offer.trumplighters.com Open in urlscan Pro
172.67.131.253 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://18.171.154.30/dsfdgfhgjhghfgdfsdfdgfhgj/fgfhgjhkjghfgdfs
Effective URL:
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&...
Submission: On July 16 via manual (July 16th 2024, 2:21:56 pm UTC) from SG — Scanned from GB

Summary HTTP 33 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 33 HTTP transactions. The main IP is 172.67.131.253, located in United States and belongs to CLOUDFLARENET, US. The main domain is offer.trumplighters.com.
TLS certificate: Issued by GTS CA 1P5 on June 3rd 2024. Valid for: 3 months.

This is the only time offer.trumplighters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.171.154.30 18.171.154.30	16509 (AMAZON-02) (AMAZON-02)
1 2	35.190.39.198 35.190.39.198	15169 (GOOGLE) (GOOGLE)
1 1	72.167.211.14 72.167.211.14	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
26	172.67.131.253 172.67.131.253	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.110.52 13.32.110.52	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	108.156.2.48 108.156.2.48	16509 (AMAZON-02) (AMAZON-02)
1	54.171.240.112 54.171.240.112	16509 (AMAZON-02) (AMAZON-02)
33	7

1 18.171.154.30 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-171-154-30.eu-west-2.compute.amazonaws.com

18.171.154.30	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.198 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 198.39.190.35.bc.googleusercontent.com

www.y6hjvtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.167.211.14 (Ashburn, United States) 1 redirects

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 14.211.167.72.host.secureserver.net

www.toastyheat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.67.131.253 (United States)

ASN13335 (CLOUDFLARENET, US)

offer.trumplighters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-52.vie50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.2.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-48.mxp63.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.240.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-240-112.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	trumplighters.com offer.trumplighters.com	1 MB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	60 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	173 KB
2	y6hjvtrk.com 1 redirects www.y6hjvtrk.com	10 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 8904	171 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
1	toastyheat.com 1 redirects www.toastyheat.com	290 B
33	7

	Domain	Requested by
26	offer.trumplighters.com	offer.trumplighters.com
2	www.googletagmanager.com	offer.trumplighters.com www.googletagmanager.com
2	www.y6hjvtrk.com	1 redirects www.googletagmanager.com
1	content.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.toastyheat.com	1 redirects
33	8

This site contains links to these domains. Also see Links.

Domain
electriclighters.com

Subject Issuer	Validity	Valid
trumplighters.com GTS CA 1P5	`2024-06-03` - `2024-09-01`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
y6hjvtrk.com Starfield Secure Certificate Authority - G2	`2024-04-26` - `2025-05-28`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Frame ID: 63CBC78BF2CA734B4B2619CF38E29A73
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trump Lighter

Page URL History Show full URLs

http://18.171.154.30/dsfdgfhgjhghfgdfsdfdgfhgj/fgfhgjhkjghfgdfs HTTP 307
https://18.171.154.30/dsfdgfhgjhghfgdfsdfdgfhgj/fgfhgjhkjghfgdfs HTTP 307
http://18.171.154.30/dsfdgfhgjhghfgdfsdfdgfhgj/fgfhgjhkjghfgdfs HTTP 302
https://www.y6hjvtrk.com/4XKLCJ/363TCP/?sub1=Lighsfdfsgreen HTTP 302
https://www.toastyheat.com/trump.php?sub1=Lighsfdfsgreen&clickid=21a752e8e3bf4ef6b1b2168aee1bc79f&aff=8... HTTP 302
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

22 %
IPv6

7
Domains

8
Subdomains

7
IPs

4
Countries

1532 kB
Transfer

2652 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://electriclighters.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://electriclighters.com/terms/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://electriclighters.com/contact/
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://18.171.154.30/dsfdgfhgjhghfgdfsdfdgfhgj/fgfhgjhkjghfgdfs HTTP 307
https://18.171.154.30/dsfdgfhgjhghfgdfsdfdgfhgj/fgfhgjhkjghfgdfs HTTP 307
http://18.171.154.30/dsfdgfhgjhghfgdfsdfdgfhgj/fgfhgjhkjghfgdfs HTTP 302
https://www.y6hjvtrk.com/4XKLCJ/363TCP/?sub1=Lighsfdfsgreen HTTP 302
https://www.toastyheat.com/trump.php?sub1=Lighsfdfsgreen&clickid=21a752e8e3bf4ef6b1b2168aee1bc79f&aff=87&utm_source=87-Lighsfdfsgreen&utm_content=44&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f HTTP 302
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request pre5 Show response
offer.trumplighters.com/trump/en/us/
Redirect Chain

