urlscan.io logo urlscan.io
SecurityTrails logo

trumpexcel.com Open in urlscan Pro
162.159.135.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://trumpexcel.com/
Effective URL: https://trumpexcel.com/
Submission: On September 30 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 16 domains to perform 72 HTTP transactions. The main IP is 162.159.135.42, located in Shahr, Iran, Islamic Republic Of and belongs to CLOUDFLARENET, US. The main domain is trumpexcel.com. The Cisco Umbrella rank of the primary domain is 117154.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 7th 2022. Valid for: a year.
This is the only time trumpexcel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    162.159.135.42 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
trumpexcel.com
8    2606:4700::6812:1690 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-adclh.nitrocdn.com
9    13.35.93.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-23.jfk50.r.cloudfront.net
ads.adthrive.com
7    2607:f8b0:4006:824::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    138.199.40.58 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-40-58.datapacket.com
to.getnitropack.com
3    143.204.150.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-150-76.ewr52.r.cloudfront.net
c.amazon-adsystem.com
5    2607:f8b0:4006:820::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    108.138.128.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-58.jfk50.r.cloudfront.net
logger.adthrive.com
1    2600:9000:2209:f400:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
3    108.139.47.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-108.jfk50.r.cloudfront.net
sb.scorecardresearch.com
2    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    2001:41d0:701:1000::31d2 (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
3    2607:f8b0:4006:806::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
6    2607:f8b0:4006:80b::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
2    2607:f8b0:4006:81f::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)
51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com
8    2607:f8b0:4006:81d::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
3    2607:f8b0:4006:80f::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:81e::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2607:f8b0:4006:81e::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
15 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
88 KB
11 adthrive.com
ads.adthrive.com — Cisco Umbrella Rank: 4979
logger.adthrive.com — Cisco Umbrella Rank: 5561
273 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
137 KB
8 nitrocdn.com
cdn-adclh.nitrocdn.com — Cisco Umbrella Rank: 113005
282 KB
7 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
210 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 76
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 152
3 KB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 297
47 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
2 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1356
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1405
557 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1159
id5-sync.com — Cisco Umbrella Rank: 456
17 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1349
133 KB
2 trumpexcel.com
trumpexcel.com — Cisco Umbrella Rank: 117154
59 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 191
44 KB
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2427
518 B
1 getnitropack.com
to.getnitropack.com — Cisco Umbrella Rank: 15635
469 B
72 16
Domain Requested by
9 ads.adthrive.com trumpexcel.com
ads.adthrive.com
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
trumpexcel.com
51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com
8 cdn-adclh.nitrocdn.com trumpexcel.com
7 fonts.gstatic.com trumpexcel.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
trumpexcel.com
5 securepubads.g.doubleclick.net ads.adthrive.com
securepubads.g.doubleclick.net
3 www.gstatic.com trumpexcel.com
51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com
3 www.google.com 1 redirects tpc.googlesyndication.com
trumpexcel.com
3 sb.scorecardresearch.com 1 redirects ads.adthrive.com
3 c.amazon-adsystem.com ads.adthrive.com
c.amazon-adsystem.com
2 googleads.g.doubleclick.net 51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com
2 fonts.googleapis.com 51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com
trumpexcel.com
2 51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 confiant-integrations.global.ssl.fastly.net ads.adthrive.com
confiant-integrations.global.ssl.fastly.net
2 logger.adthrive.com ads.adthrive.com
2 trumpexcel.com 1 redirects
1 www.googletagservices.com trumpexcel.com
1 id5-sync.com cdn.id5-sync.com
1 adservice.google.com securepubads.g.doubleclick.net
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.id5-sync.com trumpexcel.com
1 cdn.jwplayer.com ads.adthrive.com
1 to.getnitropack.com trumpexcel.com
72 24

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
app.monstercampaigns.com
www.dmca.com
Subject Issuer Validity Valid
trumpexcel.com
Cloudflare Inc ECC CA-3		 2022-08-07 -
2023-08-07		 a year crt.sh
nitrocdn.com
Cloudflare Inc ECC CA-3		 2022-09-02 -
2022-12-01		 3 months crt.sh
*.adthrive.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.getnitropack.com
Thawte RSA CA 2018		 2022-01-06 -
2023-01-06		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
jwplayer.com
Amazon		 2021-12-29 -
2023-01-25		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://trumpexcel.com/
Frame ID: 1DCB1786D295231DDCC43F8D66330581
Requests: 50 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/42ac6d4/html/topics.html
Frame ID: DAE348EB73CD881CBC5A4B775F07B91A
Requests: 1 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/42ac6d4/html/rnf.html
Frame ID: 76777A980383CF66425C81A1B8D8B999
Requests: 1 HTTP requests in this frame

Frame: https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1AE516EEA4DD3EBDB8C2127D54546970
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E25D3F485ECA6560EA3148AA9402BD5C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 34E9D9959FEBB9A828DCE0671CBA8BD4
Requests: 2 HTTP requests in this frame

Frame: https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 539003BA3D2FDC1836D5B46724C0B02A
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C632CDBFCC19A8B32340044726A967A8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EF8770B08DFDFDBE6323514CE9FBF3B1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Frame ID: 3C5C323413AF9590660B3E93791932C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FREE Online Excel Training – Video Course for Beginners

Page URL History Show full URLs

  1. http://trumpexcel.com/ HTTP 301
    https://trumpexcel.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link [^>]*href=(?:"|')[^"']*elementor/assets
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

72
Requests

97 %
HTTPS

59 %
IPv6

16
Domains

24
Subdomains

23
IPs

4
Countries

1298 kB
Transfer

4385 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trumpexcel.com/ HTTP 301
    https://trumpexcel.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://sb.scorecardresearch.com/b?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1664572181983&ns_c=UTF-8&c7=https%3A%2F%2Ftrumpexcel.com%2F&c8=FREE%20Online%20Excel%20Training%20%E2%80%93%20Video%20Course%20for%20Beginners&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1664572181983&ns_c=UTF-8&c7=https%3A%2F%2Ftrumpexcel.com%2F&c8=FREE%20Online%20Excel%20Training%20%E2%80%93%20Video%20Course%20for%20Beginners&c9=
Request Chain 70
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
trumpexcel.com/
Redirect Chain
  • http://trumpexcel.com/
  • https://trumpexcel.com/
301 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e058dedd6c6a83c5b552e3706c2c7080b898478ed69e37ad8e20cc72a267fb57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Mobile
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
752ff0dfcd8c8daf-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 30 Sep 2022 21:09:40 GMT
ki-cache-type
None
ki-cf-cache-status
BYPASS
ki-edge
v=17.8
link
<https://cdn-adclh.nitrocdn.com>; rel=preconnect, <https://trumpexcel.com/wp-json/>; rel="https://api.w.org/", <https://trumpexcel.com/wp-json/wp/v2/pages/14497>; rel="alternate"; type="application/json", <https://trumpexcel.com/>; rel=shortlink
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjDo9pB3eSWNPtmWs1wj0TmDE5kJ%2B1gD260udOsVMdvxKzawV7D6hUzs7WWAdIua186Khv41%2FrdHhLgj5xJswRslB8D%2FcdWHTPgCXXGXBDd%2BAYlfvaHxTIy0G4CMF5Vy"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, user-agent
x-cache-ctime
1664530720
x-content-type-options
nosniff
x-edge-location-klb
1
x-kinsta-cache
MISS
x-nitro-cache
HIT
x-nitro-cache-from
drop-in
x-nitro-rev
4fa602f

