecdf8649e6cdbf3753b61aa33769f618c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:30 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1723582461_DSC07507.webp"
alt-svc: h3=":443"; ma=86400
content-length: 34364
x-request-id: b9baafd024063e519c991f5155c953bc
last-modified: Sat, 17 Aug 2024 08:42:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=za1m3P7hK38nLj9bzBtiklx0vaR4OR%2FXYLaPsJZbu8Nw1W4lp7wMn3WcWoYmslcSzhtCrytNcPddBakKvtKhKzD9mbz5e7qzP2spBtn86xBe4rcddwrLbZo9SCmiQkTmcjnF76tzSSsVSRgaD70Gd%2Fze5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b485efeac343687-FRA

GET
H3 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzM1YjExMDJhLWRhMjYtNDIyYS05NzBmLWEzMDExYjkyNmVhNi8xNzIzNjcxMDcwX1VudGl0bGVkZGVzaWduNS5wbmc.webp
images.groovetech.io/evpzOTzlvPETjKI27b62_NiI2RXseW8ANHkF0fSuxK0/rs:fit:0:0:0/g:no:0:0/c:0:0/ 32 KB
32 KB 919ms
907ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/evpzOTzlvPETjKI27b62_NiI2RXseW8ANHkF0fSuxK0/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzM1YjExMDJhLWRhMjYtNDIyYS05NzBmLWEzMDExYjkyNmVhNi8xNzIzNjcxMDcwX1VudGl0bGVkZGVzaWduNS5wbmc.webp

Requested by

Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7d2595664ca964344fb1cedc53b0c6cba1c89b2a8b18a3bde2a5e1d78f9e141

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:30 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1723671070_Untitleddesign5.webp"
alt-svc: h3=":443"; ma=86400
content-length: 32516
x-request-id: 1dec57ae46768a102da08a03f715cd75
last-modified: Sat, 17 Aug 2024 08:42:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=om3U4arufdNm9M1gH4tMRgDbaD5M446dcbQgbQLDRgHZgA0HnhqlJyWy3dWZCP4aJKVPdXpmRppX%2F9aqLVC4%2Fhawr4fsfX4YTiF%2BZ7GRWb7tD0Iuliqq2XgsuZ1cRfC6hUtIcS%2Fko1st2Q%2B7o4MtvdyOpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b485efeac333687-FRA

GET
H2 200 countdown-lib.web.js Show response
assets.grooveapps.com/plugins/ 33 KB
13 KB 106ms
36ms Script
application/javascript 2606:4700::6812:15b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.grooveapps.com/plugins/countdown-lib.web.js
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea5e42100d38cd71f9f9094c4a31c9db8e6fbaf94382e9f7c2ab5174614b772a

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 1902
cf-polished: origSize=33901
x-guploader-uploadid: AHxI1nMZZnyx86JR9gUBqzPz0KUAwx7TekdVwuv2dqbXTbPBJoSLgcYw0fEdjeUQhFSlmcCJ_UY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Tue, 30 Jul 2024 21:40:35 GMT
server: cloudflare
etag: W/"92de9ad1bb69d709d1391952da2c4fed"
vary: Accept-Encoding
x-goog-generation: 1722375635717796
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=PRiKyQ==, md5=kt6a0btp1wnRORlS2ixP7Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 33901
cf-ray: 8b485efefc356910-FRA
expires: Sat, 17 Aug 2024 12:42:29 GMT

GET
H3 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzM1YjExMDJhLWRhMjYtNDIyYS05NzBmLWEzMDExYjkyNmVhNi8xNzIzNzMxMDIzX2Rvd25sb2FkMS5wbmc.webp
images.groovetech.io/1FyZkGl_CVNW0DtbFg0XoGhXvFO1ZmwkOll_UINdk1I/rs:fit:0:0:0/g:no:0:0/c:0:0/ 22 KB
23 KB 554ms
542ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/1FyZkGl_CVNW0DtbFg0XoGhXvFO1ZmwkOll_UINdk1I/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzM1YjExMDJhLWRhMjYtNDIyYS05NzBmLWEzMDExYjkyNmVhNi8xNzIzNzMxMDIzX2Rvd25sb2FkMS5wbmc.webp

