urlscan.io logo urlscan.io
SecurityTrails logo

trumpexcel.com Open in urlscan Pro
162.159.135.42  Public Scan

Go To Rescan Add Verdict Report
URL: https://trumpexcel.com/
Submission: On October 05 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 4 countries across 17 domains to perform 73 HTTP transactions. The main IP is 162.159.135.42, located in Shahr, Iran, Islamic Republic Of and belongs to CLOUDFLARENET, US. The main domain is trumpexcel.com. The Cisco Umbrella rank of the primary domain is 293014.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 7th 2022. Valid for: a year.
This is the only time trumpexcel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 162.159.135.42 13335 (CLOUDFLAR...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
9 13.32.208.70 16509 (AMAZON-02)
7 2607:f8b0:400... 15169 (GOOGLE)
1 138.199.40.58 60068 (CDN77 ^_^)
3 13.249.37.223 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
2 108.138.128.76 16509 (AMAZON-02)
1 2600:9000:220... 16509 (AMAZON-02)
1 3 18.164.96.83 16509 (AMAZON-02)
2 151.101.193.194 54113 (FASTLY)
7 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
8 2607:f8b0:400... 15169 (GOOGLE)
1 141.95.98.66 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
1 3 2607:f8b0:400... 15169 (GOOGLE)
1 141.95.33.111 16276 (OVH)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
73 24
1    162.159.135.42 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
trumpexcel.com
8    2606:4700::6812:1690 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-adclh.nitrocdn.com
9    13.32.208.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-208-70.iad66.r.cloudfront.net
ads.adthrive.com
7    2607:f8b0:4006:821::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    138.199.40.58 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-40-58.datapacket.com
to.getnitropack.com
3    13.249.37.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-37-223.iad89.r.cloudfront.net
c.amazon-adsystem.com
5    2607:f8b0:4006:80c::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    108.138.128.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-76.jfk50.r.cloudfront.net
logger.adthrive.com
1    2600:9000:2209:b400:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
3    18.164.96.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-83.jfk50.r.cloudfront.net
sb.scorecardresearch.com
2    151.101.193.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
7    2607:f8b0:4006:821::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
pagead2.googlesyndication.com
www.googletagservices.com
1    2607:f8b0:4006:81f::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2607:f8b0:4006:820::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)
329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
8    2607:f8b0:4006:80b::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    141.95.98.66 (France)

ASN16276 (OVH, FR)
PTR: ns3216537.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    2001:41d0:701:1000::2fb3 (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
3    2607:f8b0:4006:822::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
2    2607:f8b0:4006:81e::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2607:f8b0:4006:80c::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:4006:816::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
15 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 170
88 KB
11 adthrive.com
ads.adthrive.com — Cisco Umbrella Rank: 6467
logger.adthrive.com — Cisco Umbrella Rank: 6908
274 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
137 KB
8 nitrocdn.com
cdn-adclh.nitrocdn.com — Cisco Umbrella Rank: 315988
282 KB
7 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
209 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 136
www.google.com — Cisco Umbrella Rank: 19
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
3 KB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 391
47 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
2 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1743
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1864
556 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1477
id5-sync.com — Cisco Umbrella Rank: 642
17 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 2022
142 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 228
44 KB
1 google.ca
adservice.google.ca — Cisco Umbrella Rank: 14059
792 B
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2766
517 B
1 getnitropack.com
to.getnitropack.com — Cisco Umbrella Rank: 26539
469 B
1 trumpexcel.com
trumpexcel.com — Cisco Umbrella Rank: 293014
58 KB
73 17
Domain Requested by
9 ads.adthrive.com trumpexcel.com
ads.adthrive.com
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
trumpexcel.com
329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com
8 cdn-adclh.nitrocdn.com trumpexcel.com
7 fonts.gstatic.com trumpexcel.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
trumpexcel.com
5 securepubads.g.doubleclick.net ads.adthrive.com
securepubads.g.doubleclick.net
3 www.gstatic.com trumpexcel.com
329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com
3 www.google.com 1 redirects tpc.googlesyndication.com
trumpexcel.com
3 sb.scorecardresearch.com 1 redirects ads.adthrive.com
3 c.amazon-adsystem.com ads.adthrive.com
c.amazon-adsystem.com
2 googleads.g.doubleclick.net 329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com
2 fonts.googleapis.com 329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com
trumpexcel.com
2 329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 confiant-integrations.global.ssl.fastly.net ads.adthrive.com
confiant-integrations.global.ssl.fastly.net
2 logger.adthrive.com ads.adthrive.com
1 www.googletagservices.com trumpexcel.com
1 id5-sync.com cdn.id5-sync.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.id5-sync.com trumpexcel.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.ca securepubads.g.doubleclick.net
1 cdn.jwplayer.com ads.adthrive.com
1 to.getnitropack.com trumpexcel.com
1 trumpexcel.com
73 25

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
app.monstercampaigns.com
www.dmca.com
Subject Issuer Validity Valid
trumpexcel.com
Cloudflare Inc ECC CA-3		 2022-08-07 -
2023-08-07		 a year crt.sh
nitrocdn.com
Cloudflare Inc ECC CA-3		 2022-09-02 -
2022-12-01		 3 months crt.sh
*.adthrive.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.getnitropack.com
Thawte RSA CA 2018		 2022-01-06 -
2023-01-06		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
jwplayer.com
Amazon		 2021-12-29 -
2023-01-25		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
*.google.ca
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://trumpexcel.com/
Frame ID: C21D079B2829AAAB2CFB75604D4AF038
Requests: 51 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/5712637/html/topics.html
Frame ID: D5C69A0FCDFAE721E4A470EB71900EF6
Requests: 1 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/5712637/html/rnf.html
Frame ID: 033D2AD928E582F413900D3C8DC19362
Requests: 1 HTTP requests in this frame

Frame: https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 30D49BC4DD6600228BCEBC1F2DA3809B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DE514374C67A0D19D426990759E36302
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AD84F4701F145DF8974646AD8E6FDA5F
Requests: 2 HTTP requests in this frame

Frame: https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 67BCA1EBF290A40EFF0D2B09F0C71589
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 9BBC19D7A68EBACD6077A7201A92774D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 219AD2A707BCC29ECBB0EABCB4A35FF0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Frame ID: 909722A4E1EFD636306C9022BF574133
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FREE Online Excel Training – Video Course for Beginners

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link [^>]*href=(?:"|')[^"']*elementor/assets
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