http://18.171.154.30/dsfdgfhgjhghfgdfsdfdgfhgj/fgfhgjhkjghfgdfs
https://18.171.154.30/dsfdgfhgjhghfgdfsdfdgfhgj/fgfhgjhkjghfgdfs
http://18.171.154.30/dsfdgfhgjhghfgdfsdfdgfhgj/fgfhgjhkjghfgdfs
https://www.y6hjvtrk.com/4XKLCJ/363TCP/?sub1=Lighsfdfsgreen
https://www.toastyheat.com/trump.php?sub1=Lighsfdfsgreen&clickid=21a752e8e3bf4ef6b1b2168aee1bc79f&aff=87&utm_source=87-Lighsfdfsgreen&utm_content=44&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f
https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87

20 KB
6 KB

136ms
81ms

Document
text/html

172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89b0dcd07eedfa41cdb14251251d2289ba92f478ca9383975135221c6ad2964e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 91232
alt-svc: h3=":443"; ma=86400
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
cf-cache-status: DYNAMIC
cf-ray: 8a42a41b1b236409-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 16 Jul 2024 14:21:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6IFGkV%2F1GF4asKFNOFcsV4TVlpHW0XKeo9Gv208QsYctl6XqBWG%2B%2F4jEIEZUKzUEn1fXYLw2n9Hp5mKUwCWCP%2BiSslqZ8g74Eqn8BfnoOgmo5NFL4JdywW5qnKHgVxYw9cL1g%2Br6z4muUA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-nf-request-id: 01J2XYQK8VAAFFB4PWV0YJMK3Z

Redirect headers

content-encoding: br
content-length: 5
content-type: text/html; charset=UTF-8
date: Tue, 16 Jul 2024 14:21:51 GMT
location: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
server: Apache
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 style-pre1.css
offer.trumplighters.com/trump/en/us/css/pre/ 37 KB
8 KB 87ms
86ms Stylesheet
text/css 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb578811acec354d0efcf56fdd812405b5ef15dbc45f6b306294947bd67e2a1c

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J2VKKFJ7MD1MSJ1DRQAP14CC
date: Tue, 16 Jul 2024 14:21:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"bbf133a6063c9f3cf502b482dd13ca2f-ssl-df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I7YbPReYdKK%2FpEpsrvsIIBO6tDz%2FOnxaq5ioy5E3hGyJWUNV%2F7r1NsRfJJSvYCazD2wG3llmGnk6lLHSU9pgWeEVzEXF0oVXfVZiBUdLq3TEYDR0RuZ%2BfsvYUMvSuXcx3%2Bd81GaIPIPjkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8a42a41babde6409-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo.png
offer.trumplighters.com/trump/en/us/img/pre/ 4 KB
5 KB 79ms
79ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/logo.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ce6db5e52a303b321fa5f07a6ff4b8d3c030a815234150b8622bd820bbdc39b

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J2P0MF9PMBC79S2S1FW8QHJ6
date: Tue, 16 Jul 2024 14:21:51 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "054d5555812a45e504f9ab9871185dd6-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CpzuqWlvZsvR2pGPdpJxNEnsbXZDQNxEWD8nZ7qb%2F7KRBtEJ7ZocJIxigq9mhlqCefNPElP8rvmR%2Bbh60uYkkSroz%2FfMTrUFcoE2KgsFEz9jYUWrtoSpiMSPZUoo%2BeDR7sV0R%2BOBAqyPQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a41babdf6409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 4396

GET
H3 200 author-img.png
offer.trumplighters.com/trump/en/us/img/pre/ 6 KB
7 KB 80ms
74ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/author-img.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6318f5d803ae122c3f43a480a870cc8fa6dc0b18198506b95dfb4a3b2b2351d3

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J2P0MFPE4D3FARF11ENZGZ3F
date: Tue, 16 Jul 2024 14:21:51 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "08b8c15d6aad33ad50fd2132a8f4f7e6-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wmK5%2B%2Bm0AJA0pcTrTcGOWeLPa9kJS8R90ue%2BTV4osvZkNFAHJXOtXMJK6DhdPwIg1BPLUo8AjywKUWRTgg7ICzj9ltaZ7QXPdYg05B6PbREgl8EOGXcseuIftTlkzt6Lnvu%2BcUeocDQfLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a41c6d826409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 6336

GET
H3 200 Rectangle%2036.jpg
offer.trumplighters.com/trump/en/us/img/pre/ 38 KB
39 KB 102ms
102ms Image
image/jpeg 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/Rectangle%2036.jpg
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa12c82c086b1e0aab0944417ac77add7f2cefa828940637f686cd29ff7a899c