Redirect headers

CF-Cache-Status
DYNAMIC
CF-Ray
752ff0de6a318e00-MIA
Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Fri, 30 Sep 2022 21:09:40 GMT
Ki-CF-Cache-Status
BYPASS
Location
https://trumpexcel.com/
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MN8QCgi2QDdJAWXn7TPvTwDoRLQzISvLdSxMCPzB%2B4wwYAeDLSVnpOamXwDKrVaaSAgOgHi4HYoslg35%2B3Z6noTorWrK4YiyZKBlE6erXaUPzyVhsu1%2FwweZtM4lVQ3F"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Edge-Location-Klb
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cache-type
None
ki-edge
v=17.8
fa-solid-900.woff2
cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/source/rev-4fa602f/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/source/rev-4fa602f/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:40 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 04:26:19 GMT
server
cloudflare
age
1269316
etag
"6323faeb-1321e"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
752ff0e18f57b3c1-MIA
link
<https://trumpexcel.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2>; rel="canonical"
content-length
78196
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e45d1c9e-9939-4672-94a4-babccc7e49fc
https://trumpexcel.com/ 		824 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a0829f65b5378d1b0e2da444ff32f73343984c4e21342f5a7a0f3b9abe5c9c0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Length
824
Content-Type
text/javascript
ads.min.js
ads.adthrive.com/sites/5cab42e1b13d6c3ef8c7c9cc/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/5cab42e1b13d6c3ef8c7c9cc/ads.min.js?referrer=https%3A%2F%2Ftrumpexcel.com%2F&cb=19
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
92edabc3677b33ef8128054f009aa9a7c81d62bb7b70367628d4a385edb789a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

adthrive-bucket
flex-02
date
Thu, 29 Sep 2022 22:07:07 GMT
content-encoding
gzip
via
1.1 4810d74d0025d8ce3dbab6cb71a901d2.cloudfront.net (CloudFront)
adthrive-deployment
2022-09-29-5:42ac6d4:con
x-amz-cf-pop
JFK50-P8
age
82953
adthrive-commit
42ac6d4
x-cache
Hit from cloudfront
content-length
17719
adthrive-gdpr
false
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=86400
x-amz-cf-id
CO3wgs5X0SVvN01ab4rvjwZZUQfOcuDrN4ptFjMFn1R6i3dAvfnveg==
truncated
/ 		91 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d49f86aa1c08d478f21f12f74d33020854eb050366ae9ed69b5d898de32821c1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 19:19:11 GMT
x-content-type-options
nosniff
age
265829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47800
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:19:11 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:32:23 GMT
x-content-type-options
nosniff
age
178637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11040
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 19:32:23 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:34:59 GMT
x-content-type-options
nosniff
age
297281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14148
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 10:34:59 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:31:58 GMT
x-content-type-options
nosniff
age
178662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11072
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 19:31:58 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:31:58 GMT
x-content-type-options
nosniff
age
178662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11028
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 19:31:58 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 09:10:12 GMT
x-content-type-options
nosniff
age
302368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13976
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:50:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 09:10:12 GMT
truncated
/ 		91 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d682c9d1780beadfc813d152d9965573164e614c17c10f2d9c41e11e342f4058

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
abd.js
ads.adthrive.com/abd/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/abd/abd.js
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
os8MwQFHVWjrrk14iP4Ip4gSDo8pMj4I
content-encoding
br
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
date
Fri, 30 Sep 2022 21:08:09 GMT
x-amz-cf-pop
JFK50-P8
age
92
x-cache
Hit from cloudfront
last-modified
Tue, 06 Sep 2022 21:10:57 GMT
server
AmazonS3
etag
W/"1a1900d242621b126237113a25ab0ab3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
GpqnNfk09UQOtrGcyeCtyhQz0-i-XuZOE4Rxye7uLjxTLX5AsCFV_g==
TrumpExcel-Logo-Online-Excel-Tips-Tricks-oyfxtw7p1udmps67cqb07c8xljsj6v7issl2nne5gg.png
cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/uploads/elementor/thumbs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/uploads/elementor/thumbs/TrumpExcel-Logo-Online-Excel-Tips-Tricks-oyfxtw7p1udmps67cqb07c8xljsj6v7issl2nne5gg.png
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9354b6b6b17865bf3aa82782782e884a2608b14853f0410a4bb73f53f1075d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:40 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 04:26:15 GMT
server
cloudflare
age
1269316
etag
"6323fae7-713"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
752ff0e21cd667ce-MIA
link
<https://trumpexcel.com/wp-content/uploads/elementor/thumbs/TrumpExcel-Logo-Online-Excel-Tips-Tricks-oyfxtw7p1udmps67cqb07c8xljsj6v7issl2nne5gg.png>; rel="canonical"
content-length
1610
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Free-Excel-Training-Image-Background-blue-Homepage.png
cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/uploads/2018/06/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/uploads/2018/06/Free-Excel-Training-Image-Background-blue-Homepage.png
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd00b18fa62903872d7dc9e6e084c119c8b64e09a397176120dc7673cd1ea251

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:40 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 04:26:26 GMT
server
cloudflare
age
318379
etag
"6323faf2-3123"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
752ff0e21cd267ce-MIA
link
<https://trumpexcel.com/wp-content/uploads/2018/06/Free-Excel-Training-Image-Background-blue-Homepage.png>; rel="canonical"
content-length
12420
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
marmalade
ads.adthrive.com/api/v1/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v1/marmalade?siteid=5cab42e1b13d6c3ef8c7c9cc&url=https%3A%2F%2Ftrumpexcel.com%2F&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5cab42e1b13d6c3ef8c7c9cc/ads.min.js?referrer=https%3A%2F%2Ftrumpexcel.com%2F&cb=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
/
Resource Hash
e5e36c07f23a75230412effbd59a96413166caee17aa1bed688b50afcf2527e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 12:42:05 GMT
content-encoding
br
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
30455
x-amzn-requestid
35b0b0cc-948c-4939-84d8-3c4d808c402b
x-cache
Hit from cloudfront
x-amz-apigw-id
ZRiUoGeMoAMFaTQ=
adthrive-is-chrome
1
adthrive-is-ios
0
x-amzn-trace-id
Root=1-6336e41d-19459c207f78e8bb60141b68;Sampled=0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-amz-cf-id
hi5jLsZ0dsjtAIb6pfMdNoNOcstnG-eo5UZ0qwb1v58NRBdZKn5PRg==
trumpexcel.com
ads.adthrive.com/api/v2/host/floors/ 		2 KB
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v2/host/floors/trumpexcel.com
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5cab42e1b13d6c3ef8c7c9cc/ads.min.js?referrer=https%3A%2F%2Ftrumpexcel.com%2F&cb=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
/
Resource Hash
3cbd9954ea4cd024c05f38f1c0ed9d3a3f9d06190c562a4bc18ebc67a77d39e0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 20:09:42 GMT
content-encoding
br
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
3598
x-amzn-trace-id
Root=1-63374d06-29d7378c165c7f0459a8d99e;Sampled=0
x-amzn-requestid
d8615cd9-3529-4ba9-9d7b-1dc3ae1d06aa
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
ZSj5CGdooAMFk7g=
x-amz-cf-id
8HzJVxygjPQGV0qCjh9CvcaQ3BucYF8WYoUys_-Qrer0JRZtv7RmEQ==
adthrive.min.js
ads.adthrive.com/builds/core/42ac6d4/es2018/js/ 		489 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/42ac6d4/es2018/js/adthrive.min.js?deployment=2022-09-29-5:42ac6d4:con&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5cab42e1b13d6c3ef8c7c9cc/ads.min.js?referrer=https%3A%2F%2Ftrumpexcel.com%2F&cb=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
18b1c904b1d84561f2b0a9661f29e1b2cb868bf8485b42c3331eb8e814adb3ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 18:26:53 GMT
content-encoding
gzip
via
1.1 4810d74d0025d8ce3dbab6cb71a901d2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P8
age
9767
etag
"01346eb2f0f21a5e96be7afadcaf1a02"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600, s-maxage=86400
content-length
121618
x-amz-cf-id
y70bAFuXNiXYH1Cl6vl0nNIkaSSakyzjd8kej1nHmk_Xj4FrMPgtDA==
/
to.getnitropack.com/ 		20 B
469 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://to.getnitropack.com/
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 / PHP/7.3.33
Resource Hash
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://trumpexcel.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryKxvYWVT1A1DZcxoc