73
Requests

97 %
HTTPS

61 %
IPv6

17
Domains

25
Subdomains

24
IPs

4
Countries

1308 kB
Transfer

4445 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://sb.scorecardresearch.com/b?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1664932698536&ns_c=UTF-8&c7=https%3A%2F%2Ftrumpexcel.com%2F&c8=FREE%20Online%20Excel%20Training%20%E2%80%93%20Video%20Course%20for%20Beginners&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1664932698536&ns_c=UTF-8&c7=https%3A%2F%2Ftrumpexcel.com%2F&c8=FREE%20Online%20Excel%20Training%20%E2%80%93%20Video%20Course%20for%20Beginners&c9=
Request Chain 71
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
trumpexcel.com/ 		302 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09aa2038afaa998e16a5d7f63cd5b38355cabf96a30db040c59293465423182d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Mobile
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7552528d0f8a54c1-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 05 Oct 2022 01:18:17 GMT
ki-cache-type
None
ki-cf-cache-status
BYPASS
ki-edge
v=17.8
link
<https://cdn-adclh.nitrocdn.com>; rel=preconnect, <https://trumpexcel.com/wp-json/>; rel="https://api.w.org/", <https://trumpexcel.com/wp-json/wp/v2/pages/14497>; rel="alternate"; type="application/json", <https://trumpexcel.com/>; rel=shortlink
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nhm8V%2BJcYl7nHNEph9RIa0jTEls91M1ZqA%2Btf%2BiyE7eY%2FJ7dGHFxbQMvrrRohEjp0OqYj5FbJZdUuceQg8804KA7gS9%2BZpm8un0p8Ty2zXEgyfSf84iK95bpEnTXOPJN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, user-agent
x-cache-ctime
1664882813
x-content-type-options
nosniff
x-edge-location-klb
1
x-kinsta-cache
MISS
x-nitro-cache
HIT
x-nitro-cache-from
drop-in
x-nitro-rev
4fa602f
fa-solid-900.woff2
cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/source/rev-4fa602f/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/source/rev-4fa602f/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:17 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 04:26:19 GMT
server
cloudflare
age
1628638
etag
"6323faeb-1321e"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
7552528e4cac7145-YUL
link
<https://trumpexcel.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2>; rel="canonical"
content-length
78196
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ads.min.js
ads.adthrive.com/sites/5cab42e1b13d6c3ef8c7c9cc/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/5cab42e1b13d6c3ef8c7c9cc/ads.min.js?referrer=https%3A%2F%2Ftrumpexcel.com%2F&cb=28
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-70.iad66.r.cloudfront.net
Software
CloudFront /
Resource Hash
abb37192e7d0f458a93755596466ca077948e8bc802c1b2eaca112cbf7d903e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

adthrive-bucket
prod
date
Tue, 04 Oct 2022 22:39:53 GMT
content-encoding
gzip
via
1.1 3a7c02063c5f3d8ad13db0f8e016ccc2.cloudfront.net (CloudFront)
adthrive-deployment
stable
x-amz-cf-pop
IAD66-C1
age
9504
adthrive-commit
5712637
x-cache
Hit from cloudfront
content-length
17762
adthrive-gdpr
false
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=86400
x-amz-cf-id
no2zv4YjPZTnUEWlfBrKeGi9ixjxXo2o-9QnJ5TSwJNe5J1xHpt2hw==
170f631d-ba89-4bf9-8007-7cb7b13b10b5
https://trumpexcel.com/ 		824 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a0829f65b5378d1b0e2da444ff32f73343984c4e21342f5a7a0f3b9abe5c9c0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length
824
Content-Type
text/javascript
truncated
/ 		91 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d49f86aa1c08d478f21f12f74d33020854eb050366ae9ed69b5d898de32821c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		91 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d682c9d1780beadfc813d152d9965573164e614c17c10f2d9c41e11e342f4058

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
abd.js
ads.adthrive.com/abd/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/abd/abd.js
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-70.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
os8MwQFHVWjrrk14iP4Ip4gSDo8pMj4I
content-encoding
br
via
1.1 87f435824e071614a6eded8da925c802.cloudfront.net (CloudFront)
date
Wed, 05 Oct 2022 00:30:35 GMT
x-amz-cf-pop
IAD66-C1
age
2863
x-cache
Hit from cloudfront
last-modified
Tue, 06 Sep 2022 21:10:57 GMT
server
AmazonS3
etag
W/"1a1900d242621b126237113a25ab0ab3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
zeZyOgkbVB6x-6bBGYrWlADmEfzNoTg8gGPC5HSdu7cbZkl_qYYh1A==
QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:33:34 GMT
x-content-type-options
nosniff
age
74683
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47800
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 04:33:34 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:32:27 GMT
x-content-type-options
nosniff
age
539150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11040
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 19:32:27 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:31:53 GMT
x-content-type-options
nosniff
age
539184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11028
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 19:31:53 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 06:34:51 GMT
x-content-type-options
nosniff
age
67406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14148
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 06:34:51 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:32:29 GMT
x-content-type-options
nosniff
age
539148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11072
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 19:32:29 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:15:34 GMT
x-content-type-options
nosniff
age
57763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13976
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:50:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 09:15:34 GMT
TrumpExcel-Logo-Online-Excel-Tips-Tricks-oyfxtw7p1udmps67cqb07c8xljsj6v7issl2nne5gg.png
cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/uploads/elementor/thumbs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/uploads/elementor/thumbs/TrumpExcel-Logo-Online-Excel-Tips-Tricks-oyfxtw7p1udmps67cqb07c8xljsj6v7issl2nne5gg.png
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9354b6b6b17865bf3aa82782782e884a2608b14853f0410a4bb73f53f1075d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:17 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 04:26:15 GMT
server
cloudflare
age
1628638
etag
"6323fae7-713"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
7552528f186f4bd7-YUL
link
<https://trumpexcel.com/wp-content/uploads/elementor/thumbs/TrumpExcel-Logo-Online-Excel-Tips-Tricks-oyfxtw7p1udmps67cqb07c8xljsj6v7issl2nne5gg.png>; rel="canonical"
content-length
1610
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Free-Excel-Training-Image-Background-blue-Homepage.png
cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/uploads/2018/06/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/uploads/2018/06/Free-Excel-Training-Image-Background-blue-Homepage.png
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd00b18fa62903872d7dc9e6e084c119c8b64e09a397176120dc7673cd1ea251

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:17 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 04:26:26 GMT
server
cloudflare
etag
"6323faf2-3123"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
7552528f18734bd7-YUL
link
<https://trumpexcel.com/wp-content/uploads/2018/06/Free-Excel-Training-Image-Background-blue-Homepage.png>; rel="canonical"
content-length
12420
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
marmalade
ads.adthrive.com/api/v1/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v1/marmalade?siteid=5cab42e1b13d6c3ef8c7c9cc&url=https%3A%2F%2Ftrumpexcel.com%2F&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5cab42e1b13d6c3ef8c7c9cc/ads.min.js?referrer=https%3A%2F%2Ftrumpexcel.com%2F&cb=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-70.iad66.r.cloudfront.net
Software
/
Resource Hash
5228ec9845198487ecd7e4f386f40914b2e5dfc3096a11ccbbe3bbf867d4ae61

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
adthrive-is-ios
0
content-encoding
br
via
1.1 87f435824e071614a6eded8da925c802.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
x-amzn-requestid
f6dfb923-6de0-491a-b00b-8ca09b97e9c5
x-amzn-trace-id
Root=1-633cdb59-401d22cc5a1caf48769c2a12;Sampled=0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-apigw-id
Zgc2AFC_IAMFUYQ=
x-amz-cf-id
2LUOry-OXaLaffzkcGdrGQNE6FWKY7U0C-VMVW0jmY8_91c2tL7Zow==
adthrive-is-chrome
1
trumpexcel.com
ads.adthrive.com/api/v2/host/floors/ 		2 KB
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v2/host/floors/trumpexcel.com
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5cab42e1b13d6c3ef8c7c9cc/ads.min.js?referrer=https%3A%2F%2Ftrumpexcel.com%2F&cb=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-70.iad66.r.cloudfront.net
Software
/
Resource Hash
fdcc5b938c50287e7d89b36660533a606fa5d938078f72df5ad179b5832b6fd6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:04:30 GMT
content-encoding
br
via
1.1 87f435824e071614a6eded8da925c802.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
age
827
x-amzn-trace-id
Root=1-633cd81e-313f97920f1ce67d7c276073;Sampled=0
x-amzn-requestid
33aaab82-95f2-42fd-9b37-dac616c1ff3a
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
Zga0uFYvIAMFVEQ=
x-amz-cf-id
_ah4AlpM5srXenma1szfcKT-mxcPNbS8zXJSK01Jzi4dlR6GYmwL0Q==
adthrive.min.js
ads.adthrive.com/builds/core/5712637/es2018/js/ 		505 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/5712637/es2018/js/adthrive.min.js?deployment=stable&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5cab42e1b13d6c3ef8c7c9cc/ads.min.js?referrer=https%3A%2F%2Ftrumpexcel.com%2F&cb=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-70.iad66.r.cloudfront.net
Software
CloudFront /
Resource Hash
5f7137987b9f9a8b1639b56f77ad9eb3f7ab28733791e39c760c77a81a1aca92