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J2P0MF8Q880AR1MC8A81FYMS
date: Tue, 16 Jul 2024 14:21:51 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "e7084b406f4b6eb938ec98cd81252902-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b9aG8XppkFn7F3m4zLqV3tYW1eaHyT4rZ7RI%2Faf%2FnVLQE7kquLe4N82cjmhH8F4cTkXofDWjaKDUt592qOxr1bfO4n66H%2F7%2BzFucW0C6J38ptAzi1Btr%2FbOAi6P%2FnQTnktafnLoAlmEq7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a41babe16409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 38941

GET
H3 200 Rectangle%2054.jpg
offer.trumplighters.com/trump/en/us/img/pre/ 91 KB
91 KB 193ms
192ms Image
image/jpeg 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/Rectangle%2054.jpg
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f364f10c2ee55cda4e6279af70d8059f7571277c8971649c4a56b2320d508f3

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J24PAHJQ9X02TMK68ES534SM
date: Tue, 16 Jul 2024 14:21:51 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "5de9f5f2a1aafb3caee378ffa4481230-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZN5UwqNTubHFm00KKcpSCHZuFxK6qmXNDZSQN1rORCfR5D%2FeeA4HH%2BHpxIN6bm2CR3nY7k2eQWphXc2Y1NnVlLWl0hTKLYgvmmjyxdgwv0%2FGaFopXImkDL%2BVKX%2FYdwinmO1Ym%2B5OT4B7tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a41c2d236409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 93091

GET
H3 200 Group%20248.png
offer.trumplighters.com/trump/en/us/img/pre/ 152 KB
153 KB 173ms
172ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/Group%20248.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4d781b20d03091203589da1c2e8871f79f04f858ce95311c3977645cbd34731

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J2RK70WC26WGXY5MVNEK2Y1D
date: Tue, 16 Jul 2024 14:21:51 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "e8fdde36a6f691529f15f932b83c8f80-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lC%2FcuXivd43TlaNZbouFn%2FPPqLsWQXl1XBJa6NOxPCIDGcJtp2yCux%2BMJia1AOZwdODc9PfjUBskCdVIoRkeajg%2F77TJ1vmk3qJ%2BApdaWqkCdmUOUSx5eINnADGrAkTb1RM0ZqNLgjOAAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a41c5d5b6409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 156135

GET
H3 200 right-img3.jpg
offer.trumplighters.com/trump/en/us/img/pre/ 129 KB
130 KB 180ms
177ms Image
image/jpeg 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/right-img3.jpg
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53a8318a4b95a737f39f6bbdacf9b47140b6acc336054bf3a9731f34e96f583f

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J24PAHJKK3ZGGRNHCSS2S0K9
date: Tue, 16 Jul 2024 14:21:51 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "96fa553d925497aa8e08921d0df640aa-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=au82is5EJ4YPlr%2Flqzy4L0gh8mM47LCYOySBZxgt6w7Dph%2FZt3BxytMXHQiis18ClZwNulKonSYa%2BLw4icokBLeeN%2Fy8Gs5ulqXTvlRm9y3HdRXd26sqh0sS%2BBzo431IV2NCyWnYBrSrnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a41c5d656409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 132512

GET
H3 200 cut-icn.png
offer.trumplighters.com/trump/en/us/img/pre/ 3 KB
4 KB 76ms
70ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/cut-icn.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76f1f6526cb7d13d927dd098ab11b373d670c5bfe824d3afcb2b9c132ec25583

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J2RK70WH8FJ5J1P0EES00TWC
date: Tue, 16 Jul 2024 14:21:51 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "282e413e5bdedaebbfae92bad8bfa6c0-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yxyOrlnJWbWbe4PS2hvN4QcfzBVM3OXGdTe61lUr0ohF%2BWDeyvZ4ggAyuCsQh%2BeHDgvZ4Wp%2F2DtaJE525l%2FAYaRBtVP0a2sj1FjT7RdjGqdaoaDaxFKQFtPul2t3D5aWVVpq9twZEGyFjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a41c6d836409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 3554

GET
H3 200 yello-bdr-tick.png
offer.trumplighters.com/trump/en/us/img/pre/ 2 KB
3 KB 85ms
79ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/yello-bdr-tick.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfb127f31cb64bbf68d03d747caa6e5c94c139f37c0b4c538f706ba7e0626e93

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J2P0MGAN9HK85PH4R26GHAP6
date: Tue, 16 Jul 2024 14:21:51 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "0568b01bf1fe436e420bc79c63aa8945-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2FPOTBIi1mn6eUGt7L4iL7OhrWocdOkBAEwjKrBiyG9Lpji8L9Xn6YGZW9alcCKkGd%2B4M2gg3DRHnO%2BmTBC%2FIRSX4UwSox9OZThx5xlid4pIMRZIOMRV%2BJU5Zppg728X8e97oIz2qo6zaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a41c6d866409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 2385

