trumpcard.trumphotels.com Open in urlscan Pro
2606:4700::6812:1214 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trumpcard.com/
Effective URL:
https://trumpcard.trumphotels.com/trump-card
Submission Tags: falconsandbox
Submission: On October 12 via api (October 12th 2024, 8:34:37 am UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 18 domains to perform 63 HTTP transactions. The main IP is 2606:4700::6812:1214, located in United States and belongs to CLOUDFLARENET, US. The main domain is trumpcard.trumphotels.com.
TLS certificate: Issued by E6 on September 2nd 2024. Valid for: 3 months.

This is the only time trumpcard.trumphotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:1162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700::68... 2606:4700::6812:1214	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.160.156.182 3.160.156.182	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2600:9000:275... 2600:9000:275d:5800:1d:40aa:1fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	18.244.18.115 18.244.18.115	16509 (AMAZON-02) (AMAZON-02)
2	52.88.121.62 52.88.121.62	16509 (AMAZON-02) (AMAZON-02)
3	212.69.158.198 212.69.158.198	13767 (DATABANK-DFW) (DATABANK-DFW)
2 4	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
1	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
63	20

1 2606:4700::6812:1162 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

trumpcard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:1214 (United States)

ASN13335 (CLOUDFLARENET, US)

trumpcard.trumphotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.156.182 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-156-182.fra60.r.cloudfront.net

d1gd5ngg4o7o11.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:275d:5800:1d:40aa:1fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

p.relay-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-115.fra56.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.88.121.62 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-121-62.us-west-2.compute.amazonaws.com

twin-iq.kickfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.69.158.198 (United States)

ASN13767 (DATABANK-DFW, US)
PTR: 212-69-158-198.databank.com

www.rumiview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

2833303.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
11128133.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	trumphotels.com trumpcard.trumphotels.com	508 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	751 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	5 KB
6	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 136 2833303.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 150 Failed 11128133.fls.doubleclick.net	2 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 445	230 KB
3	rumiview.com www.rumiview.com — Cisco Umbrella Rank: 38610	83 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401
3	relay-t.io p.relay-t.io — Cisco Umbrella Rank: 50898	6 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 348	15 KB
2	kickfire.com twin-iq.kickfire.com — Cisco Umbrella Rank: 28702	1 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 927	18 KB
2	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	23 KB
1	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3430	491 B
1	google.de www.google.de — Cisco Umbrella Rank: 11271	63 B
1	cloudfront.net d1gd5ngg4o7o11.cloudfront.net	471 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 683	7 KB
1	trumpcard.com 1 redirects trumpcard.com	344 B
63	18

	Domain	Requested by
15	trumpcard.trumphotels.com	trumpcard.trumphotels.com static.cloudflareinsights.com
8	www.googletagmanager.com	trumpcard.trumphotels.com www.googletagmanager.com
6	www.facebook.com	trumpcard.trumphotels.com
4	maps.googleapis.com	trumpcard.trumphotels.com maps.googleapis.com
3	www.rumiview.com	trumpcard.trumphotels.com
3	region1.analytics.google.com	www.googletagmanager.com
3	p.relay-t.io	trumpcard.trumphotels.com p.relay-t.io
3	connect.facebook.net	trumpcard.trumphotels.com connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com trumpcard.trumphotels.com
2	11128133.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	2833303.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	twin-iq.kickfire.com	www.googletagmanager.com
2	ssl.google-analytics.com	www.googletagmanager.com
2	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
1	ad.doubleclick.net
1	t.contentsquare.net	trumpcard.trumphotels.com
1	www.google.de	trumpcard.trumphotels.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	d1gd5ngg4o7o11.cloudfront.net	trumpcard.trumphotels.com
1	static.cloudflareinsights.com	trumpcard.trumphotels.com
1	trumpcard.com	1 redirects
63	21

This site contains links to these domains. Also see Links.