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 21:59:19 GMT
content-encoding
gzip
via
1.1 3a7c02063c5f3d8ad13db0f8e016ccc2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD66-C1
age
11938
etag
"58a38d0dd4c8f7a835883e719073756b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600, s-maxage=86400
content-length
123378
x-amz-cf-id
kOxY8qSfVifSj9KzFIkoHNKHerlS3fSfjOK5l8JWQQYUfTYekSBK-w==
/
to.getnitropack.com/ 		20 B
469 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://to.getnitropack.com/
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 / PHP/7.3.33
Resource Hash
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://trumpexcel.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryd0q6m5VyfXeDTSCx

Response headers

date
Wed, 05 Oct 2022 01:18:17 GMT
content-encoding
none
strict-transport-security
max-age=15724800; includeSubDomains
cdn-edgestorageid
885
x-powered-by
PHP/7.3.33
cdn-cachedat
10/05/2022 01:18:17
cdn-pullzone
234442
content-length
20
server
BunnyCDN-NY-885
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cdn-uid
b7e07321-6c82-48dc-b332-ec6b5d5d2a32
cache-control
public, max-age=0
cdn-requestid
00fd86a731493873f57046aaeb2cf37a
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
topics.html
ads.adthrive.com/builds/core/5712637/html/ Frame D5C6 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/5712637/html/topics.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/5712637/es2018/js/adthrive.min.js?deployment=stable&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-70.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5eacfbef6e883869dcd7bed5e4891901909e463e88fca88ce67e9c90018666f

Request headers

Referer
https://trumpexcel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1136
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Wed, 05 Oct 2022 00:59:23 GMT
etag
W/"1661ff0474b820ed2e9fbc7cd72a6c9a"
last-modified
Tue, 04 Oct 2022 17:36:57 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 3a7c02063c5f3d8ad13db0f8e016ccc2.cloudfront.net (CloudFront)
x-amz-cf-id
CGhxGph5k7jT_6BZPT1j6SdjTBdRfGzToNbh7-CQNUcm1B4nwOt8OQ==
x-amz-cf-pop
IAD66-C1
x-amz-version-id
P8Gp0azspeUR4ySHKjeJbLyqbwEGb._Q
x-cache
Hit from cloudfront
prebid.min.js
ads.adthrive.com/builds/core/5712637/vendor/prebid/es2018/ 		476 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/5712637/vendor/prebid/es2018/prebid.min.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/5712637/es2018/js/adthrive.min.js?deployment=stable&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-70.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
170f12b5bbd23597e92cf383a97e18d9794c6d0b4aca2505b099395371b752fa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
G4HWr7dI8FrxXdnKueyWWChIdnbPE2Wn
content-encoding
br
via
1.1 3a7c02063c5f3d8ad13db0f8e016ccc2.cloudfront.net (CloudFront)
date
Wed, 05 Oct 2022 00:59:19 GMT
last-modified
Tue, 04 Oct 2022 17:31:56 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
age
1140
etag
W/"228ecc90cd821a5acb87f6f7ca5bff49"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
MsXT_kCjuJzXvkb4ulCJcGb0ekTKsjfRFu0oaFvVeQyMkdoHzBAVgA==
apstag.js
c.amazon-adsystem.com/aax2/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/5712637/es2018/js/adthrive.min.js?deployment=stable&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.37.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-37-223.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 00:44:39 GMT
content-encoding
gzip
via
1.1 adb1632aa800f446f3f4e7b45c9dfd3e.cloudfront.net (CloudFront), 1.1 7f7e359e1c06a914d3d305785359b84c.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:37 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, IAD89-C1
age
2020
x-amz-server-side-encryption
AES256
etag
W/"0b4d277527066dd35dd7c0288cb596b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
4Km-MUj20Pr37FSC8Ieg0pie1mJiImpo1wYasFuPTmmb54PsgNvkxA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/5712637/es2018/js/adthrive.min.js?deployment=stable&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34e0b9d5fc2c43bfda6e480883e48577d8bc1268972fe993eeb1d303d29ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27717
x-xss-protection
0
server
sffe
etag
"1354 / 63 of 1000 / last-modified: 1664921228"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 05 Oct 2022 01:18:18 GMT
nitro-min-noimport-948924886497e8c9cb279f3ff1ca2199-stylesheet.css
cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-948924886497e8c9cb279f3ff1ca2199-stylesheet.css
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93b795eb97f8855c857fe00bd26e590b0470b408eb2b68401004b714df42ee2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 04:26:15 GMT
server
cloudflare
age
1628638
etag
W/"6323fae7-15db2"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
755252931f2f4bd7-YUL
link
<https://trumpexcel.com/combinedCss/948924886497e8c9cb279f3ff1ca2199-stylesheet.css>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-noimport-7519c6ccf95c15f7b058689b2494e3a0-stylesheet.css
cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-7519c6ccf95c15f7b058689b2494e3a0-stylesheet.css
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96ee89715a14ae5e41e5a17cfa34b6bcf0ed20224fd4ce9c33900b973b7b4cbb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 04:26:15 GMT
server
cloudflare
age
1628638
etag
W/"6323fae7-89e6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
755252931f334bd7-YUL
link
<https://trumpexcel.com/combinedCss/7519c6ccf95c15f7b058689b2494e3a0-stylesheet.css>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-noimport-be725634fb3e36084653f446e54059d9-stylesheet.css
cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/ 		831 KB
93 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-be725634fb3e36084653f446e54059d9-stylesheet.css
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f53003a9dec4dcf04a1ba5b191a59c9b36e75d22ced9124bfd9afe80ccd1f39

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Sep 2022 09:28:31 GMT
server
cloudflare
age
1
etag
W/"6336b6bf-cfe64"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
755252932f364bd7-YUL
link
<https://trumpexcel.com/combinedCss/be725634fb3e36084653f446e54059d9-stylesheet.css>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-noimport-10e58329f468f909b89e47d20587c8d2-stylesheet.css
cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-10e58329f468f909b89e47d20587c8d2-stylesheet.css
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3303ed47a5f82f811c9a0334a51e739f5fedb2ec5fd3b36ea979678a27444cf2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 24 Sep 2022 22:18:08 GMT
server
cloudflare
age
1
etag
W/"632f8220-49a9"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
755252932f384bd7-YUL
link
<https://trumpexcel.com/combinedCss/10e58329f468f909b89e47d20587c8d2-stylesheet.css>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rnf.html
ads.adthrive.com/builds/core/5712637/html/ Frame 033D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/5712637/html/rnf.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/5712637/es2018/js/adthrive.min.js?deployment=stable&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-70.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f62599e2b5c41a6b3c7161cf72107ac8c3aa6ea9a30d9eb9e58e2eed798d37e7