Requested by

Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0db4697203567ce95a2790b996b7b5a20ab46e358d2dcceb1e07e2c217764d6d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:30 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1723731023_download1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 22936
x-request-id: 99729497cd9ce875b9bebd9772b42455
last-modified: Sat, 17 Aug 2024 08:42:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aKciaXHxC3ifRvx82F9698xkKtK%2Btuh6wA2Xs1RRvyx7Dau4Hdm5%2FWNfRDKuTIBRPplT%2F1MOai7b7sCi2IH17B%2FYE1JKzYd5XbkKar1s%2BIsKCh%2FpNJEwM32JQeNJoCHhXniJAtUhqTRI9PRCS1v0Ly23Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b485efeac2f3687-FRA

GET
H3 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzM1YjExMDJhLWRhMjYtNDIyYS05NzBmLWEzMDExYjkyNmVhNi8xNzIzNzMxMDQ4X2Rvd25sb2FkMi5wbmc.webp
images.groovetech.io/PnttEuBa-iuftYQaHNjzbH712YlJXu4ZyGG_HRR9vco/rs:fit:0:0:0/g:no:0:0/c:0:0/ 26 KB
26 KB 762ms
750ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/PnttEuBa-iuftYQaHNjzbH712YlJXu4ZyGG_HRR9vco/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzM1YjExMDJhLWRhMjYtNDIyYS05NzBmLWEzMDExYjkyNmVhNi8xNzIzNzMxMDQ4X2Rvd25sb2FkMi5wbmc.webp

Requested by

Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7342b6fddb58a7aec583a6476be02b2221c35d3693fbd070a1f9a876c66e6ce

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:30 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1723731048_download2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 26406
x-request-id: d506bbc9ec073935abdc2b8ed6e65554
last-modified: Sat, 17 Aug 2024 08:42:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y9hmkdqf9kmhxJFo6QLvHOAolB2mFhFUZ%2FaTSzFBuMD04EhOgbV3KCqp31STr54LofrPI5AvkfZiX%2BoDEtlbSL1HnlBPArrdoz%2FLNmCNAL22Rgpa95FOmcY3ijHupr257biksWJh32HUJOXKcj5u2nummQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b485efeac2b3687-FRA

GET
H3 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzM1YjExMDJhLWRhMjYtNDIyYS05NzBmLWEzMDExYjkyNmVhNi8xNzIzNzMxMDc0X2Rvd25sb2FkMy5wbmc.webp
images.groovetech.io/eDSxY-W1wqTS-tSy-MzcAst3gszscOdvH5AhRFUmCnc/rs:fit:0:0:0/g:no:0:0/c:0:0/ 25 KB
26 KB 561ms
541ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/eDSxY-W1wqTS-tSy-MzcAst3gszscOdvH5AhRFUmCnc/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzM1YjExMDJhLWRhMjYtNDIyYS05NzBmLWEzMDExYjkyNmVhNi8xNzIzNzMxMDc0X2Rvd25sb2FkMy5wbmc.webp

Requested by

Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9997750d31862a734133bc22daec5c8309ba432ca1cb2cf808c0f07c89d37652

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:30 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1723731074_download3.webp"
alt-svc: h3=":443"; ma=86400
content-length: 25818
x-request-id: 5b7f317f46cffa35a1467828204ca0fc
last-modified: Sat, 17 Aug 2024 08:42:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tohyq6%2Bcl2zZ757pHkoeK2OMCTcga2UDyR8kh8P9oj9VePVjPYNZakvLEJe6qiSnOCxP75851mXGHAGn8ayEV67HxtbrMlDcvG4yrs2VpkgS8G6i0Zx4EEP%2FGlJ88FMq6KvAur7p6PZ91cD8h%2B68Xd7kBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b485f0339413687-FRA

GET
H2 200 inpage_published_parsed.js Show response
app.groove.cm/groovepages/js/ 23 KB
8 KB 114ms
44ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/js/inpage_published_parsed.js
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa5e7eeaf70fc300c97f8e5a16c03a1d991f3f97333b0b7c70ba9cd1df68dd75

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Aug 2024 22:16:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6472
etag: W/"66ac0946-5b29"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YjMoBJOAiytR9WS4GsvprMA3EkMHZJzfipiBeQCCQJRlwN1OiKtK5Vv3JgwCORNnSm7Cr0MDIuXGdcNM83bk2IHuBec6pq9NmDGTVJpwAarj3qIbQkmgBjzVf2sFl78ioza%2BL8RghZSZH8fN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b485efefee6381a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 hello-frontend.min.js Show response
blog.trump-shops.com/wp-content/themes/hello-elementor/assets/js/ 3 KB
3 KB 48ms
47ms Script
application/javascript 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=3.1.1
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 136acda5fd3e3d3f513128119e42cf70bbd234c71c210b102e3d4d3ca0637e0c