GET
H3 200 Group%20253.png
offer.trumplighters.com/trump/en/us/img/pre/ 18 KB
19 KB 98ms
91ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/Group%20253.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ae01720dd802bf5224efe3f6f44380d324dc049fdacb2754eb403c34e492273

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J24PAHK0PPH9REP3Z2Z8ARAK
date: Tue, 16 Jul 2024 14:21:51 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "94b4625f8e8c9ade198718040dab5323-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9j0pGgHOcQ2qE5o53T3gYhG%2FajcG8KuSd7mXGCQyjaDQeHi6aoEEj4USLcKIZZdJZSVpVPYW5eLKc3OMVJMwnt8aKn75M0uHgl54kDIeUuCjnDYXT1CxuXU770wdD5UjoXzCdvbBY2ulA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a41c6d876409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 18824

GET
H3 200 s7-card-1.png
offer.trumplighters.com/trump/en/us/img/pre/ 23 KB
23 KB 139ms
133ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/s7-card-1.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a538fdf41aff5cb1c6c89d3ce52bac81d0b42e4116feea7b14d21036fa2195c5

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J2P0MGGE0WF2RMFR6T07S6ZX
date: Tue, 16 Jul 2024 14:21:51 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "0a404773d180ae31cac82162850687b0-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TgLtoP3quGyqCqyqvadrgCVt5t1T8lxcfvX5%2Frr%2Fw3xwy5wuLbz%2FSsltQXqfteBPPg9GNmaGshSCJKI6koM7IeaSNBeUBuiuwiKR5EW1CvVqX9QTykBMVOHjxkVWIfdEFGeYfdjfIuWdRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a41c6d896409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 23281

GET
H3 200 Group%20250.png
offer.trumplighters.com/trump/en/us/img/pre/ 13 KB
13 KB 74ms
68ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/Group%20250.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b691dd6aecaa3ece62e9afd6bdb265a918dfc12cb9e8ad2b24a1e0726ee650d

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J24PAHJPFGRJ7SFK7W5QPNCN
date: Tue, 16 Jul 2024 14:21:51 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "09eb1c4c4512a0935279a67060503211-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FoW%2FLSHSIad%2BR1rhdjDOEHxJdJgph9BYvzj4XyN6ILWXymS%2FLMgBPHuPxemWZl%2F0yZQDlxdJTrqAEbRS4lES5jD8TAU0njIvbzkj08CL%2FdB0wSt39InBI4Sru1b%2BTqRI44Wjfugbd0k2nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a41c6d8c6409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 13270

GET
H3 200 btn-arw.png
offer.trumplighters.com/trump/en/us/img/pre/ 1 KB
2 KB 163ms
159ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/btn-arw.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af43b4c9ff0572b4fed1935a9bde8986d0adb73484dca46a5489e337b866e30d

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J24PAHK3KA47P8JMM20GD6BQ
date: Tue, 16 Jul 2024 14:21:51 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "cea4c51cd237871514e8eadf94a9d2b1-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15ZBG0063SXPmPOTgN6raIZTUmmwkugup9H4OgE7tHr2xhcHatZklSZGBbDGGz62cA0F2zpt9CximfdQnH3vTakC9LaSQmTeSliOBupxkdQBsMbR6Z9CQ3gHOtVo8JY4Hggl2oxRqBG9hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a41c6d8d6409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 1063

GET
H3 200 LogoF.png
offer.trumplighters.com/trump/en/us/img/pre/ 6 KB
7 KB 94ms
89ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/LogoF.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbf6ba2b04ebea1f8b07edb4267779c5170b0cfaba01075372d7ee2522ece9ee

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J2J1G1HW2X6G9SE61J1B44CW
date: Tue, 16 Jul 2024 14:21:51 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "4a16ee19f89a7e5cdc960ba340960397-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y42aT6L7Cm3%2FMOKISe1mt3kNVDXuEpf1c4doMKGSgXTAFx6fFCSTtzGoC1YvWOcJqRd6Ukxp4%2BF7U33WKkADkKGzLsC967%2FsxUmLHPd5mDleAfWjo22Gx0tdAE1Uq77wKP4pNu7QicwXkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a41c6d8e6409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 6126