Request headers

Referer
https://trumpexcel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1136
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Wed, 05 Oct 2022 00:59:23 GMT
etag
W/"84f0663b2129be4891408cc7b5359b48"
last-modified
Tue, 04 Oct 2022 17:36:57 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 3a7c02063c5f3d8ad13db0f8e016ccc2.cloudfront.net (CloudFront)
x-amz-cf-id
GK5JonaAQXo17-KY6nDk-Xmlsh0PrGNktZ2iNiAp75SuAlpH5utANA==
x-amz-cf-pop
IAD66-C1
x-amz-version-id
uxhKUeotFLZnWXVv73u2b1HiUdbxpqp6
x-cache
Hit from cloudfront
event
logger.adthrive.com/ 		21 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/event?siteId=5cab42e1b13d6c3ef8c7c9cc&siteName=Trump%20Excel&bucket=prod&branch=5712637&deployment=stable&message=RecencyAndFrequncyIFrameManager%3A%3ArecencyFrequencyIframeAdded&pageurl=https%3A%2F%2Ftrumpexcel.com%2F&body=%5B%5D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/5712637/es2018/js/adthrive.min.js?deployment=stable&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-76.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 17:29:13 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
28145
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
Du4fGqit4aMXyCv4AK4wCtnyE9fRo5fbgEdWrn3XzKZ2F2K3TiW1Nw==
pubads_impl_2022092801.js
securepubads.g.doubleclick.net/gpt/ 		377 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d74aacbaed4132cc593f2f2ab77bfc980733ad393dee2a722757d29d0eec941f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
379
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130694
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 08:38:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 05 Oct 2023 01:11:59 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		139 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=trumpexcel.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcb53fc2b043c569dba95e27a0219c282b12689e4b231910e947817723ae3b03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105
x-xss-protection
0
expires
Wed, 05 Oct 2022 01:18:18 GMT
NlgHb79N
cdn.jwplayer.com/v2/playlists/ 		163 B
517 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/NlgHb79N
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/5712637/es2018/js/adthrive.min.js?deployment=stable&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:b400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
79ee9b9f52f3e1a50f05a218e9f350ebc7c6e136f04b726497ca599d79de47e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:17:10 GMT
content-encoding
gzip
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
age
68
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
content-length
161
x-amz-cf-id
pBlBbKR8kdymEpXPkKA8k5flXlPoHFpelwNFAxiR3lgteGMD1pH7hw==
expires
Wed, 05 Oct 2022 01:20:10
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/5712637/es2018/js/adthrive.min.js?deployment=stable&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-83.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 02:40:37 GMT
content-encoding
gzip
via
1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
81462
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
sD9lFn1fT25MbPaLHpplTADP4DubOGW1_Y_1l1Nxgu9zwbZGAqSmgg==
config.js
confiant-integrations.global.ssl.fastly.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/ 		384 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/5712637/es2018/js/adthrive.min.js?deployment=stable&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
beb74a04ac76ab96f7d84ed9f76aee4d4dd581f80b8db86a9ec2ab2c10d1b5d8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 01:18:18 GMT
Content-Encoding
gzip
Via
1.1 varnish
x-amz-request-id
EYAHBN3KX7JD4WB0
Age
32
X-Cache
HIT
Connection
keep-alive
Content-Length
81135
x-amz-id-2
c/rRqdlw3y4tGrDYQRJ0Brlbmzjaqe5AUzPUN3zCx03W41nstYacaRlwYxUlXVmf0nVNgEhlw5w=
X-Served-By
cache-yul12828-YUL
Last-Modified
Tue, 04 Oct 2022 23:43:44 GMT
Server
AmazonS3
X-Timer
S1664932698.344887,VS0,VE0
ETag
"38ac19841529105ee0f4ca68b7e63dac"
Content-Type
text/javascript
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
34
event
logger.adthrive.com/ 		21 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/event?siteId=5cab42e1b13d6c3ef8c7c9cc&siteName=Trump%20Excel&bucket=prod&branch=5712637&deployment=stable&message=VideoManagerComponent%3A%3AnoStickyPlaylistOrSekindo&pageurl=https%3A%2F%2Ftrumpexcel.com%2F&body=%5B%7B%22vendor%22%3A%22none%22%2C%22device%22%3A%22desktop%22%2C%22isDesktop%22%3A%22desktop%22%7D%2C%7B%22abgroup%22%3A%7B%22delload%22%3A%22on%22%2C%22deftimer2%22%3A%22500%22%2C%22amzn%22%3A%22on%22%2C%22wvtls%22%3A%22off%22%2C%22tpcapi%22%3A%22on%22%2C%22amzn_hold_load%22%3A%22off%22%2C%22flr%22%3A%22cm%22%2C%22lzflr%22%3A%2270%22%2C%22inters%22%3A%22adx%22%2C%22ebho%22%3A%22verizon_ebda%22%2C%22loglevel%22%3A%22off%22%2C%22idho%22%3A%22off%22%2C%22lzhb%22%3A%22on%22%2C%22lzcvp%22%3A%220.75%22%2C%22lzbpvp%22%3A%220.75%22%2C%22tripleliftdr%22%3A%22both%22%2C%22magnitedr%22%3A%22both%22%2C%22pbs2s_appnexus%22%3A%22off%22%2C%22pbs2s_grid%22%3A%22on%22%2C%22pbs2s_gumgum%22%3A%22off%22%2C%22pbs2s_openx%22%3A%22off%22%2C%22adt%22%3A%220%22%2C%22ito_ds%22%3A%222800%22%2C%223pho%22%3A%22none%22%2C%22vebho%22%3A%22sonobi_ebda%22%2C%22cbt%22%3A%224s%22%2C%22vast_to%22%3A%225s%22%2C%22proto%22%3A%22nv1%22%2C%22pbm%22%3A%22on%22%2C%22reqTo%22%3A%2215%22%2C%22vadv%22%3A%22on%22%2C%22smhd100%22%3A%22off%22%2C%22smad300%22%3A%22on%22%2C%22s2sbuff%22%3A%22off%22%2C%22coldr%22%3A%22both%22%2C%22rmos1%22%3A%22off%22%2C%22socon%22%3A%221.5%22%2C%22sab%22%3A%22on%22%2C%22dco%22%3A%22relaxed%22%2C%22mxrpog%22%3A%226%22%2C%22dajto%22%3A%22off%22%2C%22jwb%22%3A%22on%22%2C%22vpred_1%22%3A%2290%22%2C%22crtvmon%22%3A%22on%22%2C%22pba%22%3A%22none%22%2C%22amzn_hold_disp%22%3A%22on%22%2C%22bmetrics%22%3A%22on%22%2C%22confiant%22%3A%22prod%22%2C%22cnfep%22%3A%22on%22%2C%22refflr2%22%3A%221.2%22%2C%22refvidflr%22%3A%221%22%2C%22socbe%22%3A%22sovpct2%22%2C%22logcls%22%3A%22off%22%2C%22sidp%22%3A%22off%22%2C%22rebuildslot%22%3A%22on%22%2C%22upl%22%3A%22off%22%2C%22sekho%22%3A%22off%22%2C%22sospp%22%3A%22on%22%7D%2C%22sess%22%3A%2201GEJVHP4M216GQ4TSKXHNG8R9%22%2C%22pvk%22%3A%2201GEJVHP4MWY5YP4YB1A4QS06E%22%2C%22hbho%22%3A%5B%22nativo%22%5D%2C%22vbho%22%3A%5B%22none%22%5D%2C%22lmdv%22%3A%221.9.0%22%2C%22clsBranch%22%3A%225307b21%22%2C%22clsBucket%22%3A%22prod%22%7D%5D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/5712637/es2018/js/adthrive.min.js?deployment=stable&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-76.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 17:29:13 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