Domain
www.trumphotels.com
onetrust.com

Subject Issuer	Validity	Valid
trumphotels.com E6	`2024-09-02` - `2024-12-01`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-21` - `2024-10-19`	3 months	crt.sh
p.relay-t.io Amazon RSA 2048 M02	`2024-04-30` - `2025-05-29`	a year	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google.de WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
t.contentsquare.net Amazon RSA 2048 M03	`2024-08-13` - `2025-09-10`	a year	crt.sh
twin-iq.kickfire.com Amazon RSA 2048 M02	`2023-11-28` - `2024-12-26`	a year	crt.sh
www.rumiview.com Go Daddy Secure Certificate Authority - G2	`2024-02-10` - `2025-03-13`	a year	crt.sh
*.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://trumpcard.trumphotels.com/trump-card
Frame ID: D1B1AFCAEF74682E7502CA1FF551E4BC
Requests: 62 HTTP requests in this frame

Frame: https://2833303.fls.doubleclick.net/activityi;dc_pre=CKyopci3iIkDFeWT_Qcdm10V7A;src=2833303;type=inqui0;cat=undefined;ord=5204641817050;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=434908649;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9190491864z86812521za201zb6812521;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101671035~101686685;epver=2;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card
Frame ID: 223B4C1658944A01EF434318FA839B8D
Requests: 1 HTTP requests in this frame

Frame: https://11128133.fls.doubleclick.net/activityi;dc_pre=CNqspci3iIkDFXLuuwgdK8Mwqg;src=11128133;type=siter0;cat=siter0;ord=1355967438846;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=1875583382;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9189028993z86812521za201zb6812521;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101686685;epver=2;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card
Frame ID: EF3DDA028B1B84C8072E26F15BCE9F3E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hotel Loyalty & Member Programs | Trump Card – Sign In

Page URL History Show full URLs

https://trumpcard.com/ HTTP 301
https://trumpcard.trumphotels.com/trump-card Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org

Page Statistics

63
Requests

98 %
HTTPS

70 %
IPv6

18
Domains

21
Subdomains

20
IPs

3
Countries

2193 kB
Transfer

5947 kB
Size

24
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.trumphotels.com/privacy-policy
Title: Privacy & Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.trumphotels.com/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.trumphotels.com/privacy-policy#COOKIE%20POLICY
Title: Privacy & Cookie Policy

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trumpcard.com/ HTTP 301
https://trumpcard.trumphotels.com/trump-card Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://2833303.fls.doubleclick.net/activityi;src=2833303;type=inqui0;cat=undefined;ord=5204641817050;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=434908649;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9190491864z86812521za201zb6812521;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101671035~101686685;epver=2;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card HTTP 302
https://2833303.fls.doubleclick.net/activityi;dc_pre=CKyopci3iIkDFeWT_Qcdm10V7A;src=2833303;type=inqui0;cat=undefined;ord=5204641817050;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=434908649;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9190491864z86812521za201zb6812521;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101671035~101686685;epver=2;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card

Request Chain 53

https://11128133.fls.doubleclick.net/activityi;src=11128133;type=siter0;cat=siter0;ord=1355967438846;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=1875583382;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9189028993z86812521za201zb6812521;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101686685;epver=2;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card HTTP 302
https://11128133.fls.doubleclick.net/activityi;dc_pre=CNqspci3iIkDFXLuuwgdK8Mwqg;src=11128133;type=siter0;cat=siter0;ord=1355967438846;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=1875583382;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9189028993z86812521za201zb6812521;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101686685;epver=2;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request trump-card Show response
trumpcard.trumphotels.com/
Redirect Chain

https://trumpcard.com/
https://trumpcard.trumphotels.com/trump-card

61 KB
13 KB

386ms
349ms

Document
text/html

2606:4700::6812:1214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumpcard.trumphotels.com/trump-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1214 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5380e3fb48539274ad506768d22e8b2b47fa8678702d8e7c52a0cea379adf88e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8d15c04e2dbdd296-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 12 Oct 2024 08:34:31 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
service-worker-allowed: /
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-hebs-cache-status: miss

Redirect headers

cache-control: max-age=3600
cf-ray: 8d15c04dcf54d23e-FRA
content-length: 167
content-type: text/html
date: Sat, 12 Oct 2024 08:34:30 GMT
expires: Sat, 12 Oct 2024 09:34:30 GMT
location: https://trumpcard.trumphotels.com/trump-card
server: cloudflare
vary: Accept-Encoding