Response headers

date
Fri, 30 Sep 2022 21:09:41 GMT
content-encoding
none
strict-transport-security
max-age=15724800; includeSubDomains
cdn-edgestorageid
885
x-powered-by
PHP/7.3.33
cdn-cachedat
09/30/2022 21:09:41
cdn-pullzone
234442
content-length
20
server
BunnyCDN-NY-885
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cdn-uid
b7e07321-6c82-48dc-b332-ec6b5d5d2a32
cache-control
public, max-age=0
cdn-requestid
8956e2373a2eff4fa0fff03995452335
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
nitro-min-noimport-948924886497e8c9cb279f3ff1ca2199-stylesheet.css
cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-948924886497e8c9cb279f3ff1ca2199-stylesheet.css
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93b795eb97f8855c857fe00bd26e590b0470b408eb2b68401004b714df42ee2e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 04:26:15 GMT
server
cloudflare
age
1269039
etag
W/"6323fae7-15db2"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
752ff0e58b6267ce-MIA
link
<https://trumpexcel.com/combinedCss/948924886497e8c9cb279f3ff1ca2199-stylesheet.css>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-noimport-7519c6ccf95c15f7b058689b2494e3a0-stylesheet.css
cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-7519c6ccf95c15f7b058689b2494e3a0-stylesheet.css
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96ee89715a14ae5e41e5a17cfa34b6bcf0ed20224fd4ce9c33900b973b7b4cbb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 04:26:15 GMT
server
cloudflare
age
1269039
etag
W/"6323fae7-89e6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
752ff0e58b6467ce-MIA
link
<https://trumpexcel.com/combinedCss/7519c6ccf95c15f7b058689b2494e3a0-stylesheet.css>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-noimport-be725634fb3e36084653f446e54059d9-stylesheet.css
cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/ 		831 KB
93 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-be725634fb3e36084653f446e54059d9-stylesheet.css
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f53003a9dec4dcf04a1ba5b191a59c9b36e75d22ced9124bfd9afe80ccd1f39

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Sep 2022 09:28:31 GMT
server
cloudflare
age
25892
etag
W/"6336b6bf-cfe64"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
752ff0e58b6767ce-MIA
link
<https://trumpexcel.com/combinedCss/be725634fb3e36084653f446e54059d9-stylesheet.css>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-noimport-10e58329f468f909b89e47d20587c8d2-stylesheet.css
cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-10e58329f468f909b89e47d20587c8d2-stylesheet.css
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3303ed47a5f82f811c9a0334a51e739f5fedb2ec5fd3b36ea979678a27444cf2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 24 Sep 2022 22:18:08 GMT
server
cloudflare
age
25892
etag
W/"632f8220-49a9"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
752ff0e58b6b67ce-MIA
link
<https://trumpexcel.com/combinedCss/10e58329f468f909b89e47d20587c8d2-stylesheet.css>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
topics.html
ads.adthrive.com/builds/core/42ac6d4/html/ Frame DAE3 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/42ac6d4/html/topics.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/42ac6d4/es2018/js/adthrive.min.js?deployment=2022-09-29-5:42ac6d4:con&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5eacfbef6e883869dcd7bed5e4891901909e463e88fca88ce67e9c90018666f

Request headers

Referer
https://trumpexcel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
2567
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Fri, 30 Sep 2022 20:26:55 GMT
etag
W/"1661ff0474b820ed2e9fbc7cd72a6c9a"
last-modified
Fri, 30 Sep 2022 12:55:53 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 4810d74d0025d8ce3dbab6cb71a901d2.cloudfront.net (CloudFront)
x-amz-cf-id
9SCAM3Qc8oi6GCFVqC_TMRqarMdiHB0Z7yB4sUSKEgD7cH3wWDcbwA==
x-amz-cf-pop
JFK50-P8
x-amz-version-id
.5AUBGbFANEUjbJ1JX7LKwBWoWpouBXR
x-cache
Hit from cloudfront
prebid.min.js
ads.adthrive.com/builds/core/42ac6d4/vendor/prebid/es2018/ 		476 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/42ac6d4/vendor/prebid/es2018/prebid.min.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/42ac6d4/es2018/js/adthrive.min.js?deployment=2022-09-29-5:42ac6d4:con&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
170f12b5bbd23597e92cf383a97e18d9794c6d0b4aca2505b099395371b752fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 20:26:55 GMT
content-encoding
br
via
1.1 4810d74d0025d8ce3dbab6cb71a901d2.cloudfront.net (CloudFront)
x-amz-version-id
HUURFWiN2UPcYI9HUdO1B4x.xH39w5XA
last-modified
Fri, 30 Sep 2022 12:51:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
2567
etag
W/"228ecc90cd821a5acb87f6f7ca5bff49"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
WeFTmX6Pr5ate6yYEa7HmrnDHAVMj-5gJzL6a3f_M1B49OTkyGAACA==
apstag.js
c.amazon-adsystem.com/aax2/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/42ac6d4/es2018/js/adthrive.min.js?deployment=2022-09-29-5:42ac6d4:con&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:08:37 GMT
content-encoding
gzip
via
1.1 5840e9664aef77d9be1f708259e60d56.cloudfront.net (CloudFront), 1.1 26bf46825c6bd12542772bad5a4d97b4.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:37 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, EWR52-C2
age
65
x-amz-server-side-encryption
AES256
etag
W/"0b4d277527066dd35dd7c0288cb596b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
IHQYdidF-7lj7LPKIc5IItwhfh2D8x0YbODeIxyamb9G0032U9SN7g==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/42ac6d4/es2018/js/adthrive.min.js?deployment=2022-09-29-5:42ac6d4:con&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b45bde92983e8325a8f26ed9d2a84f8793a1ee0960235962c30e33c507ab246a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27701
x-xss-protection
0
server
sffe
etag
"1350 / 795 of 1000 / last-modified: 1664536014"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 30 Sep 2022 21:09:41 GMT
rnf.html
ads.adthrive.com/builds/core/42ac6d4/html/ Frame 7677 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/42ac6d4/html/rnf.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/42ac6d4/es2018/js/adthrive.min.js?deployment=2022-09-29-5:42ac6d4:con&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f62599e2b5c41a6b3c7161cf72107ac8c3aa6ea9a30d9eb9e58e2eed798d37e7