28145
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
x2M1ehd0ePpnFE-vwIflQEj6lv5qdLonxgAretGx3wRWZqkFsQE_Yg==
ads.min.css
ads.adthrive.com/sites/5cab42e1b13d6c3ef8c7c9cc/ 		444 B
540 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/5cab42e1b13d6c3ef8c7c9cc/ads.min.css
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/5712637/es2018/js/adthrive.min.js?deployment=stable&experiments=amazonLoad,prebidLoad,gptLoad,rubiconFloors,recencyFrequency,coreExperiments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-70.iad66.r.cloudfront.net
Software
CloudFront /
Resource Hash
68654b239b1864c5942df93e0b380df6656eb6e50a2f49df895aeaefb1e801c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 22:35:35 GMT
content-encoding
gzip
via
1.1 3a7c02063c5f3d8ad13db0f8e016ccc2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD66-C1
age
9763
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600, s-maxage=86400
content-length
229
x-amz-cf-id
3e7QAqPkeB-vqjDt9kvxuE5ibhp6wGl4z64iP6fdK4A0fzu4kG4ZKw==
S6u_w4BMUTPHjxsI5wq_Gwftx9897g.woff2
fonts.gstatic.com/s/lato/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwftx9897g.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bed332f8784cd98e453089a3172ee466b1e55beae5d0d5c31de9e9e544df39b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:26:36 GMT
x-content-type-options
nosniff
age
75102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14904
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 04:26:36 GMT
fa-brands-400.woff2
cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/source/rev-4fa602f/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/source/rev-4fa602f/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer
https://trumpexcel.com/
Origin
https://trumpexcel.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 04:26:29 GMT
server
cloudflare
etag
"6323faf5-12c87"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
75525294ec23ece6-YUL
link
<https://trumpexcel.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2>; rel="canonical"
content-length
76764
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
config
c.amazon-adsystem.com/cdn/prod/ 		385 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftrumpexcel.com&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.37.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-37-223.iad89.r.cloudfront.net
Software
Server /
Resource Hash
a63506fb420990f57b718352691d603bd8c4574bd1182dd2f274fe276b83493d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 21:01:13 GMT
via
1.1 7f7e359e1c06a914d3d305785359b84c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C1
age
15424
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://trumpexcel.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
385
x-amz-cf-id
WmavLyjfGZOk1xQgSplLkuZJdMRiqqqEuqck2sMxzS778ILATWDDZQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.37.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-37-223.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 10:51:57 GMT
x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding
gzip
via
1.1 5195de19cbc5ce842ac6538e9a6850ca.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1
age
51982
x-cache
Hit from cloudfront
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
zsquYChSVR4xNdZYpVVvTppHe3Q3g_Ygu1KFxjhRikGvDV-Uwektag==
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=trumpexcel.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=trumpexcel.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		138 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=606240171554438&correlator=3190199190936108&eid=31068457%2C31069181%2C31069635%2C31070086%2C31068367%2C31067825&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=18190176%3A22499871287%2CAdThrive_Interstitial_1%2C5cab42e1b13d6c3ef8c7c9cc&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=3418438472&sfv=1-0-38&fsbs=1&ists=1&fas=8&fsapi=false&prev_scp=location%3DInterstitial%26sequence%3D1%26id%3DAdThrive_Interstitial_1_desktop%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26hvp%3D80&eri=5&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A135%252Cpmp_elig%253A1%252Cclson%253Atrue%252CclsBranch%253A5307b21%252CclsBucket%253Aprod%252Cintegration%253Aplugin%252Clmdv%253A1.9.0%252Cidp%253Apc%26siteId%3D5cab42e1b13d6c3ef8c7c9cc%26organizationId%3D6233884d7e3b4d7088f7957d%26siteName%3DTrump%2520Excel%26verticals%3DTech%26abgroup%3Ddelload%253Aon%252Cdeftimer2%253A500%252Camzn%253Aon%252Cwvtls%253Aoff%252Ctpcapi%253Aon%252Camzn_hold_load%253Aoff%252Cflr%253Acm%252Clzflr%253A70%252Cinters%253Aadx%252Cebho%253Averizon_ebda%252Cloglevel%253Aoff%252Cidho%253Aoff%252Clzhb%253Aon%252Clzcvp%253A0.75%252Clzbpvp%253A0.75%252Ctripleliftdr%253Aboth%252Cmagnitedr%253Aboth%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_grid%253Aon%252Cpbs2s_gumgum%253Aoff%252Cpbs2s_openx%253Aoff%252Cadt%253A0%252Cito_ds%253A2800%252C3pho%253Anone%252Cvebho%253Asonobi_ebda%252Ccbt%253A4s%252