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 09:55:09 GMT
server: Apache
accept-ranges: bytes
etag: "abd-61fb5d695c914"
content-length: 2749
content-type: application/javascript

GET
H2 200 webpack.runtime.min.js Show response
blog.trump-shops.com/wp-content/plugins/elementor/assets/js/ 5 KB
5 KB 54ms
53ms Script
application/javascript 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.23.4
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 612c7268d82895019e8b18ec61941fd00d0ada067dae8facb7b9c2bade385a4d

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 09:55:19 GMT
server: Apache
accept-ranges: bytes
etag: "1385-61fb5d72854bf"
content-length: 4997
content-type: application/javascript

GET
H2 200 frontend-modules.min.js Show response
blog.trump-shops.com/wp-content/plugins/elementor/assets/js/ 72 KB
72 KB 39ms
39ms Script
application/javascript 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.23.4
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: f4d7dcc49b91d63d4175cd0bcbf3547aa4ef1eeb2b5839d74bee58cb2775afde

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 09:55:19 GMT
server: Apache
accept-ranges: bytes
etag: "11f60-61fb5d727f6ff"
content-length: 73568
content-type: application/javascript

GET
H2 200 waypoints.min.js Show response
blog.trump-shops.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
12 KB 98ms
97ms Script
application/javascript 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 09:55:19 GMT
server: Apache
accept-ranges: bytes
etag: "2fa6-61fb5d729009f"
content-length: 12198
content-type: application/javascript

GET
H2 200 core.min.js Show response
blog.trump-shops.com/wp-includes/js/jquery/ui/ 21 KB
21 KB 96ms
95ms Script
application/javascript 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 27 Jun 2024 13:51:43 GMT
server: Apache
accept-ranges: bytes
etag: "53d8-61bdf6e5539c0"
content-length: 21464
content-type: application/javascript

GET
H2 200 frontend.min.js Show response
blog.trump-shops.com/wp-content/plugins/elementor/assets/js/ 39 KB
39 KB 98ms
97ms Script
application/javascript 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.23.4
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: d472c6dc0eac7e2287635400d88ce4fe64211ba51929027fad3e45fa84b6c302

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
last-modified: Thu, 15 Aug 2024 09:55:19 GMT
server: Apache
accept-ranges: bytes
etag: "9d39-61fb5d727e75f"
content-length: 40249
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 204 KB
73 KB 203ms
36ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T5JV5DRJ

Requested by

Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a25f588e93d7e43349fcef5d04be4b8f46bda70639b8f5b66dbc773da18ca6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74130
x-xss-protection: 0
last-modified: Sat, 17 Aug 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Aug 2024 08:42:29 GMT

GET
BLOB 200
OK 554ce678-7eeb-4fa6-b9e1-a2ce5145e6b8
https://blog.trump-shops.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blog.trump-shops.com/554ce678-7eeb-4fa6-b9e1-a2ce5145e6b8
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 313 KB
103 KB 40ms
38ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZTN2P4QFBK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5JV5DRJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb6190b1cd55fc9e159e6c04cc31c038a7f6a77bf4a2c91cdb904990e6fcb644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105702
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Aug 2024 08:42:30 GMT

GET
H2 200 brevo-conversations.js Show response
conversations-widget.brevo.com/ 67 KB
16 KB 363ms
30ms Script
text/javascript 2606:4700::6812:645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conversations-widget.brevo.com/brevo-conversations.js
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ad6888a019e01ade98dbaba40903ff97fc0ffb6e50c8ac0df2981697955d5ac

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Aug 2024 16:51:32 GMT
server: cloudflare
age: 1231
etag: W/"10daa-191380d7620"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1800, s-maxage=1800, stale-while-revalidate=300, stale-if-error=1800
cf-ray: 8b485f052ba46adf-FRA

GET
H2 200 sa.js Show response
sibautomation.com/ 10 KB
4 KB 300ms
86ms Script
text/javascript 2606:4700::6812:18f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/sa.js?key=gi9zsib1oo3mid1ckfvvv7zr
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash: 3fd2591b426903dfe482be430c758f1e65298cc4889a0386998f467c628fd742

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:30 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2778
cf-polished: origSize=13308
etag: W/"33fc-PJojm/KXu4rtOcPCMDLDXG2IEnE"
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
cf-ray: 8b485f049d6b5d44-FRA
expires: Sat, 17 Aug 2024 08:43:30 GMT