Request headers

Referer
https://trumpexcel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
2567
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Fri, 30 Sep 2022 20:26:55 GMT
etag
W/"84f0663b2129be4891408cc7b5359b48"
last-modified
Fri, 30 Sep 2022 12:55:53 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 4810d74d0025d8ce3dbab6cb71a901d2.cloudfront.net (CloudFront)
x-amz-cf-id
O-Lpy4Zb9Gmf-R9DFMw52D6KPLKFGP3yiun0HDtzTsVbY8NLkFCy_A==
x-amz-cf-pop
JFK50-P8
x-amz-version-id
3jnEBReEbzkw31r.SXAwETeXmyKrlOXr
x-cache
Hit from cloudfront
S6u_w4BMUTPHjxsI5wq_Gwftx9897g.woff2
fonts.gstatic.com/s/lato/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwftx9897g.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bed332f8784cd98e453089a3172ee466b1e55beae5d0d5c31de9e9e544df39b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:06:04 GMT
x-content-type-options
nosniff
age
299017
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14904
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 10:06:04 GMT
fa-brands-400.woff2
cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/source/rev-4fa602f/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/source/rev-4fa602f/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:41 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 04:26:29 GMT
server
cloudflare
age
91970
etag
"6323faf5-12c87"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
752ff0e6be3cda47-MIA
link
<https://trumpexcel.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2>; rel="canonical"
content-length
76764
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
event
logger.adthrive.com/ 		21 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/event?siteId=5cab42e1b13d6c3ef8c7c9cc&siteName=Trump%20Excel&bucket=flex-02&branch=42ac6d4&deployment=2022-09-29-5%3A42ac6d4%3Acon&message=RecencyAndFrequncyIFrameManager%3A%3ArecencyFrequencyIframeAdded&pageurl=https%3A%2F%2Ftrumpexcel.com%2F&body=%5B%5D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/42ac6d4/es2018/js/adthrive.min.js?deployment=2022-09-29-5:42ac6d4:con&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-58.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 17:27:46 GMT
via
1.1 205b9099637a29b949f9be6dceccecec.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
13316
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
-rfZKS0bdNEm_AO0Zad0N6e6gLQdFnjopDIMMXXEhlQ2tXHdQnxL7w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 07:45:41 GMT
x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding
gzip
via
1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
age
48241
x-cache
Hit from cloudfront
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ypCTodPv5WLwgIwBanc-ohLd7fchA2qhUxpttWxCoeutFcSkUOdW2g==
pubads_impl_2022092601.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 20:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131426
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 08:39:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 30 Sep 2023 20:04:59 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		139 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=trumpexcel.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcb53fc2b043c569dba95e27a0219c282b12689e4b231910e947817723ae3b03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105
x-xss-protection
0
expires
Fri, 30 Sep 2022 21:09:41 GMT
NlgHb79N
cdn.jwplayer.com/v2/playlists/ 		163 B
518 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/NlgHb79N
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/42ac6d4/es2018/js/adthrive.min.js?deployment=2022-09-29-5:42ac6d4:con&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
5c97280fc5760a54ee79050652b58ee6e92398e55152d74db639c6401bfffab7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:07:56 GMT
content-encoding
gzip
via
1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
age
105
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
content-length
161
x-amz-cf-id
ZeOEezoeeEZvKl7BGmVBZDDEY3UMh2LDLptd6LKAu4Gkd7Mec1R2Ig==
expires
Fri, 30 Sep 2022 21:08:03
config
c.amazon-adsystem.com/cdn/prod/ 		385 B
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftrumpexcel.com&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
a63506fb420990f57b718352691d603bd8c4574bd1182dd2f274fe276b83493d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 20:26:15 GMT
via
1.1 26bf46825c6bd12542772bad5a4d97b4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
age
2605
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://trumpexcel.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
385
x-amz-cf-id
shFymkQmGrl5Qc6FTYiKtv3Xa3HsdRjHghbEsd8corRYZqD3cWhOMA==
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/42ac6d4/es2018/js/adthrive.min.js?deployment=2022-09-29-5:42ac6d4:con&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 14:39:38 GMT
content-encoding
gzip
via
1.1 694c2ab22098fd212b8d6808ee6c5aaa.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
23403
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
LeVs40FVNCff5NyLLeneHXxB7cO0hv81tzohgjW0f9GKMNueDSagYw==
config.js
confiant-integrations.global.ssl.fastly.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/ 		340 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/42ac6d4/es2018/js/adthrive.min.js?deployment=2022-09-29-5:42ac6d4:con&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f33f9ae2f57bec67c40bc4dc511f4a7f667d61e06fb09b863d65e8ef52fd03b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Fri, 30 Sep 2022 21:09:41 GMT