Cvast_to%253A5s%252Cproto%253Anv1%252Cpbm%253Aon%252CreqTo%253A15%252Cvadv%253Aon%252Csmhd100%253Aoff%252Csmad300%253Aon%252Cs2sbuff%253Aoff%252Ccoldr%253Aboth%252Crmos1%253Aoff%252Csocon%253A1.5%252Csab%253Aon%252Cdco%253Arelaxed%252Cmxrpog%253A6%252Cdajto%253Aoff%252Cjwb%253Aon%252Cvpred_1%253A90%252Ccrtvmon%253Aon%252Cpba%253Anone%252Camzn_hold_disp%253Aon%252Cbmetrics%253Aon%252Cconfiant%253Aprod%252Ccnfep%253Aon%252Crefflr2%253A1.2%252Crefvidflr%253A1%252Csocbe%253Asovpct2%252Clogcls%253Aoff%252Csidp%253Aoff%252Crebuildslot%253Aon%252Cupl%253Aoff%252Csekho%253Aoff%252Csospp%253Aon%252Crmosnv1%253Aoff%26bucket%3Dprod%26sens%3Dalc%252Cast%252Ccbd%252Cconl%252Ccosm%252Cdat%252Cdlu%252Cdrg%252Cgamc%252Cgamv%252Cgrq%252Cpol%252Crel%252Csst%252Cssr%252Csrh%252Cske%252Ctob%252Cwtl%26domain%3Dtrumpexcel.com%26plugin%3Dadthrive-ads-2.3.1%26hi_au%3Dod%252Com%26vpwxvph%3D1600x1200%26ri%3D48%26pvk%3D01GEJVHP4MWY5YP4YB1A4QS06E%26sess%3D01GEJVHP4M216GQ4TSKXHNG8R9%26branch%3D5712637%26deployment%3Dstable%26hbho%3Dnativo%26vbho%3Dnone%26gptv%3D2022092801%26sens_off%3Dssr%26connection%3Dniet%253A4g%252Cdl%253A9.6%26fpv%3D1%26mcmp%3DHOME%252CBA_WSKW20%252Ciaba_687%252CBA_NNNP19%26site_code%3DA1844_Desk_45%252CA1849_Desk_60%252CA1849_Desk_70%252CA1849_Phone_60%252CA1854_Desk_58%252CA2144_Desk_41%252CA2144_Desk_47%252CA2144_Phone_41%252CA2144_Phone_47%252CA2549_Desk_49%252CA2549_Phone_49%252CA2554_Desk_58%252CA2554_Phone_58%252CA3554DeskT40%252CA3599_Phone_72%252CAABTY_22%252CAFOI_2020%252CAPIO_2022%252CATZN_2020%252CCARPR_2021%252CCNST_2021%252CDDIG_21%252CDEOI_2021%252CDSVR_2021%252CEXCLAA_19%252CEXFP_2020%252CEXHFCE_2021%252CF1849_Desk_N30%252CFBSPA_2021%252CGLDM_2021%252CHRSH_2021%252CMDIG_21%252CMILKP_2021%252CMINO_2021%252CMIQWO_2022%252CMSFTV_2022%252CMSFTW_2021%252CMSPWL_2021%252CSF_RN_122019%252CTGNAF_21%252CTRGT_022020%252CTYS_062019%252CTYTA_22%252CVITFM_21%252CWLMT_2019%252CYOAC_22%26marmalade%3Dtrue%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1664932698498&dlt=1664932697276&idt=1163&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftrumpexcel.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1339904924.1664932699&ga_sid=1664932699&ga_hid=500181879&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
528c16f98c883e45f6bf873ad3942196d333da8ac2210840068cb8bcfd38cc43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40669
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://trumpexcel.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aea1a86656994832c0df581d89860025b681bb8da793795c5452aa3d45327100
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11121
x-xss-protection
0
container.html
329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 30D4 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 01:18:18 GMT
expires
Thu, 05 Oct 2023 01:18:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022092801.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022092801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32b7afae904111614af9002270ba549d9d316e0355439981a120f05e3b0fa4a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 22:14:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
443019
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13935
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 08:38:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Sep 2023 22:14:39 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
N4C64YTZ6VT36DXM
age
3333
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
755252960f567142-YUL
x-amz-id-2
pIEXmwFUTML0DvmhD3QgoGhJIRt4zw2WqPN4tMxXZH71eq5d1TvEFmM6dL5o35EIFJBt8Ufie+5x2phF9ZyayQ==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1664932698536&ns_c=UTF-8&c7=https%3A%2F%2Ftrumpexcel.com%2F&c8=FREE%20Online%20Excel%20Training%20%E2%80%93%20Vide...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1664932698536&ns_c=UTF-8&c7=https%3A%2F%2Ftrumpexcel.com%2F&c8=FREE%20Online%20Excel%20Training%20%E2%80%93%20Vid...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1664932698536&ns_c=UTF-8&c7=https%3A%2F%2Ftrumpexcel.com%2F&c8=FREE%20Online%20Excel%20Training%20%E2%80%93%20Video%20Course%20for%20Beginners&c9=
Protocol
H2
Server
18.164.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-83.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
via
1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
X9V3i6lWr4PcoyeQY6RRahpfCHIgQhjDVg038bOd-xz1iMjxLfeJVw==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1664932698536&ns_c=UTF-8&c7=https%3A%2F%2Ftrumpexcel.com%2F&c8=FREE%20Online%20Excel%20Training%20%E2%80%93%20Video%20Course%20for%20Beginners&c9=
date
Wed, 05 Oct 2022 01:18:18 GMT
via
1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
content-length
0
x-amz-cf-id
bOB3Cz0NzTSs6vbnPXGPTNFS1E-rPl8vS4d-50HzgK6bKpyTnYYp0Q==
x-cache
Miss from cloudfront
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/ 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
468718a583ec98edb242b85a424558fd63ceac3a8c1ff6a76bbf473b857481c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 01:18:18 GMT
Content-Encoding
gzip
Via
1.1 varnish
x-amz-request-id
M0HK3GYPWVSFFD1J
Age
80
X-Cache
HIT
Connection
keep-alive
Content-Length
63033
x-amz-id-2
RKC+fGcFA9B6J5COeg+rB+18ipMIrCImnS9vesJg/DnOW/lQuySmy+331Phbk9HHO7pTdAHOy68=
X-Served-By
cache-yul12828-YUL
Last-Modified
Mon, 09 May 2022 15:39:37 GMT
Server
AmazonS3
X-Timer
S1664932699.552850,VS0,VE0
ETag
"ecf02ff527b0ed563b40adaa835278b3"
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
4572
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 01:18:18 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.66 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216537.ip-141-95-98.eu
Software
/
Resource Hash
165fe2195c3d37d95873f15673991add7cdb793803f8b9c50786888c095288b6