GET
H3 200 email-decode.min.js Show response
offer.trumplighters.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 41ms
33ms Script
application/javascript 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.trumplighters.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 14:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jul 2024 08:14:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"668f945f-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O3zY57KFtky7rnIeDHpKVpv0IOaU8fn8DJb8tqicvGdfB3virOAsGVnIkvCU3ShJ3u8l%2FKt4Vvf0H6YT4rDdn9VnvF7D6v83Vzyk5n4K1ao1VmCPyEtbRispwei2e4v4Z3hktTg9pF5UCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8a42a41c6d7a6409-LHR
expires: Thu, 18 Jul 2024 14:21:51 GMT

GET
H3 200 jquery-3.6.0.min.js Show response
offer.trumplighters.com/trump/en/us/js/pre/ 87 KB
32 KB 155ms
146ms Script
application/javascript 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/js/pre/jquery-3.6.0.min.js
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J2XHK6E9D45TKT3XG9TVVD5J
date: Tue, 16 Jul 2024 14:21:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"d02571e3593c7ac903004599031cdc0e-ssl-df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xw8mbpHphGiJALrIC3IPFbmcrKrJO59dTVsU6KtlnTCjKXWTijk5Gt%2BVJHG%2Bc13xFaVYNs9h7PG1vqb4zGla%2B2P5NNzcLmAFkSg8dH%2BBZkdHahkzx%2BF2nM2tH7cHFtELdcAQAIFnDYrliA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8a42a41c6d7e6409-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.sticky.js Show response
offer.trumplighters.com/trump/en/us/js/pre/ 4 KB
2 KB 127ms
118ms Script
application/javascript 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/js/pre/jquery.sticky.js
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cf7833ee174c4af5765d79030bd45b759e7c1d47799e4062b8ad64cf7b3d581

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J2XHK6EC9FE7V5FFMYEND3CX
date: Tue, 16 Jul 2024 14:21:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"4d0cd952936b15bf95416a49f2f8ffd1-ssl-df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJn%2BbV%2FssVubMvUFareKWleeRhHM2FRJhBT1qTFasESqgxWCyqNSr1jEd9PsQRQvwpRvAgIS8YtdjghcmnI1nwyWvwLpoeXky3wzlYjqs6vmm8eWtJcuCYi%2F21rHD%2BRv6ggKhsnIQR%2FX0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8a42a41c6d806409-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 campaign.js Show response
offer.trumplighters.com/trump/en/us/js/pre/ 24 KB
4 KB 88ms
79ms Script
application/javascript 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/js/pre/campaign.js
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9ea17f3b92f547393274b661ed542513d53e8a8e95da34aa92ae11e2744f5bb

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J2XNQYXMD4NSQFDF4YZ7TF2A
date: Tue, 16 Jul 2024 14:21:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"79ca8a82abeb3c905014d956d4f6753a-ssl-df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NsklgK2M6%2BZVEqSFE8S4%2FnObJJjBlqujkPBQsRQZJGdfq1CXxnGrYTOhZjSj%2Bz21MnzWkKE1lHscWfVYrm9wMpKo5wcJbLF03dKrJu%2BHff7wJ2iXRs4S5C%2Fu7xUGlr8jYzyFuvwB1m6DkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8a42a41c6d816409-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
71 KB 139ms
52ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6J4G4J

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5fe27ff2b556e8095461b4e1fd4207a03cef3097fd20f5fe3c5ed99a563271f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://offer.trumplighters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 14:21:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72373
x-xss-protection: 0
last-modified: Tue, 16 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Jul 2024 14:21:51 GMT

GET
H3 200 Group%20255.png
offer.trumplighters.com/trump/en/us/img/pre/ 60 KB
61 KB 90ms
88ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/Group%20255.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beefc344e4a6c4a5e667bb68de613543765c946d454b8c5dc78997a5e47764c4

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J24PAHMAJPCQCYJJZW60RM4M
date: Tue, 16 Jul 2024 14:21:51 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "d8db728b46f33764d7f003ea377a2f69-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gl4smAlipmuqTFBXDDF9gwNrRgimlLLuzpeRcePyzQdl5hlvdAcpfaHEbQFpKoUBS%2B9YBQuB02axX0X0e%2FfjdNe8OE0tbwzCfBIbsTUiGGutM5UVYGqkUIKidhxsmLww5b3cMk%2F7QpSipQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a41c6d906409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 61774

GET
H3 200 Group%20249.png
offer.trumplighters.com/trump/en/us/img/pre/ 217 KB
218 KB 160ms
157ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/Group%20249.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 627483e2cdfe6ea853aed8560860b80dcedfae93bd2e85f8c8c4d2c3cfee823c