Content-Encoding
gzip
Via
1.1 varnish
x-amz-request-id
N4424P4VP740BJDT
Age
477
X-Cache
HIT
Connection
keep-alive
Content-Length
72228
x-amz-id-2
efOSlkBXugDb5YW79oFEiugr0gW44ANmTdPlsIpDy9IUiK0P3nVWJt/RlrJFZHTrN2m+hqCXF0g=
X-Served-By
cache-mia11380-MIA
Last-Modified
Fri, 30 Sep 2022 20:45:14 GMT
Server
AmazonS3
X-Timer
S1664572182.845331,VS0,VE0
ETag
"d00261a7d2114908c4770ed0fbacd196"
Content-Type
text/javascript
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
173
event
logger.adthrive.com/ 		21 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/event?siteId=5cab42e1b13d6c3ef8c7c9cc&siteName=Trump%20Excel&bucket=flex-02&branch=42ac6d4&deployment=2022-09-29-5%3A42ac6d4%3Acon&message=VideoManagerComponent%3A%3AnoStickyPlaylistOrSekindo&pageurl=https%3A%2F%2Ftrumpexcel.com%2F&body=%5B%7B%22vendor%22%3A%22none%22%2C%22device%22%3A%22desktop%22%2C%22isDesktop%22%3A%22desktop%22%7D%2C%7B%22abgroup%22%3A%7B%22delload%22%3A%22on%22%2C%22deftimer2%22%3A%22200%22%2C%22amzn%22%3A%22on%22%2C%22wvtls%22%3A%22off%22%2C%22tpcapi%22%3A%22on%22%2C%22amzn_hold_load%22%3A%22off%22%2C%22flr%22%3A%22fb%22%2C%22lzflr%22%3A%2250%22%2C%22inters%22%3A%22adx%22%2C%22ebho%22%3A%22verizon_ebda%22%2C%22loglevel%22%3A%22off%22%2C%22idho%22%3A%22off%22%2C%22lzhb%22%3A%22off%22%2C%22lzcvp%22%3A%222%22%2C%22lzbpvp%22%3A%220.25%22%2C%22tripleliftdr%22%3A%22both%22%2C%22magnitedr%22%3A%22both%22%2C%22pbs2s_appnexus%22%3A%22off%22%2C%22pbs2s_grid%22%3A%22on%22%2C%22pbs2s_gumgum%22%3A%22off%22%2C%22pbs2s_openx%22%3A%22off%22%2C%22adt%22%3A%220%22%2C%22ito_df%22%3A%222200%22%2C%223pho%22%3A%22none%22%2C%22vebho%22%3A%22sovrn_ebda%22%2C%22cbt%22%3A%224s%22%2C%22vast_to%22%3A%225s%22%2C%22proto%22%3A%22all%22%2C%22pbm%22%3A%22on%22%2C%22reqTo%22%3A%2215%22%2C%22vadv%22%3A%22on%22%2C%22smhd100%22%3A%22off%22%2C%22smad300%22%3A%22on%22%2C%22s2sbuff%22%3A%22100%22%2C%22rmos1%22%3A%22off%22%2C%22socon%22%3A%220%22%2C%22sab%22%3A%22on%22%2C%22dco%22%3A%22relaxed%22%2C%22mxrpog%22%3A%224%22%2C%22dajto%22%3A%22off%22%2C%22jwb%22%3A%22on%22%2C%22vpred_1%22%3A%2290%22%2C%22crtvmon%22%3A%22off%22%2C%22pba%22%3A%22none%22%2C%22amzn_hold_disp%22%3A%22off%22%2C%22bmetrics%22%3A%22on%22%2C%22confiant%22%3A%22prod%22%2C%22cnfep%22%3A%22on%22%2C%22refflr2%22%3A%221.2%22%2C%22refvidflr%22%3A%221%22%2C%22socbe%22%3A%22sovpct2%22%2C%22logcls%22%3A%22off%22%2C%22sidp%22%3A%22off%22%2C%22rebuildslot%22%3A%22on%22%2C%22upl%22%3A%22on%22%2C%22sekho%22%3A%22off%22%2C%22sospp%22%3A%22on%22%7D%2C%22sess%22%3A%2201GE83QK6JFNT3Z4MPW3S61VRK%22%2C%22pvk%22%3A%2201GE83QK6JDVZ6DXWHT5037Y3Q%22%2C%22hbho%22%3A%5B%22roundel%22%5D%2C%22vbho%22%3A%5B%22gumgum%22%2C%22openx%22%5D%2C%22lmdv%22%3A%221.9.0%22%2C%22clsBranch%22%3A%2242ac6d4%22%2C%22clsBucket%22%3A%22prod%22%7D%5D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/42ac6d4/es2018/js/adthrive.min.js?deployment=2022-09-29-5:42ac6d4:con&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-58.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 17:27:46 GMT
via
1.1 205b9099637a29b949f9be6dceccecec.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
13316
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
92uJO2uq8YuiSCPOwlqNyQusVaA1aTalmfacbHMx7tAEPyTTvblXAA==
ads.min.css
ads.adthrive.com/sites/5cab42e1b13d6c3ef8c7c9cc/ 		444 B
534 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/5cab42e1b13d6c3ef8c7c9cc/ads.min.css
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/42ac6d4/es2018/js/adthrive.min.js?deployment=2022-09-29-5:42ac6d4:con&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
68654b239b1864c5942df93e0b380df6656eb6e50a2f49df895aeaefb1e801c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 22:06:24 GMT
content-encoding
gzip
via
1.1 4810d74d0025d8ce3dbab6cb71a901d2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P8
age
82997
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600, s-maxage=86400
content-length
229
x-amz-cf-id
CI0FvRq_mPgRP3gozTNh8H0Exrf5HG6olqMUPYZWvJa18Fk28NK-ZA==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
T5XR1TKNGX3AYKMQ
age
356
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
752ff0e8ea5bb3df-MIA
x-amz-id-2
k2/V4jIJcNBktXgKMSiomrLJUfGYI4uHmeIcYL2fde1SuGtUPBr34adtDi2s/1LVqQerP09gvl0=
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/ 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
468718a583ec98edb242b85a424558fd63ceac3a8c1ff6a76bbf473b857481c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Fri, 30 Sep 2022 21:09:41 GMT
Content-Encoding
gzip
Via
1.1 varnish
x-amz-request-id
VECWWKB2DZ7Q0NKW
Age
685
X-Cache
HIT
Connection
keep-alive
Content-Length
63033
x-amz-id-2
QXdUazHhnKnuvOUVZXKhu+0QNCMTj+Vz2XZKOVDBc6pNkCYZg/otrVd+ib3JkOy3Eg5M6/sO0sw=
X-Served-By
cache-mia11380-MIA
Last-Modified
Mon, 09 May 2022 15:39:37 GMT
Server
AmazonS3
X-Timer
S1664572182.935992,VS0,VE0
ETag
"ecf02ff527b0ed563b40adaa835278b3"
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
242
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.67 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216533.ip-141-95-98.eu
Software
/
Resource Hash
13ac965ab2eed0b05074f6ff30e2ceb137cebbf1d05c8ed28f4d292abed77aac