Request headers

Referer
https://trumpexcel.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://trumpexcel.com
date
Wed, 05 Oct 2022 01:18:18 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::2fb3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
81cb3192d646bb77ee16f627886ce595db2746409bad409b7f47820a71e2d9f8

Request headers

Referer
https://trumpexcel.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://trumpexcel.com
date
Wed, 5 Oct 2022 01:18:18 GMT
content-length
54
vary
Origin
content-type
application/json
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DE51 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
82177
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 02:28:41 GMT
expires
Wed, 04 Oct 2023 02:28:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AD84 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
86ba371dc87539f04e75f4e04959b61869e474ac953173b9273edf8b8a646df7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nVFmmls8zyQxU3NkOl-ZSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trumpexcel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-nVFmmls8zyQxU3NkOl-ZSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 01:18:18 GMT
expires
Wed, 05 Oct 2022 01:18:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
pagead2.googlesyndication.com/bg/ Frame DE51 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
543541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16034
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:19:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AD84 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092801&jk=606240171554438&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame DE51 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BqHMSg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
367.json
id5-sync.com/g/v2/ 		457 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/367.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
488bd4186dff053d9b7b173224e50ccecd92300b498e835c609ad15f272fcef4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://trumpexcel.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 01:18:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://trumpexcel.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
container.html
329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 67BC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://trumpexcel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 01:18:18 GMT
expires
Thu, 05 Oct 2023 01:18:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 67BC 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com
URL: https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 01:18:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 00:23:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 01:18:19 GMT
css
fonts.googleapis.com/ Frame 9BBC 		8 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 01:18:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 00:19:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 01:18:19 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 9BBC 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 01:17:33 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 9BBC 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:08:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
611
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9561
x-xss-protection
0
server
cafe
etag
483224313611802536
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 01:08:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 9BBC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 01:17:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 9BBC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:15:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 01:15:19 GMT
l
www.google.com/ads/measurement/ Frame 9BBC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwj63G4q0Hk7q5SCuPWJeHd9vwvMwbo9wi4wtkfrar8YxY9khuEcgJnqAaqD4-KN9X2VmCzDlleC4tOIfMyAUFSljUrg
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9BBC 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:18:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 01:18:19 GMT
ff28bd887d5918000d85a256eb9567a4.js
www.gstatic.com/mysidia/ Frame 9BBC 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ff28bd887d5918000d85a256eb9567a4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a61fe6e2743a18f977ac18a2f805735e8dccf115b16dbbbd2e3864ae98d4c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 23:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
439211
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13740
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 07:09:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 28 Dec 2022 23:18:08 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 67BC 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com
URL: https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 00:41:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2183
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8224
x-xss-protection
0
server
cafe
etag
17584738254627026664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 00:41:56 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 67BC 		205 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com
URL: https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 22:20:43 GMT
x-content-type-options
nosniff
age
442656
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 29 Sep 2023 22:20:43 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 67BC 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com
URL: https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 00:11:42 GMT
x-content-type-options
nosniff
age
263197
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 02 Oct 2023 00:11:42 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 219A 		143 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com
URL: https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 00:22:04 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 219A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com
URL: https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 01:18:19 GMT
expires
Wed, 05 Oct 2022 01:18:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 01:18:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
pagead2.googlesyndication.com/bg/ Frame 9097 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Requested by
Host: trumpexcel.com
URL: https://trumpexcel.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
543542
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16034
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:19:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092801&jk=606240171554438&bg=!nJ-ln9vNAAYQgTJdMIE7ACkAdvg8WmTWM2mwVStFZ4Zt6oMHvyN80hrdndsTQOYODoTa1Jp4k888HgIAAABeUgAAAANoAQcKACND6kFjj_7dP-Cn3Lq_s1fz048-bl5Kz5P8OZimlxy5ek_KBpkCmvBvu_lqGyGJ4HJxA8pIpxdS-HIGJKzZeaizFn1O7hHWAAQ3LeOjXEba5cnDkz1iD4lORa44IFwHyKL_KcLiCs4KLfRv05X9CCpxH9T2Vw-ITQjF_cyM7xAIXt33TUfJhkKnX3W3LlKIRrkp-ey9zsJBxiCr8nRGMmXpOnALHNkV6rP90RfX1Rbvh1vsGYW0A_rRVN86v-v5yideeCXE9YhbbDJ5ksLDkxpOcuqeqqaXWA_syTBS9mUL7RIielbPAu2q7NXkQvELsQ9jM51rCZegM_5l6y4M-Yrhw_bSxjr-N3eOLP-NgLdJt8n6fWb87ilFd0aDVOe3ypWHmYKZlF3WDD4BnXkRyDQWQMNyJvQnRT0SvCXHHzzWwUF64_5bDj2mZEeusBlx3B-V0b0w65f6PEhsYULqIX4U-maWBbhU5L2cXN4PyJWdUBFkTHDUzNasLeIupK6jy0X4FUrxbHJYJE9tuUzEPfJXwkKgtjWnISO__m9Eo-esvqL5gk61_Q70PcYjem9tJMh1hE5USSUPNXvPucH7MidmAVUhZL8ZVr1bsT_3_shAcInpxQFWnU__6hstA3zxtWiYcDkmNjhhbnLazZsuLCF1yx0FSHlcC44RdEKDb-GZWWNJWjf-i9_fElzVixRi1hrkFhT5e332QA5uXxm4NZ7dJtTvB7FS-yUTXy0YpgWHJrd_sdudFHp2qERHtXjLtqSdYDVBLpV_nE0X8YcRAfafR8xOlTqG43BwdOtuIAJSrpX0fmu0sZzZfaDX5n4CVFmEV2xL3DHr64CUl7Kg8cCnqwgRXgzCbaxNFsnlkPnaHVcq6YnzripRNRM3nrcU_bj0hZw4Mb7svdM4f5mwYPz-2MUTFuChph5yvvmEopckfA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trumpexcel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| href object| NPSH object| NitroScrollHelper object| NPRL object| NitroResourceLoader object| NPh object| NitroPackHelper object| adthriveCLS object| adthrive object| cls_disable_ads boolean| IS_NITROPACK string| NITROPACK_STATE object| nitro_lazySizesConfig object| lazySizes function| loadCSS object| webVitals undefined| proxyPurgeOnly undefined| nitroData undefined| xhr object| pbjs object| apstag object| googletag boolean| isPreload object| _pbjsGlobals object| ggeac object| google_tag_data object| google_js_reporting_queue function| __uspapi object| _comscore object| confiant object| onStylesLoadEvent boolean| apstagLOADED undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| COMSCORE function| udm_ object| ns_p object| GoogleGcLKhOms function| setImmediate function| clearImmediate object| ID5 object| google_image_requests

10 Cookies

Domain/Path Name / Value
trumpexcel.com/ Name: nitroCachedPage
Value: 1
trumpexcel.com/ Name: __adblocker
Value: false
trumpexcel.com/ Name: usprivacy
Value: 1---
trumpexcel.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.scorecardresearch.com/ Name: UID
Value: 124b8b3c7077dc063bb91091664932698
.trumpexcel.com/ Name: __gads
Value: ID=6a8bf600050d2df4-222d250294d700af:T=1664932698:S=ALNI_MbzrxlG29wBQeQDCPNd1BRNTqE-aA
.trumpexcel.com/ Name: __gpi
Value: UID=0000087b09e71173:T=1664932698:RT=1664932698:S=ALNI_MYCgAVuBsbvYcqTHXCaJ4REGWSPSQ
.id5-sync.com/ Name: id5
Value: ef6258d7-87be-4cd2-a933-50960c5701cc#1664932699196#1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnXhMISMyVHnt2GIje-M6OQqyGhw85xXG3T2cHP16HKe9Hb1j9C3D_nhg4a