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J2P0MG5NYVPNE8GKRRGZGP5V
date: Tue, 16 Jul 2024 14:21:51 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "718107a0db9d48fd169c2f537e2895fd-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=juliyX9QCuIFT8zCeAdULDCwJ6cYuAXV6LkMUa1Ub58HnfsPfCki5KwK75LqnKGVV9W2K2asktWt3JuH%2Fj1UyOKD9nJqFhVsQsOUfnHUrE3%2BEv81o9UBI27syCc%2FbZODsGmOsSkocahdZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a41c6d916409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 222370

GET
H3 200 Inter-Regular.ttf
offer.trumplighters.com/trump/en/us/css/pre/ 303 KB
140 KB 97ms
95ms Font
font/ttf 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/css/pre/Inter-Regular.ttf
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3127f0b873387ee37e2040135a06e9e9c05030f509eb63689529becf28b50384

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Origin: https://offer.trumplighters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J2RK717SAH0TFM8WWX6SP3EA
date: Tue, 16 Jul 2024 14:21:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"798536f5da2329d2a37de67236c0ff0f-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EgCWlMnAJMBmwctm1O0IpqnC%2B93lqjnXjod8ZRRvZmfpj1uUO6o6JaQ%2BWHJWjPXRuswoWcNNzLvrt24bCK%2FDci%2BnV7utIcU3fDWflO4G6P4gyz1Ng23D4NDnvJBrW6LPWYYR3jgrxQSg8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8a42a41cade46409-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 Monarcha%20W01%20Regular.woff2
offer.trumplighters.com/trump/en/us/css/pre/ 20 KB
21 KB 78ms
76ms Font
font/woff2 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/css/pre/Monarcha%20W01%20Regular.woff2
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f14094f640c5cd971656c6e59efdbdcc7bf4468a78ae4decd012bed0bd49d777

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Origin: https://offer.trumplighters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J24PAHNB42SG4A7B9JG9M1XX
date: Tue, 16 Jul 2024 14:21:51 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "8f31c9da01f3110c6ce848b4cc2c3a76-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b3TR%2FjhBKW%2Bx%2BlAEXr%2FxoSeeAX7lUTSrDv2ofUI5WzxS2pYnzFRCXfMDNS90R%2Bc2pKh%2FJo%2BPt%2ByZLQEIIDyhbh9uPqKevJB8K44MEXPNSRuoh%2F%2BeFmR%2FMw26qrxu0fqBMbvGsbmlm%2Bvxvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a41cade66409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 20544

GET
H3 200 Inter-Bold.ttf
offer.trumplighters.com/trump/en/us/css/pre/ 309 KB
151 KB 166ms
165ms Font
font/ttf 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/css/pre/Inter-Bold.ttf
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 412c068eab6f36e6807d630ff89127165e8e4d3e8653434cdfb56b60cdcc3a32

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Origin: https://offer.trumplighters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J24PAHNFF2EGYF4RWZ8Z0FY4
date: Tue, 16 Jul 2024 14:21:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"5dd1b2eaa6391e430b738445c110195e-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9P3rIpzacLNNQcO4rOtrKDroHG7TnIr75NQuiEbp50V80Zfr3xXAxSuZqZH4%2FRZx6JKWLcuu2F9QbZShvjMjeHz%2BlMdm8DE%2Bu3v2y0Y8BFb1VDV7MShe1VJAKPwH1mJGueDijkxek1VfKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8a42a41cadeb6409-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 Inter-Semibold.ttf
offer.trumplighters.com/trump/en/us/css/pre/ 309 KB
150 KB 101ms
100ms Font
font/ttf 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/css/pre/Inter-Semibold.ttf
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0b540e69bf6717016e33874670e09acf4bffc2ca3f4c1cf174a4ff696308c65

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Origin: https://offer.trumplighters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J2P0MG2DNK4667GPV138TBM4
date: Tue, 16 Jul 2024 14:21:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"e325e00a37e13471c206ac1103d0ff30-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cZsCvkZYfzexqw60AgQKWj0pERGKULCex06gBywK9aa%2BGoI0GYJobxd7fXGjvs4xBhqxjnBmstB6SKF5grPR%2FhdqqKPlMgPMQVS7CmsW5nSlg4FfZzX4chO46J9u%2FfEL621tVzbhWTEYPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8a42a41cadee6409-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
102 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-05H6BTS6HK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6J4G4J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e7025d14707d0ec3d7393c317156e9555f4060c3ac9bbc9062d496e08a041e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://offer.trumplighters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 14:21:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104023
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jul 2024 14:21:51 GMT

GET
H2 200 hotjar-3644136.js Show response
static.hotjar.com/c/ 9 KB
4 KB 207ms
95ms Script
application/javascript 13.32.110.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3644136.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6J4G4J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-52.vie50.r.cloudfront.net