Request headers

Referer
https://trumpexcel.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://trumpexcel.com
date
Fri, 30 Sep 2022 21:09:41 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::31d2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
42cf602223e8e330ae55c65f6d1fc70dbe0c53dc6460c5165afca450d170491c

Request headers

Referer
https://trumpexcel.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://trumpexcel.com
date
Fri, 30 Sep 2022 21:09:42 GMT
content-length
54
vary
Origin
content-type
application/json
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1664572181983&ns_c=UTF-8&c7=https%3A%2F%2Ftrumpexcel.com%2F&c8=FREE%20Online%20Excel%20Training%20%E2%80%93%20Vide...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1664572181983&ns_c=UTF-8&c7=https%3A%2F%2Ftrumpexcel.com%2F&c8=FREE%20Online%20Excel%20Training%20%E2%80%93%20Vid...
0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1664572181983&ns_c=UTF-8&c7=https%3A%2F%2Ftrumpexcel.com%2F&c8=FREE%20Online%20Excel%20Training%20%E2%80%93%20Video%20Course%20for%20Beginners&c9=
Protocol
H2
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:42 GMT
via
1.1 694c2ab22098fd212b8d6808ee6c5aaa.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
x-amz-cf-id
upkQh8JaYKwnPWebEIjR0NT7NijQka3tA1B-kLA2DxVr02f_3jXgrA==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1664572181983&ns_c=UTF-8&c7=https%3A%2F%2Ftrumpexcel.com%2F&c8=FREE%20Online%20Excel%20Training%20%E2%80%93%20Video%20Course%20for%20Beginners&c9=
date
Fri, 30 Sep 2022 21:09:42 GMT
via
1.1 694c2ab22098fd212b8d6808ee6c5aaa.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
content-length
0
x-amz-cf-id
42stpUwOsAATgCjDq9xwtGufhG-uqKqyo4GA10on8vSnHlsU1YRmIw==
x-cache
Miss from cloudfront
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=trumpexcel.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		139 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3159888595514859&correlator=3379082663342534&eid=31068457%2C31068921&output=ldjh&gdfp_req=1&vrg=2022092601&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=18190176%3A22499871287%2CAdThrive_Interstitial_1%2C5cab42e1b13d6c3ef8c7c9cc&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=3418438472&sfv=1-0-38&fsbs=1&ists=1&fas=8&fsapi=false&prev_scp=location%3DInterstitial%26sequence%3D1%26id%3DAdThrive_Interstitial_1_desktop%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26hvp%3D80&eri=5&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A254%252Cpmp_elig%253A1%252Cclson%253Atrue%252CclsBranch%253A42ac6d4%252CclsBucket%253Aprod%252Cintegration%253Aplugin%252Clmdv%253A1.9.0%252Cidp%253Apc%26amznbid%3D0%26amznp%3D0%26siteId%3D5cab42e1b13d6c3ef8c7c9cc%26organizationId%3D6233884d7e3b4d7088f7957d%26siteName%3DTrump%2520Excel%26verticals%3DTech%26abgroup%3Ddelload%253Aon%252Cdeftimer2%253A200%252Camzn%253Aon%252Cwvtls%253Aoff%252Ctpcapi%253Aon%252Camzn_hold_load%253Aoff%252Cflr%253Afb%252Clzflr%253A50%252Cinters%253Aadx%252Cebho%253Averizon_ebda%252Cloglevel%253Aoff%252Cidho%253Aoff%252Clzhb%253Aoff%252Clzcvp%253A2%252Clzbpvp%253A0.25%252Ctripleliftdr%253Aboth%252Cmagnitedr%253Aboth%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_grid%253Aon%252Cpbs2s_gumgum%253Aoff%252Cpbs2s_openx%253Aoff%252Cadt%253A0%252Cito_df%253A2200%252C3pho%253Anone%252Cvebho%253Asovrn_ebda%252Ccbt%253A4s%252Cvast_to%253A5s%252Cproto%253Aall%252Cpbm%253Aon%252CreqTo%253A15%252Cvadv%253Aon%252Csmhd100%253Aoff%252Csmad300%253Aon%252Cs2sbuff%253A100%252Crmos1%253Aoff%252Csocon%253A0%252Csab%253Aon%252Cdco%253Arelaxed%252Cmxrpog%253A4%252Cdajto%253Aoff%252Cjwb%253Aon%252Cvpred_1%253A90%252Ccrtvmon%253Aoff%252Cpba%253Anone%252Camzn_hold_disp%253Aoff%252Cbmetrics%253Aon%252Cconfiant%253Aprod%252Ccnfep%253Aon%252Crefflr2%253A1.2%252Crefvidflr%253A1%252Csocbe%253Asovpct2%252Clogcls%253Aoff%252Csidp%253Aoff%252Crebuildslot%253Aon%252Cupl%253Aon%252Csekho%253Aoff%252Csospp%253Aon%252Crmosnv1%253Aoff%26bucket%3Dflex-02%26sens%3Dalc%252Cast%252Ccbd%252Cconl%252Ccosm%252Cdat%252Cdlu%252Cdrg%252Cgamc%252Cgamv%252Cgrq%252Cpol%252Crel%252Csst%252Cssr%252Csrh%252Cske%252Ctob%252Cwtl%26domain%3Dtrumpexcel.com%26plugin%3Dadthrive-ads-2.3.1%26hi_au%3Dod%252Com%26vpwxvph%3D1600x1200%26ri%3D25%26pvk%3D01GE83QK6JDVZ6DXWHT5037Y3Q%26sess%3D01GE83QK6JFNT3Z4MPW3S61VRK%26branch%3D42ac6d4%26deployment%3D2022-09-29-5%253A42ac6d4%253Acon%26hbho%3Droundel%26vbho%3Dgumgum%252Copenx%26gptv%3D2022092601%26connection%3Dniet%253A4g%252Cdl%253A10%26fpv%3D1%26mcmp%3DHOME%252CBA_WSKW20%252CBA_NNNP19%26site_code%3DA1844_Desk_45%252CA1849_Desk_60%252CA1849_Desk_70%252CA1849_Phone_60%252CA1854_Desk_58%252CA2144_Desk_41%252CA2144_Desk_47%252CA2144_Phone_41%252CA2144_Phone_47%252CA2549_Desk_49%252CA2549_Phone_49%252CA2554_Desk_58%252CA2554_Phone_58%252CA3554DeskT40%252CA3599_Phone_72%252CAABTY_22%252CAFOI_2020%252CAPIO_2022%252CATZN_2020%252CCARPR_2021%252CCNST_2021%252CDDIG_21%252CDEOI_2021%252CDSVR_2021%252CEXCLAA_19%252CEXFP_2020%252CEXHFCE_2021%252CF1849_Desk_N30%252CFBSPA_2021%252CGLDM_2021%252CHRSH_2021%252CMDIG_21%252CMILKP_2021%252CMINO_2021%252CMIQWO_2022%252CMSFTV_2022%252CMSFTW_2021%252CMSPWL_2021%252CSF_RN_122019%252CTGNAF_21%252CTRGT_022020%252CTYS_062019%252CTYTA_22%252CVITFM_21%252CWLMT_2019%252CYOAC_22%26marmalade%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1664572182090&dlt=1664572180631&idt=1416&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftrumpexcel.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1834107579.1664572182&ga_sid=1664572182&ga_hid=605969649&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6032b35c76c15afc4695bd81e9e98880f4b422bbb294640300b946d1b7907d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40720
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://trumpexcel.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7ac62c9dfe9ae58e546561ef67134839e1ec3a2cad82069850907c5384b8aa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11216
x-xss-protection
0
container.html
51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1AE5 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 21:09:42 GMT
expires
Sat, 30 Sep 2023 21:09:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022092601.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022092601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54878e221571bb644ba889df9595eb65cb1cd1e22ffc91742faf05c2c0d56fe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 22:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80476
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13926
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 08:39:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Sep 2023 22:48:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Sep 2022 21:09:42 GMT
367.json
id5-sync.com/g/v2/ 		457 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/367.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
f232f048ad9d6ed3d50cb25c78e1dc88746f09e71bb65df54f47668bf9ed0561
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://trumpexcel.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Sep 2022 21:09:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://trumpexcel.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E25D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1719