60 Console Messages

Source Level URL
Text
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-948924886497e8c9cb279f3ff1ca2199-stylesheet.css
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-7519c6ccf95c15f7b058689b2494e3a0-stylesheet.css
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-be725634fb3e36084653f446e54059d9-stylesheet.css
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-10e58329f468f909b89e47d20587c8d2-stylesheet.css
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
css-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-948924886497e8c9cb279f3ff1ca2199-stylesheet.css
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
css-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-7519c6ccf95c15f7b058689b2494e3a0-stylesheet.css
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
css-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-10e58329f468f909b89e47d20587c8d2-stylesheet.css
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
css-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/combinedCss/nitro-min-noimport-be725634fb3e36084653f446e54059d9-stylesheet.css
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://www.googletagmanager.com/gtag/js?id=UA-41172916-1
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://www.googletagmanager.com/gtag/js?id=G-YV8NEHWL7P
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/Badges/nitro-min-DMCABadgeHelper.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/link-whisper-premium/js/nitro-min-53b20d3ce475b0ea9ede75d4fa3f7ee3.frontend.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/themes/generatepress/assets/js/nitro-min-583f5ec2b31cb9db1bb70d57d5d82d8e.menu.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/jquery/nitro-min-af6cb5bfb91ce2d78377e57c8d18ffc0.jquery.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/jquery/nitro-min-d6171631e2919215b5e490dc93564c56.jquery-migrate.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/lib/smartmenus/nitro-min-f269e9a3a80059942775a9c8c2131b2c.jquery.smartmenus.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/optinmonster/assets/dist/js/nitro-min-0ad8a8c71f5aa35026f6a3a56698c716.helper.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.webpack-pro.runtime.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.webpack.runtime.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.frontend-modules.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/dist/vendor/nitro-min-39373f825d7812e4c0eff141ce43ad5b.regenerator-runtime.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/dist/vendor/nitro-min-2c7cef87d91a8c32817cef0915f9141b.wp-polyfill.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/dist/nitro-min-cbb5d1e91b9a8417d86bfeb314daa78c.hooks.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/dist/nitro-min-771a52b4530a27e460955a3b4445cf21.i18n.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.frontend.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/lib/waypoints/nitro-min-05dab1e7174ef3cb7c002a1ae16cb972.waypoints.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/jquery/ui/nitro-min-0028783c6c3493afecf62f0ca754461e.core.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/lib/swiper/nitro-min-48f52d9cf783a7c8e9223b6108c784e9.swiper.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/lib/share-link/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.share-link.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/lib/dialog/nitro-min-d2271a11f9042b5f0bf3141b56dba4ea.dialog.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.frontend.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.preloaded-elements-handlers.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.preloaded-modules.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
Preloading https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/lib/sticky/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.jquery.sticky.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/link-whisper-premium/js/nitro-min-53b20d3ce475b0ea9ede75d4fa3f7ee3.frontend.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/themes/generatepress/assets/js/nitro-min-583f5ec2b31cb9db1bb70d57d5d82d8e.menu.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/Badges/nitro-min-DMCABadgeHelper.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/jquery/nitro-min-d6171631e2919215b5e490dc93564c56.jquery-migrate.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/lib/smartmenus/nitro-min-f269e9a3a80059942775a9c8c2131b2c.jquery.smartmenus.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.webpack.runtime.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/optinmonster/assets/dist/js/nitro-min-0ad8a8c71f5aa35026f6a3a56698c716.helper.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/dist/vendor/nitro-min-39373f825d7812e4c0eff141ce43ad5b.regenerator-runtime.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.webpack-pro.runtime.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/dist/nitro-min-cbb5d1e91b9a8417d86bfeb314daa78c.hooks.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/dist/nitro-min-771a52b4530a27e460955a3b4445cf21.i18n.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/dist/vendor/nitro-min-2c7cef87d91a8c32817cef0915f9141b.wp-polyfill.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.frontend-modules.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/jquery/nitro-min-af6cb5bfb91ce2d78377e57c8d18ffc0.jquery.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.frontend.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/lib/waypoints/nitro-min-05dab1e7174ef3cb7c002a1ae16cb972.waypoints.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/lib/swiper/nitro-min-48f52d9cf783a7c8e9223b6108c784e9.swiper.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/lib/share-link/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.share-link.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/lib/dialog/nitro-min-d2271a11f9042b5f0bf3141b56dba4ea.dialog.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.preloaded-elements-handlers.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.preloaded-modules.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor/assets/js/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.frontend.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-content/plugins/elementor-pro/assets/lib/sticky/nitro-min-ac9e509c8bae63078aa2ae1bc39c56d1.jquery.sticky.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://cdn-adclh.nitrocdn.com/zciqOWZgDznkuqFpvIJsLUeyHlJtlHxe/assets/static/optimized/rev-4fa602f/wp-includes/js/jquery/ui/nitro-min-0028783c6c3493afecf62f0ca754461e.core.min.js
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://www.googletagmanager.com/gtag/js?id=UA-41172916-1
worker info URL: blob:https://trumpexcel.com/170f631d-ba89-4bf9-8007-7cb7b13b10b5
Message:
js-preload DONE: https://www.googletagmanager.com/gtag/js?id=G-YV8NEHWL7P

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

329e0355700f0667583e0d73eaae7ba3.safeframe.googlesyndication.com
ads.adthrive.com
adservice.google.ca
adservice.google.com
c.amazon-adsystem.com
cdn-adclh.nitrocdn.com
cdn.id5-sync.com
cdn.jwplayer.com
confiant-integrations.global.ssl.fastly.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id5-sync.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
logger.adthrive.com
pagead2.googlesyndication.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
to.getnitropack.com
tpc.googlesyndication.com
trumpexcel.com
www.google.com
www.googletagservices.com
www.gstatic.com
108.138.128.76
13.249.37.223
13.32.208.70
138.199.40.58
141.95.33.111
141.95.98.66
151.101.193.194
162.159.135.42
18.164.96.83
2001:41d0:701:1000::2fb3
2600:9000:2209:b400:1:a3fa:7cc0:93a1
2606:4700:10::6816:3456
2606:4700::6812:1690
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::2003
2607:f8b0:4006:816::2002
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2001
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::2003
2607:f8b0:4006:822::2004
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
09aa2038afaa998e16a5d7f63cd5b38355cabf96a30db040c59293465423182d
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
165fe2195c3d37d95873f15673991add7cdb793803f8b9c50786888c095288b6
170f12b5bbd23597e92cf383a97e18d9794c6d0b4aca2505b099395371b752fa
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048
32b7afae904111614af9002270ba549d9d316e0355439981a120f05e3b0fa4a4
3303ed47a5f82f811c9a0334a51e739f5fedb2ec5fd3b36ea979678a27444cf2
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b
468718a583ec98edb242b85a424558fd63ceac3a8c1ff6a76bbf473b857481c4
488bd4186dff053d9b7b173224e50ccecd92300b498e835c609ad15f272fcef4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5228ec9845198487ecd7e4f386f40914b2e5dfc3096a11ccbbe3bbf867d4ae61
528c16f98c883e45f6bf873ad3942196d333da8ac2210840068cb8bcfd38cc43
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f7137987b9f9a8b1639b56f77ad9eb3f7ab28733791e39c760c77a81a1aca92
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68654b239b1864c5942df93e0b380df6656eb6e50a2f49df895aeaefb1e801c9
6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
79ee9b9f52f3e1a50f05a218e9f350ebc7c6e136f04b726497ca599d79de47e7
7a0829f65b5378d1b0e2da444ff32f73343984c4e21342f5a7a0f3b9abe5c9c0
7f53003a9dec4dcf04a1ba5b191a59c9b36e75d22ced9124bfd9afe80ccd1f39
81cb3192d646bb77ee16f627886ce595db2746409bad409b7f47820a71e2d9f8
86ba371dc87539f04e75f4e04959b61869e474ac953173b9273edf8b8a646df7
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
93b795eb97f8855c857fe00bd26e590b0470b408eb2b68401004b714df42ee2e
96ee89715a14ae5e41e5a17cfa34b6bcf0ed20224fd4ce9c33900b973b7b4cbb
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde
9a61fe6e2743a18f977ac18a2f805735e8dccf115b16dbbbd2e3864ae98d4c33
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
a63506fb420990f57b718352691d603bd8c4574bd1182dd2f274fe276b83493d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a9354b6b6b17865bf3aa82782782e884a2608b14853f0410a4bb73f53f1075d2
abb37192e7d0f458a93755596466ca077948e8bc802c1b2eaca112cbf7d903e5
aea1a86656994832c0df581d89860025b681bb8da793795c5452aa3d45327100
b34e0b9d5fc2c43bfda6e480883e48577d8bc1268972fe993eeb1d303d29ded7
b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
bd00b18fa62903872d7dc9e6e084c119c8b64e09a397176120dc7673cd1ea251
beb74a04ac76ab96f7d84ed9f76aee4d4dd581f80b8db86a9ec2ab2c10d1b5d8
bed332f8784cd98e453089a3172ee466b1e55beae5d0d5c31de9e9e544df39b2
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d49f86aa1c08d478f21f12f74d33020854eb050366ae9ed69b5d898de32821c1
d5eacfbef6e883869dcd7bed5e4891901909e463e88fca88ce67e9c90018666f
d682c9d1780beadfc813d152d9965573164e614c17c10f2d9c41e11e342f4058
d74aacbaed4132cc593f2f2ab77bfc980733ad393dee2a722757d29d0eec941f
dcb53fc2b043c569dba95e27a0219c282b12689e4b231910e947817723ae3b03
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
f62599e2b5c41a6b3c7161cf72107ac8c3aa6ea9a30d9eb9e58e2eed798d37e7
fdcc5b938c50287e7d89b36660533a606fa5d938078f72df5ad179b5832b6fd6