GET
H2 200 recorder.js Show response
web-sdk.smartlook.com/ 6 KB
2 KB 333ms
2ms Script
application/javascript 18.66.122.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/recorder.js

Requested by

Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-68.fra60.r.cloudfront.net

Software

Resource Hash

33e520e8c7e4ce9562634952e9aeeb5fd2f7e6a0d9f01da283d50af6b9738439

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Sat, 17 Aug 2024 08:28:57 GMT
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 813
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Aug 2024 07:59:47 GMT
etag: W/"66b9c0f3-17d1"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: Uy20octUS9rYCWh3bS-aJ9eo5ZT-KrBVkLTdBWWYJq00M69YOpkYOg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 407ms
59ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZTN2P4QFBK&gtm=45je48e0v9193145641z89193141056za200zb9193141056&_p=1723884149515&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=80548265.1723884150&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1723884150&sct=1&seg=0&dl=https%3A%2F%2Fblog.trump-shops.com%2F&dt=Prelander%20%E2%80%93%20Trump%20Shops&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2110
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZTN2P4QFBK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Aug 2024 08:42:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.trump-shops.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm.html
sibautomation.com/ Frame 59E9 0
0 151ms
72ms Document
text/html 2606:4700::6812:18f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/cm.html?key=gi9zsib1oo3mid1ckfvvv7zr
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=gi9zsib1oo3mid1ckfvvv7zr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash

Request headers

Referer: https://blog.trump-shops.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=7200
cf-cache-status: HIT
cf-ray: 8b485f062ce965b4-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 17 Aug 2024 08:42:30 GMT
expires: Sat, 17 Aug 2024 10:42:30 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>

GET
H2

200

sib-conversations.js Show response
conversations-widget.brevo.com/
Redirect Chain

https://conversations-widget.sendinblue.com/sib-conversations.js
https://conversations-widget.brevo.com/sib-conversations.js

67 KB
16 KB

43ms
42ms

Script
text/javascript

2606:4700::6812:645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conversations-widget.brevo.com/sib-conversations.js
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Server: 2606:4700::6812:645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ad6888a019e01ade98dbaba40903ff97fc0ffb6e50c8ac0df2981697955d5ac

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Aug 2024 16:51:32 GMT
server: cloudflare
age: 1298
etag: W/"10daa-191380d7620"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1800, s-maxage=1800, stale-while-revalidate=300, stale-if-error=1800
cf-ray: 8b485f076da96adf-FRA

Redirect headers

date: Sat, 17 Aug 2024 08:42:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
location: https://conversations-widget.brevo.com/sib-conversations.js
cache-control: max-age=3600
cf-ray: 8b485f0739fe383a-FRA
content-length: 167
expires: Sat, 17 Aug 2024 09:42:30 GMT

GET
H3 200 init.399ec86d0a5210e0bafe.js Show response
web-sdk.smartlook.com/es6/ 71 KB
21 KB 288ms
28ms Script
application/javascript 18.66.122.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/es6/init.399ec86d0a5210e0bafe.js

Requested by

Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.122.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-68.fra60.r.cloudfront.net

Software

Resource Hash

a82319478a8a632ff0b7d9a37cabf4ff6a1c82fc5cec5e556212ff5ded735c0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.trump-shops.com/
Origin: https://blog.trump-shops.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 12:36:52 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
age: 331538
x-amz-cf-pop: FRA60-P2
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Aug 2024 07:59:47 GMT
etag: W/"66b9c0f3-11d8b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: ywp2m8E7hC4WobuM_22eJNnD1p_iAZcQrM8eeRAkqaKU4f7kWPQwmw==

GET
H2 200 css2
fonts.googleapis.com/ 738 KB
140 KB 68ms
50ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,700;0,900;1,400&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovepages/css/inpage_published_parsed.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ce81299adb57e6af04e075821f6efce44c1b415c1b8cd8e2a2b14d441e8680a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Aug 2024 08:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Aug 2024 08:42:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Aug 2024 08:42:30 GMT

GET
H2 200 matomo.js Show response
matomo.groovetech.io/ 64 KB
21 KB 136ms
37ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.js
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:31 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3028
alt-svc: h3=":443"; ma=86400
content-length: 21441
last-modified: Fri, 09 Aug 2024 01:45:24 GMT
server: cloudflare
etag: "10132-61f364c06e081-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Va3vRnLURtl4MTERxsHlhq96gY%2F85awl1SJnquLKvgp%2Fs%2FCJA2xkaAl4Ke40XVHzru0l9Ou9UC9I%2FGKy6jSXCEqG3YIceGRPTnf96dMC%2BwtLhFi%2B6Dps2%2Bv7fQRr7zP6hY%2BSSgEnbzll9WbWKh%2FxRrpSMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b485f084d14903c-FRA