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 20:41:03 GMT
expires
Sat, 30 Sep 2023 20:41:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 34E9 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
02b6a8faa1fefd9d858b5978442a78c7b843439a36e4dad2716cb7102816d6c0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-64aTiXvUzjNaLPOPetWq2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trumpexcel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-64aTiXvUzjNaLPOPetWq2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 21:09:42 GMT
expires
Fri, 30 Sep 2022 21:09:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5390 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 21:09:42 GMT
expires
Sat, 30 Sep 2023 21:09:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
pagead2.googlesyndication.com/bg/ Frame E25D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16034
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:17:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 34E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092601&jk=3159888595514859&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
css2
fonts.googleapis.com/ Frame 5390 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com
URL: https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Sep 2022 21:09:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Sep 2022 20:01:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Sep 2022 21:09:43 GMT
css
fonts.googleapis.com/ Frame C632 		8 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Sep 2022 21:09:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Sep 2022 19:58:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Sep 2022 21:09:43 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame C632 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 20:40:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 20:40:58 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame C632 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:05:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
275
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9561
x-xss-protection
0
server
cafe
etag
483224313611802536
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 21:05:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame C632 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 21:04:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame C632 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:05:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 21:05:27 GMT
l
www.google.com/ads/measurement/ Frame C632 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTszY32AEuemHl_14reACsrgPng6bCaTpj0xBi6XMDmlUnTNBYN3xxjGWZWcvcU2bm0cIgUpMRh_TOiL6nd7hmrLN_wnA
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C632 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Sep 2022 21:09:43 GMT
270cb447f650f22be90b4349b85576c2.js
www.gstatic.com/mysidia/ Frame C632 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 04:12:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
147436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13677
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 05:24:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 28 Dec 2022 04:12:27 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 5390 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com
URL: https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8224
x-xss-protection
0
server
cafe
etag
17584738254627026664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 21:09:24 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5390 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com
URL: https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 08:06:39 GMT
x-content-type-options
nosniff
age
133384
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 29 Sep 2023 08:06:39 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5390 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com
URL: https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 10:24:38 GMT
x-content-type-options
nosniff
age
38705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 30 Sep 2023 10:24:38 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame EF87 		143 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com
URL: https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
1726
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Fri, 30 Sep 2022 20:40:57 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame E25D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?G06zBA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 21:09:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame EF87
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com
URL: https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 30 Sep 2022 21:09:43 GMT
expires
Fri, 30 Sep 2022 21:09:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 30 Sep 2022 21:09:43 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
pagead2.googlesyndication.com/bg/ Frame 3C5C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16034
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:17:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092601&jk=3159888595514859&bg=!bG-lbyvNAAYQgTJdMIE7ACkAdvg8WtHgQQ8cd0dvYbD8STDpkSq21Iyjup0IX7p-q3-Boq1VgVOnvwIAAABkUgAAAAJoAQeZArA8uN2rG9heAWANdYpZbmuh4MqwMH7DFo8aSmh9mve-muAkrzifldXf3OI77fYsDAHDhf6ZLV8J8LKPt2MEWKOygisxjxA8RUZn3Wb1ewvWTIY8lgWw5CFLsgupAXXaGlqA3WAn_U4RaR-N76o86c1Pc8S_M9PAWNKWJoUX7tCxB5TXnGldNqMSgzxJIK5w35cW1h77_dxvjm0twdwgTMZ9ef6TdYOGtNQRUgGtpGXs8yf5THHt1rO6PW3qeNLuy1lJ4fBYnLTsJjEnAKy7hOH88gZ05znyXtP_YGPUVnx_BGJ_uDyG8RZ7zpoNmtuHHAhVufuLLEDUQvrWL_DQHXaVU1MDGFsYHWeOurscp0hUFvCWQv7fa6mRSk4E1fu-RIrFsK4dl8w0MczDMqoVCwFEjfxSmAztnFG5ADSTrJeV7VQ4mkVZltciv6kZ43oyqi69mMCWQQqG3quUEqF5bXvWroZETzj6v7Z4ks1EV1OOS_P1GZohpIMP6BdPuwNjQ28SFlQgbVQRQa3_JIhAtg41gNVWBJpr4RnwhvClCGD9kZAx_1CxSeal2CJU2JwwKSXAy5mcwXkfw7gv8f01Ad_4JscnhYXLYZ_Kmkt9a8x2pW-YnWgrBim1YsQ8JfyrCGcfVWM9zBomtT0v2glsK86y4hcZmXBw0bsYjdrDfYS2v6BNwGEOVtP7L-Y7k-sxzEV_s14DOVHna269nio-WjMcUX8f4SZIbLjW-25NgLi7LqjoNjAkRV29qfaAteaMI26SBIOFakANc1gxfXoAWS-OzgsbvFSQqGfjrux81QgwyehTGbPU4kBiNsFHdeBjmwy5KSJ9hjzqnNrkgXjqd1JzSDfBjzWZ5sCojlm1v2xx_NwI-Mb_1cquRZ5AcQOaV8RhES9bMmZo_LFIhg-wCXPu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| href object| NPSH object| NitroScrollHelper object| NPRL object| NitroResourceLoader object| NPh object| NitroPackHelper object| adthriveCLS object| adthrive object| cls_disable_ads boolean| IS_NITROPACK string| NITROPACK_STATE object| nitro_lazySizesConfig object| lazySizes function| loadCSS object| webVitals undefined| proxyPurgeOnly undefined| nitroData undefined| xhr boolean| isPreload object| pbjs object| apstag object| googletag object| _pbjsGlobals object| onStylesLoadEvent boolean| apstagLOADED object| ggeac object| google_tag_data object| google_js_reporting_queue function| __uspapi object| _comscore object| confiant function| setImmediate function| clearImmediate object| ID5 object| COMSCORE function| udm_ object| ns_p undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