Software

Resource Hash

141f24bf9703b1b49f957c61f2d77cf5d3dcfe32b0145a7fd1a2750576a679f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://offer.trumplighters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 14:21:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 95c9d51ed7176777d7ac8ca8cb233696.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
etag: W/8f4c0fbbe56a2b19b5514c9a72fd7faf
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: hMD9BENXq3w6W64zBUun3rYypGgr6r1Aj9SLg1HcfbQkpTyeLNSG3w==

GET
H2 200 everflow.js Show response
www.y6hjvtrk.com/scripts/sdk/ 31 KB
9 KB 169ms
119ms Script
text/javascript 35.190.39.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.y6hjvtrk.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6J4G4J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.198 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 198.39.190.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ec9c252a62d8ad0711306d5d0d2261cb1a52f7ce7454c6c46691598146a7e4e1

Request headers

Referer: https://offer.trumplighters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 14:21:51 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: 57ab47b5-d326-404d-b945-ecef8fd13129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 101ms
29ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-05H6BTS6HK&gtm=45je4790v9116032628z89116025465za200zb9116025465&_p=1721139711408&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1537683360.1721139712&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721139711&sct=1&seg=0&dl=https%3A%2F%2Foffer.trumplighters.com%2Ftrump%2Fen%2Fus%2Fpre5%3Fpackage%3D4%26bar%3Dn%26sub1%3Dlighter4pre5no-87%26evclid%3D21a752e8e3bf4ef6b1b2168aee1bc79f%26utm_source%3Dlighter4pre5no-87%26aff%3D87&dt=Trump%20Lighter&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1655&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-05H6BTS6HK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://offer.trumplighters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 14:21:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offer.trumplighters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.e4b2dc39f985f11fb1e4.js Show response
script.hotjar.com/ 223 KB
56 KB 225ms
106ms Script
application/javascript 108.156.2.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3644136.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.2.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-2-48.mxp63.r.cloudfront.net

Software

Resource Hash

619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://offer.trumplighters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Jul 2024 08:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e57379aeeaf825df3f0a6972a5cb719c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P4
age: 1318244
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56291
last-modified: Mon, 01 Jul 2024 08:10:34 GMT
etag: "ca025d2d8ae4b3dc51e058b782590501"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: vPuCQDZhtM7n4OzOTk1p90L-Jm8J2KwSBOAPPZpnZYyUn97Q0ohBxA==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 253ms
35ms XHR
application/json 54.171.240.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=3644136&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.171.240.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-240-112.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 80719a42369ea2110924a3ecac928482f367e73e3c66d50ef2342d452d49015b

Request headers

Referer: https://offer.trumplighters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Jul 2024 14:21:52 GMT
content-length: 56
access-control-max-age: 86400
content-type: application/json

GET
H3 200 favicon.png
offer.trumplighters.com/trump/en/us/img/pre/ 2 KB
2 KB 81ms
80ms Other
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26b43226bd2cdc442af79b9185e075cdbae727bcf5ba10c02984a7ae412e102b

Request headers

Referer: https://offer.trumplighters.com/trump/en/us/pre5?package=4&bar=n&sub1=lighter4pre5no-87&evclid=21a752e8e3bf4ef6b1b2168aee1bc79f&utm_source=lighter4pre5no-87&aff=87
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id: 01J24PAJTQK2GKP8V1B5BEZ6VP
date: Tue, 16 Jul 2024 14:21:52 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "4694db8fd0ff763dc4453fbf1a01743b-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IB4Ww3GbJCKdbMq1wAkRRLAE8vLJi2H31LOomvRLwBZc1fpwsbxJkl3E8XPZavT99iXfTHgaJlrHpAIzCbIAJjUrQrDmkRxpJV8TTWtGeH5yPm9%2FV9cE0Dpp8o3WKUSm%2FXthGX9XB%2B6B6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8a42a421cf516409-LHR
alt-svc: h3=":443"; ma=86400
content-length: 1875