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 255ms
43ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.trump-shops.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 14:58:07 GMT
x-content-type-options: nosniff
age: 409464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Aug 2025 14:58:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 253ms
42ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.trump-shops.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:13:05 GMT
x-content-type-options: nosniff
age: 325766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:13:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 257ms
46ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.trump-shops.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:56:27 GMT
x-content-type-options: nosniff
age: 326764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18492
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 13:56:27 GMT

GET
H2 204 p Show response
in-automate.brevo.com/ 0
99 B 164ms
16ms XHR
text/plain 2606:4700::6812:645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.brevo.com/p?key=gi9zsib1oo3mid1ckfvvv7zr&cuid=396e76a3-4b80-4bf2-b0ad-1ce2c6cdda12&ma_url=https%3A%2F%2Fblog.trump-shops.com%2F&sib_type=page&ma_title=Prelander%20%E2%80%93%20Trump%20Shops&sib_name=Prelander%20%E2%80%93%20Trump%20Shops&ma_referrer=&ma_path=%2F
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=gi9zsib1oo3mid1ckfvvv7zr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Aug 2024 08:42:31 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b485f099d7e18e2-FRA

GET
H2 200 wp-emoji-release.min.js Show response
blog.trump-shops.com/wp-includes/js/ 18 KB
18 KB 46ms
46ms Script
application/javascript 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by: Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:31 GMT
last-modified: Thu, 27 Jun 2024 13:51:43 GMT
server: Apache
accept-ranges: bytes
etag: "4926-61bdf6e5539c0"
content-length: 18726
content-type: application/javascript

GET
H2 200 /
conversations-widget.brevo.com/ Frame 873C 0
0 197ms
47ms Document
text/html 2606:4700::6812:645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://conversations-widget.brevo.com/?isModern=true

Requested by

Host: conversations-widget.sendinblue.com
URL: https://conversations-widget.sendinblue.com/sib-conversations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; script-src 'self' https://d13sozod7hpim.cloudfront.net; child-src 'none'; img-src https://d13sozod7hpim.cloudfront.net 'self' data: blob: https://ucarecdn.com; connect-src 'self' data: https://upload.uploadcare.com ws://conversations-widget.brevo.com/ wss://conversations-widget.brevo.com/; style-src 'self' 'unsafe-inline' https://d13sozod7hpim.cloudfront.net; media-src data:; form-action 'none'; block-all-mixed-content; frame-src 'none'

Strict-Transport-Security

max-age=31536000

Request headers

Referer: https://blog.trump-shops.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 380
cache-control: public, max-age=300, s-maxage=300, stale-while-revalidate=300, stale-if-error=1800
cf-cache-status: HIT
cf-ray: 8b485f0a0eda364b-FRA
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' https://d13sozod7hpim.cloudfront.net; child-src 'none'; img-src https://d13sozod7hpim.cloudfront.net 'self' data: blob: https://ucarecdn.com; connect-src 'self' data: https://upload.uploadcare.com ws://conversations-widget.brevo.com/ wss://conversations-widget.brevo.com/; style-src 'self' 'unsafe-inline' https://d13sozod7hpim.cloudfront.net; media-src data:; form-action 'none'; block-all-mixed-content; frame-src 'none'
content-type: text/html; charset=utf-8
date: Sat, 17 Aug 2024 08:42:31 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 admin-ajax.php Show response
blog.trump-shops.com/wp-admin/ 1 B
125 B 213ms
154ms XHR
text/html 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.trump-shops.com/wp-admin/admin-ajax.php?action=pys_get_pbid