10 Cookies

Domain/Path Name / Value
trumpexcel.com/ Name: nitroCachedPage
Value: 1
trumpexcel.com/ Name: __adblocker
Value: false
trumpexcel.com/ Name: usprivacy
Value: 1---
trumpexcel.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.scorecardresearch.com/ Name: UID
Value: 11D4201de480aad4c7de9541664572182
.trumpexcel.com/ Name: __gads
Value: ID=71f0db15d87d3e57-228e07fd66d700c7:T=1664572182:S=ALNI_MaH-yMJwsFEr1kNwKx7LEjetqHWCg
.trumpexcel.com/ Name: __gpi
Value: UID=000008736578d2eb:T=1664572182:RT=1664572182:S=ALNI_Madf8ugQureMBzlwat5pByBnUjSlA
.id5-sync.com/ Name: id5
Value: 960f9fc8-2f54-45f1-b471-5482949a6027#1664572182805#1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUlJ7Eq6MSTrnujw_HLduOrURQBAm4eJecW0TFOGvlNrVwLde7e71LhK2b5O

58 Console Messages

Source Level URL
Text
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-948924886497e8c9cb279f3ff1ca2199-stylesheet.css
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-7519c6ccf95c15f7b058689b2494e3a0-stylesheet.css
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-be725634fb3e36084653f446e54059d9-stylesheet.css
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-10e58329f468f909b89e47d20587c8d2-stylesheet.css
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
css-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-10e58329f468f909b89e47d20587c8d2-stylesheet.css
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
css-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-948924886497e8c9cb279f3ff1ca2199-stylesheet.css
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
css-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-be725634fb3e36084653f446e54059d9-stylesheet.css
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
css-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-7519c6ccf95c15f7b058689b2494e3a0-stylesheet.css
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://www.googletagmanager.com/gtag/js?id=UA-41172916-1
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/Badges/nitro-min-DMCABadgeHelper.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/link-whisper-premium/js/nitro-min-53b20d3ce475b0ea9ede75d4fa3f7ee3.frontend.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/themes/generatepress/assets/js/nitro-min-583f5ec2b31cb9db1bb70d57d5d82d8e.menu.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/jquery/nitro-min-af6cb5bfb91ce2d78377e57c8d18ffc0.jquery.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/jquery/nitro-min-d6171631e2919215b5e490dc93564c56.jquery-migrate.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/lib/smartmenus/nitro-min-f269e9a3a80059942775a9c8c2131b2c.jquery.smartmenus.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/optinmonster/assets/dist/js/nitro-min-0ad8a8c71f5aa35026f6a3a56698c716.helper.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.webpack-pro.runtime.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.webpack.runtime.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.frontend-modules.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/dist/vendor/nitro-min-39373f825d7812e4c0eff141ce43ad5b.regenerator-runtime.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/dist/vendor/nitro-min-2c7cef87d91a8c32817cef0915f9141b.wp-polyfill.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/dist/nitro-min-cbb5d1e91b9a8417d86bfeb314daa78c.hooks.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/dist/nitro-min-771a52b4530a27e460955a3b4445cf21.i18n.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.frontend.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/lib/waypoints/nitro-min-05dab1e7174ef3cb7c002a1ae16cb972.waypoints.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/jquery/ui/nitro-min-0028783c6c3493afecf62f0ca754461e.core.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/lib/swiper/nitro-min-48f52d9cf783a7c8e9223b6108c784e9.swiper.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/lib/share-link/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.share-link.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/lib/dialog/nitro-min-d2271a11f9042b5f0bf3141b56dba4ea.dialog.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.frontend.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.preloaded-elements-handlers.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.preloaded-modules.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/lib/sticky/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.jquery.sticky.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/Badges/nitro-min-DMCABadgeHelper.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/themes/generatepress/assets/js/nitro-min-583f5ec2b31cb9db1bb70d57d5d82d8e.menu.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/optinmonster/assets/dist/js/nitro-min-0ad8a8c71f5aa35026f6a3a56698c716.helper.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/link-whisper-premium/js/nitro-min-53b20d3ce475b0ea9ede75d4fa3f7ee3.frontend.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/jquery/nitro-min-d6171631e2919215b5e490dc93564c56.jquery-migrate.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/jquery/nitro-min-af6cb5bfb91ce2d78377e57c8d18ffc0.jquery.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.webpack-pro.runtime.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/lib/smartmenus/nitro-min-f269e9a3a80059942775a9c8c2131b2c.jquery.smartmenus.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/dist/nitro-min-cbb5d1e91b9a8417d86bfeb314daa78c.hooks.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.frontend.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/dist/vendor/nitro-min-39373f825d7812e4c0eff141ce43ad5b.regenerator-runtime.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/lib/waypoints/nitro-min-05dab1e7174ef3cb7c002a1ae16cb972.waypoints.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/dist/nitro-min-771a52b4530a27e460955a3b4445cf21.i18n.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.frontend.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.preloaded-elements-handlers.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.webpack.runtime.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.frontend-modules.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/jquery/ui/nitro-min-0028783c6c3493afecf62f0ca754461e.core.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/lib/swiper/nitro-min-48f52d9cf783a7c8e9223b6108c784e9.swiper.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/dist/vendor/nitro-min-2c7cef87d91a8c32817cef0915f9141b.wp-polyfill.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/lib/share-link/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.share-link.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/lib/dialog/nitro-min-d2271a11f9042b5f0bf3141b56dba4ea.dialog.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.preloaded-modules.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/lib/sticky/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.jquery.sticky.min.js
worker info URL: blob:https://trumpexcel.com/e45d1c9e-9939-4672-94a4-babccc7e49fc
Message:
js-preload DONE: https://www.googletagmanager.com/gtag/js?id=UA-41172916-1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

51b4e5f689efcbfeec15f5cd229d88f7.safeframe.googlesyndication.com
ads.adthrive.com
adservice.google.com
c.amazon-adsystem.com
cdn-adclh.nitrocdn.com
cdn.id5-sync.com
cdn.jwplayer.com
confiant-integrations.global.ssl.fastly.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id5-sync.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
logger.adthrive.com
pagead2.googlesyndication.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
to.getnitropack.com
tpc.googlesyndication.com
trumpexcel.com
www.google.com
www.googletagservices.com
www.gstatic.com
108.138.128.58
108.139.47.108
13.35.93.23
138.199.40.58
141.95.33.111
141.95.98.67
143.204.150.76
151.101.129.194
162.159.135.42
2001:41d0:701:1000::31d2
2600:9000:2209:f400:1:a3fa:7cc0:93a1
2606:4700:10::6816:3456
2606:4700::6812:1690
2607:f8b0:4006:806::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80f::2004
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::2001
2607:f8b0:4006:820::2002
2607:f8b0:4006:824::2003
02b6a8faa1fefd9d858b5978442a78c7b843439a36e4dad2716cb7102816d6c0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
13ac965ab2eed0b05074f6ff30e2ceb137cebbf1d05c8ed28f4d292abed77aac
13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
170f12b5bbd23597e92cf383a97e18d9794c6d0b4aca2505b099395371b752fa
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18b1c904b1d84561f2b0a9661f29e1b2cb868bf8485b42c3331eb8e814adb3ca
1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048
3303ed47a5f82f811c9a0334a51e739f5fedb2ec5fd3b36ea979678a27444cf2
3cbd9954ea4cd024c05f38f1c0ed9d3a3f9d06190c562a4bc18ebc67a77d39e0
42cf602223e8e330ae55c65f6d1fc70dbe0c53dc6460c5165afca450d170491c
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b
468718a583ec98edb242b85a424558fd63ceac3a8c1ff6a76bbf473b857481c4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f33f9ae2f57bec67c40bc4dc511f4a7f667d61e06fb09b863d65e8ef52fd03b
54878e221571bb644ba889df9595eb65cb1cd1e22ffc91742faf05c2c0d56fe6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c97280fc5760a54ee79050652b58ee6e92398e55152d74db639c6401bfffab7
6032b35c76c15afc4695bd81e9e98880f4b422bbb294640300b946d1b7907d4b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68654b239b1864c5942df93e0b380df6656eb6e50a2f49df895aeaefb1e801c9
6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
7a0829f65b5378d1b0e2da444ff32f73343984c4e21342f5a7a0f3b9abe5c9c0
7f53003a9dec4dcf04a1ba5b191a59c9b36e75d22ced9124bfd9afe80ccd1f39
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
92edabc3677b33ef8128054f009aa9a7c81d62bb7b70367628d4a385edb789a0
93b795eb97f8855c857fe00bd26e590b0470b408eb2b68401004b714df42ee2e
96ee89715a14ae5e41e5a17cfa34b6bcf0ed20224fd4ce9c33900b973b7b4cbb
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
a63506fb420990f57b718352691d603bd8c4574bd1182dd2f274fe276b83493d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a9354b6b6b17865bf3aa82782782e884a2608b14853f0410a4bb73f53f1075d2
b45bde92983e8325a8f26ed9d2a84f8793a1ee0960235962c30e33c507ab246a
b7ac62c9dfe9ae58e546561ef67134839e1ec3a2cad82069850907c5384b8aa6
b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
bd00b18fa62903872d7dc9e6e084c119c8b64e09a397176120dc7673cd1ea251
bed332f8784cd98e453089a3172ee466b1e55beae5d0d5c31de9e9e544df39b2
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d49f86aa1c08d478f21f12f74d33020854eb050366ae9ed69b5d898de32821c1
d5eacfbef6e883869dcd7bed5e4891901909e463e88fca88ce67e9c90018666f
d682c9d1780beadfc813d152d9965573164e614c17c10f2d9c41e11e342f4058
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
dcb53fc2b043c569dba95e27a0219c282b12689e4b231910e947817723ae3b03
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
e058dedd6c6a83c5b552e3706c2c7080b898478ed69e37ad8e20cc72a267fb57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e36c07f23a75230412effbd59a96413166caee17aa1bed688b50afcf2527e6
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
f232f048ad9d6ed3d50cb25c78e1dc88746f09e71bb65df54f47668bf9ed0561
f62599e2b5c41a6b3c7161cf72107ac8c3aa6ea9a30d9eb9e58e2eed798d37e7