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.y6hjvtrk.com/	1970-01-20 22:07:06	Name: uniqueClick_363TCP Value: 0fd07214-44b9-4cde-a6bb-81b5f841e9ff:1721139710
www.y6hjvtrk.com/	1970-01-21 00:15:15	Name: transaction_id Value: 21a752e8e3bf4ef6b1b2168aee1bc79f
www.toastyheat.com/	1970-01-20 22:05:43	Name: link Value: 1
.trumplighters.com/	1970-01-21 07:41:39	Name: _ga_05H6BTS6HK Value: GS1.1.1721139711.1.0.1721139711.0.0.0
.trumplighters.com/	1970-01-21 07:41:39	Name: _ga Value: GA1.1.1537683360.1721139712
.trumplighters.com/	1970-01-21 06:51:15	Name: _hjSessionUser_3644136 Value: eyJpZCI6Ijg5NDU5YjJkLWNkZWItNTY0Mi1hNzcwLThlNzYwZDliZWMzYSIsImNyZWF0ZWQiOjE3MjExMzk3MTIyMjMsImV4aXN0aW5nIjp0cnVlfQ==
.trumplighters.com/	1970-01-20 22:05:41	Name: _hjSession_3644136 Value: eyJpZCI6ImQ4MmY4OWQwLTY1N2ItNDJlNi1iMjFkLTk1ODRiZGI4OTI5ZCIsImMiOjE3MjExMzk3MTIyMjUsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content.hotjar.io
offer.trumplighters.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
www.googletagmanager.com
www.toastyheat.com
www.y6hjvtrk.com
108.156.2.48
13.32.110.52
172.67.131.253
18.171.154.30
2001:4860:4802:34::36
2a00:1450:4001:80f::2008
35.190.39.198
54.171.240.112
72.167.211.14
141f24bf9703b1b49f957c61f2d77cf5d3dcfe32b0145a7fd1a2750576a679f6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26b43226bd2cdc442af79b9185e075cdbae727bcf5ba10c02984a7ae412e102b
2cf7833ee174c4af5765d79030bd45b759e7c1d47799e4062b8ad64cf7b3d581
2f364f10c2ee55cda4e6279af70d8059f7571277c8971649c4a56b2320d508f3
3127f0b873387ee37e2040135a06e9e9c05030f509eb63689529becf28b50384
412c068eab6f36e6807d630ff89127165e8e4d3e8653434cdfb56b60cdcc3a32
4ae01720dd802bf5224efe3f6f44380d324dc049fdacb2754eb403c34e492273
53a8318a4b95a737f39f6bbdacf9b47140b6acc336054bf3a9731f34e96f583f
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
627483e2cdfe6ea853aed8560860b80dcedfae93bd2e85f8c8c4d2c3cfee823c
6318f5d803ae122c3f43a480a870cc8fa6dc0b18198506b95dfb4a3b2b2351d3
76f1f6526cb7d13d927dd098ab11b373d670c5bfe824d3afcb2b9c132ec25583
7b691dd6aecaa3ece62e9afd6bdb265a918dfc12cb9e8ad2b24a1e0726ee650d
7e7025d14707d0ec3d7393c317156e9555f4060c3ac9bbc9062d496e08a041e0
80719a42369ea2110924a3ecac928482f367e73e3c66d50ef2342d452d49015b
89b0dcd07eedfa41cdb14251251d2289ba92f478ca9383975135221c6ad2964e
8ce6db5e52a303b321fa5f07a6ff4b8d3c030a815234150b8622bd820bbdc39b
a538fdf41aff5cb1c6c89d3ce52bac81d0b42e4116feea7b14d21036fa2195c5
a5fe27ff2b556e8095461b4e1fd4207a03cef3097fd20f5fe3c5ed99a563271f
af43b4c9ff0572b4fed1935a9bde8986d0adb73484dca46a5489e337b866e30d
b0b540e69bf6717016e33874670e09acf4bffc2ca3f4c1cf174a4ff696308c65
b4d781b20d03091203589da1c2e8871f79f04f858ce95311c3977645cbd34731
beefc344e4a6c4a5e667bb68de613543765c946d454b8c5dc78997a5e47764c4
c9ea17f3b92f547393274b661ed542513d53e8a8e95da34aa92ae11e2744f5bb
cb578811acec354d0efcf56fdd812405b5ef15dbc45f6b306294947bd67e2a1c
cbf6ba2b04ebea1f8b07edb4267779c5170b0cfaba01075372d7ee2522ece9ee
cfb127f31cb64bbf68d03d747caa6e5c94c139f37c0b4c538f706ba7e0626e93
ec9c252a62d8ad0711306d5d0d2261cb1a52f7ce7454c6c46691598146a7e4e1
f14094f640c5cd971656c6e59efdbdcc7bf4468a78ae4decd012bed0bd49d777
fa12c82c086b1e0aab0944417ac77add7f2cefa828940637f686cd29ff7a899c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

offer.trumplighters.com Open in urlscan Pro 172.67.131.253 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

22 %IPv6

7 Domains

8 Subdomains

7 IPs

4 Countries

1532 kBTransfer

2652 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

offer.trumplighters.com Open in urlscan Pro
172.67.131.253 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

22 %
IPv6

7
Domains

8
Subdomains

7
IPs

4
Countries

1532 kB
Transfer

2652 kB
Size

7
Cookies

33 HTTP transactions
0 data transactions