Requested by

Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.trump-shops.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:31 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 312ms
25ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 17 Aug 2024 08:42:31 GMT
document-policy: force-load-at-top
x-fb-server-load: 26
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1328, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: bKuQSXKFB5EpadeYz1QMfZqyNVu0p56lQEAoW6TEY7dkDYyGTShvcxeNdcVV8NI2fVIvbOUWJ0UoE4IQVie33w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 matomo.php
matomo.groovetech.io/ 0
345 B 262ms
80ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.php?action_name=blog.trump-shops.com%2FPrelander%20%E2%80%93%20Trump%20Shops&idsite=4&rec=1&r=338158&h=10&m=42&s=31&url=https%3A%2F%2Fblog.trump-shops.com%2F&_id=f446019a06836c79&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension1=66bbc5d1fbbf3253a8736952&dimension2=asEBUrV3W&pv_id=y0ePDK&pf_net=215&pf_srv=577&pf_tfr=188&pf_dm1=2021&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Sat, 17 Aug 2024 08:42:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1o0km%2Foc1OH%2FJNo%2BGzUPwYONKhG9kXuCXrl7S645i%2BhegTLmoRgoP6lcVU9yO3F6m7wHnD0fgEBgoX6asFHE4wGq66tftF7o7Ffqev4UrKMz2GYYc0Xm8FvEbbrFBnEJ7NezrG8KLolv%2B3cLodHHxIQd6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://blog.trump-shops.com
access-control-allow-credentials: true
cf-ray: 8b485f0b488a903c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 1518295538780037 Show response
connect.facebook.net/signals/config/ 71 KB
14 KB 134ms
131ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1518295538780037?v=2.9.164&r=stable&domain=blog.trump-shops.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50ef0abbf02b0f9c54352a51cc905e6979f427293ea6719538ff64528b6f1ff6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 17 Aug 2024 08:42:31 GMT
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=64, mss=1328, tbw=64376, tp=-1, tpl=-1, uplat=85, ullat=0
pragma: public
x-fb-debug: AR5GR37ZzwU0XC+FtJ6EoIigvMuf71MEw4cOxlZRkTXY9MTkirgJkEiXQ2ZSYBcyB+yqmdiMjCpkr1V30UkU9A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 114ms
27ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1518295538780037&ev=PageView&dl=https%3A%2F%2Fblog.trump-shops.com%2F&rl=&if=false&ts=1723884151937&cd[page_title]=Prelander&cd[post_type]=page&cd[post_id]=21&cd[plugin]=PixelYourSite&cd[user_role]=guest&cd[event_url]=blog.trump-shops.com%2F&sw=1600&sh=1200&v=2.9.164&r=stable&a=dvpixelyoursite&ec=0&o=4126&fbp=fb.1.1723884151348.2673945395&cs_est=true&ler=empty&cdl=API_unavailable&it=1723884151719&coo=false&rqm=GET

Requested by

Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1328, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 17 Aug 2024 08:42:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 423ms
337ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1518295538780037&ev=PageView&dl=https%3A%2F%2Fblog.trump-shops.com%2F&rl=&if=false&ts=1723884151937&cd[page_title]=Prelander&cd[post_type]=page&cd[post_id]=21&cd[plugin]=PixelYourSite&cd[user_role]=guest&cd[event_url]=blog.trump-shops.com%2F&sw=1600&sh=1200&v=2.9.164&r=stable&a=dvpixelyoursite&ec=0&o=4126&fbp=fb.1.1723884151348.2673945395&cs_est=true&ler=empty&cdl=API_unavailable&it=1723884151719&coo=false&rqm=FGET

Requested by

Host: blog.trump-shops.com
URL: https://blog.trump-shops.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sat, 17 Aug 2024 08:42:32 GMT
document-policy: force-load-at-top
x-fb-server-load: 21
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7404026056800899815", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1328, tbw=3092, tp=-1, tpl=-1, uplat=315, ullat=0
pragma: no-cache
x-fb-debug: 5q1cZi0NsLomY37GDeCFAklIi9EoxBiIF3G09wglAIUKpXV+YkHruTRszxaeZms89IQ9FHhYSRV0VsJqJHrEQw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7404026056800899815"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cropped-455519721_26588433960802978_7868284562557348753_n-32x32.jpg
blog.trump-shops.com/wp-content/uploads/2024/08/ 1 KB
1 KB 25ms
25ms Other
image/jpeg 2a01:4f8:d0a:63ec::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.trump-shops.com/wp-content/uploads/2024/08/cropped-455519721_26588433960802978_7868284562557348753_n-32x32.jpg
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:63ec::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: ee46aeea9e7dc98178c49740a3cd94e907b729b4701889082300d5d6b044f234

Request headers

Referer: https://blog.trump-shops.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:42:32 GMT
last-modified: Thu, 15 Aug 2024 10:29:08 GMT
server: Apache
accept-ranges: bytes
etag: "4a9-61fb650170c0e"
content-length: 1193
content-type: image/jpeg

POST collect
region1.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZTN2P4QFBK&gtm=45je48e0v9193145641za200zb9193141056&_p=1723884149515&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=80548265.1723884150&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1723884150&sct=1&seg=0&dl=https%3A%2F%2Fblog.trump-shops.com%2F&dt=Prelander%20%E2%80%93%20Trump%20Shops&en=scroll&epn.percent_scrolled=90&_et=39&tfd=7183

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.blog.trump-shops.com/	1970-01-20 23:34:36	Name: handl_landing_page Value: https%3A%2F%2Fblog.trump-shops.com%2F
.blog.trump-shops.com/	1970-01-20 23:34:36	Name: handl_ip Value: 2001%3A1b60%3A1010%3A3%3A1011%3Abfcd%3A26c1%3Abb45
.blog.trump-shops.com/	1970-01-20 23:34:36	Name: handl_original_ref Value: https%3A%2F%2Fblog.trump-shops.com%2F
.blog.trump-shops.com/	1970-01-20 23:34:36	Name: handl_ref Value: https%3A%2F%2Fblog.trump-shops.com%2F
.blog.trump-shops.com/	1970-01-20 23:34:36	Name: handl_url Value: https%3A%2F%2Fblog.trump-shops.com%2Findex.css%3Fv%3D1.1723731214
.trump-shops.com/	1970-01-21 08:27:24	Name: _ga Value: GA1.1.80548265.1723884150
.trump-shops.com/	1970-01-21 08:27:24	Name: _ga_ZTN2P4QFBK Value: GS1.1.1723884150.1.0.1723884150.0.0.0
.blog.trump-shops.com/	1970-01-21 03:12:56	Name: sib_cuid Value: 396e76a3-4b80-4bf2-b0ad-1ce2c6cdda12
sibautomation.com/	1970-01-21 03:12:56	Name: uuid Value: e0a55d65-c97e-4636-ba94-5910123a5cd8
blog.trump-shops.com/	1970-01-21 08:17:19	Name: _pk_id.4.1e79 Value: f446019a06836c79.1723884151.
blog.trump-shops.com/	1970-01-20 22:51:25	Name: _pk_ses.4.1e79 Value: 1
blog.trump-shops.com/	1970-01-20 22:51:27	Name: pys_session_limit Value: true
blog.trump-shops.com/	1969-12-31 23:59:59	Name: pys_start_session Value: true
blog.trump-shops.com/	1970-01-20 23:01:28	Name: pys_first_visit Value: true
blog.trump-shops.com/	1970-01-20 23:01:28	Name: pysTrafficSource Value: direct
blog.trump-shops.com/	1970-01-20 23:01:28	Name: pys_landing_page Value: https://blog.trump-shops.com/
blog.trump-shops.com/	1970-01-20 23:01:28	Name: last_pysTrafficSource Value: direct
blog.trump-shops.com/	1970-01-20 23:01:28	Name: last_pys_landing_page Value: https://blog.trump-shops.com/
blog.trump-shops.com/	1970-01-20 23:01:28	Name: _fbp Value: fb.1.1723884151348.2673945395
blog.trump-shops.com/	1969-12-31 23:59:59	Name: first-visit Value: 1723884151400
blog.trump-shops.com/	1969-12-31 23:59:59	Name: hasVisitedPopupPage Value: true
.trump-shops.com/	1970-01-21 01:01:00	Name: _fbp Value: fb.1.1723884151348.2673945395

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://blog.trump-shops.com/index.css?v=1.1723731214 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kit.fontawesome.com/e7647a48d4.js Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.groove.cm
assets.grooveapps.com
blog.trump-shops.com
connect.facebook.net
conversations-widget.brevo.com
conversations-widget.sendinblue.com
fonts.googleapis.com
fonts.gstatic.com
images.groovetech.io
in-automate.brevo.com
kit.fontawesome.com
matomo.groovetech.io
region1.google-analytics.com
sibautomation.com
web-sdk.smartlook.com
www.facebook.com
www.googletagmanager.com
region1.google-analytics.com
18.66.122.68
2001:4860:4802:34::36
2606:4700::6812:133e
2606:4700::6812:15b4
2606:4700::6812:18f3
2606:4700::6812:645
2606:4700::6812:f9e9
2a00:1450:4001:812::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200a
2a01:4f8:d0a:63ec::2
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3121::3
0db4697203567ce95a2790b996b7b5a20ab46e358d2dcceb1e07e2c217764d6d
0f3d863879ef08a122ac5540fce116b6644fc764baa5c3d626844a1916f9916c
136acda5fd3e3d3f513128119e42cf70bbd234c71c210b102e3d4d3ca0637e0c
1590e5397c2ead18aed5c0773f42cfb0c51aa70bd84b5f74fae4b14ccf36cf05
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
2ce81299adb57e6af04e075821f6efce44c1b415c1b8cd8e2a2b14d441e8680a
312b49a6454e84b05cbc72fbb61217c2b4e7d1cba1b1993293072396276fc188
33e520e8c7e4ce9562634952e9aeeb5fd2f7e6a0d9f01da283d50af6b9738439
36cc3d1c89238b48ce5998ea5d9a130ecf7311973abba6a9253c5fa616bc8511
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
3d6118c6a6e31a9d0bf1d942e03447ee46c2ee63657ea1dcbc36e9eb198dd3d3
3fd2591b426903dfe482be430c758f1e65298cc4889a0386998f467c628fd742
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
50ef0abbf02b0f9c54352a51cc905e6979f427293ea6719538ff64528b6f1ff6
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
57b3ca9ce410af539ec9d41a6dac01cfd7ab08057d765148e41248633349fb76
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60e3083dd987ec50c560bf8219fd9dfb1a6f3b546c405be9218448f7e0bb9368
612c7268d82895019e8b18ec61941fd00d0ada067dae8facb7b9c2bade385a4d
6f6450f2c1471c850daa140c041abb0c1f8bd1b8336240a53b604e318f6cd53e
6f69140fa5c83536f52bcd3c902b44f35d9e9386d1575c6eb46b061893e3837d
7aa17ffa3e7cf0f4705a2d85980ad25ecdf8649e6cdbf3753b61aa33769f618c
7bb69f2363b8d61ca79aa77346468236ea06c62560a5b58bdff97e99c3bd7d65
7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322
83673d07cef3cfcacfb50b62af83c157792d33522dd2a4c3bee812e8baff056b
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8ad6888a019e01ade98dbaba40903ff97fc0ffb6e50c8ac0df2981697955d5ac
9997750d31862a734133bc22daec5c8309ba432ca1cb2cf808c0f07c89d37652
99d5027485ea4cc43f6b2a648b1a67213fabeffaea5f1f0b5a1d6fe9c1badf13
9a25f588e93d7e43349fcef5d04be4b8f46bda70639b8f5b66dbc773da18ca6b
9df116c3e745586a007e2e8794869bcb6c041b075eb4945a0a04b23129c1e298
a82319478a8a632ff0b7d9a37cabf4ff6a1c82fc5cec5e556212ff5ded735c0e
aa5e7eeaf70fc300c97f8e5a16c03a1d991f3f97333b0b7c70ba9cd1df68dd75
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b88460b901184a8c110874fae048b1c8e2ad98bd5e61db8ce6c94059be477b1c
be9fd8fcea458eae07d70cfbb97851f8aaffa032eb02faafe871b30b2df13d60
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
c7342b6fddb58a7aec583a6476be02b2221c35d3693fbd070a1f9a876c66e6ce
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d472c6dc0eac7e2287635400d88ce4fe64211ba51929027fad3e45fa84b6c302
d7d2595664ca964344fb1cedc53b0c6cba1c89b2a8b18a3bde2a5e1d78f9e141
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e126947de08d7072bfd7cdbe36262f3b5ce5750a1eaccfdd3d2b4f182ffa8088
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c904ca22994aca271b12b0715582029ca1b4339c85722d89e008b568fabfb8
ea5e42100d38cd71f9f9094c4a31c9db8e6fbaf94382e9f7c2ab5174614b772a
ee46aeea9e7dc98178c49740a3cd94e907b729b4701889082300d5d6b044f234
f0fa06655078e0ac20e2af926a55c9e56ce3484ddc439cb4643a7f8c8f6ac031
f4d7dcc49b91d63d4175cd0bcbf3547aa4ef1eeb2b5839d74bee58cb2775afde
fb6190b1cd55fc9e159e6c04cc31c038a7f6a77bf4a2c91cdb904990e6fcb644

blog.trump-shops.com Open in urlscan Pro 2a01:4f8:d0a:63ec::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

95 %HTTPS

93 %IPv6

15 Domains

17 Subdomains

14 IPs

2 Countries

2865 kBTransfer

5321 kBSize

22 Cookies

2 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.trump-shops.com Open in urlscan Pro
2a01:4f8:d0a:63ec::2 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

95 %
HTTPS

93 %
IPv6

15
Domains

17
Subdomains

14
IPs

2
Countries

2865 kB
Transfer

5321 kB
Size

22
Cookies

64 HTTP transactions
0 data transactions