GET
H2 200 speculation
trumpcard.trumphotels.com/cdn-cgi/ 128 B
252 B 19ms
18ms Other
application/speculationrules+json 2606:4700::6812:1214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trumpcard.trumphotels.com/cdn-cgi/speculation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://trumpcard.trumphotels.com
Referer: https://trumpcard.trumphotels.com/trump-card

Response headers

cf-ray: 8d15c0506c53d296-FRA
access-control-allow-origin: https://trumpcard.trumphotels.com
alt-svc: h3=":443"; ma=86400
content-length: 128
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 digitalData.min.js Show response
trumpcard.trumphotels.com/skins/master/assets/tracking/ 2 KB
1015 B 27ms
27ms Script
application/javascript 2606:4700::6812:1214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumpcard.trumphotels.com/skins/master/assets/tracking/digitalData.min.js

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1214 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a93efdd6e3fc06eda81580b11218166e4019ba6796bd7f3821925af90d43ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/trump-card

Response headers

content-encoding: gzip
service-worker-allowed: /
etag: W/"66f2a7e8-68e"
age: 933242
cf-cache-status: HIT
expires: Sun, 12 Oct 2025 08:34:31 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: application/javascript
last-modified: Tue, 24 Sep 2024 11:52:08 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=31536000
cf-ray: 8d15c05089a2d2ee-FRA
server: cloudflare

GET
H3 200 logo.svg
trumpcard.trumphotels.com/skins/skin-prodtrumpcard/assets/loyalty/images/ 10 KB
4 KB 29ms
29ms Image
image/svg+xml 2606:4700::6812:1214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trumpcard.trumphotels.com/skins/skin-prodtrumpcard/assets/loyalty/images/logo.svg

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1214 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b05f0a176dc31740d778ae036b73cf86a64dc2e68e467171250183dfce81278

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/trump-card

Response headers

content-encoding: gzip
service-worker-allowed: /
etag: W/"667f0c93-28b6"
age: 8842687
cf-cache-status: HIT
expires: Sun, 12 Oct 2025 08:34:31 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2024 19:18:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=31536000
cf-ray: 8d15c05089a7d2ee-FRA
server: cloudflare

GET
H3 200 logo-black.svg
trumpcard.trumphotels.com/skins/skin-prodtrumpcard/assets/loyalty/images/ 10 KB
4 KB 29ms
28ms Image
image/svg+xml 2606:4700::6812:1214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trumpcard.trumphotels.com/skins/skin-prodtrumpcard/assets/loyalty/images/logo-black.svg

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1214 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

031a0368beab51d73df97a25a863419fb53e216238351a0340ca882037f70e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/trump-card

Response headers

content-encoding: gzip
service-worker-allowed: /
etag: W/"66e17ff4-282a"
age: 1898170
cf-cache-status: HIT
expires: Sun, 12 Oct 2025 08:34:31 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: image/svg+xml
last-modified: Wed, 11 Sep 2024 11:33:08 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=31536000
cf-ray: 8d15c05089a8d2ee-FRA
server: cloudflare

GET
H3 200 styles.min.css
trumpcard.trumphotels.com/skins/skin-prodtrumpcard/1727989871/assets/loyalty/styles/ 50 KB
9 KB 26ms
24ms Stylesheet
text/css 2606:4700::6812:1214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumpcard.trumphotels.com/skins/skin-prodtrumpcard/1727989871/assets/loyalty/styles/styles.min.css

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1214 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45df6f3ef68ec9b40de34521614128d7b777f0b3cd97e08ee68f2fe7f0f0e52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/trump-card

Response headers

content-encoding: gzip
service-worker-allowed: /
etag: W/"66ff086c-c665"
age: 720623
cf-cache-status: HIT
expires: Sun, 12 Oct 2025 08:34:31 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: text/css
last-modified: Thu, 03 Oct 2024 21:11:08 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=31536000
cf-ray: 8d15c050ba19d2ee-FRA
server: cloudflare

GET
H3 200 scripts.min.js Show response
trumpcard.trumphotels.com/skins/skin-prodtrumpcard/1727989871/assets/loyalty/scripts/ 1 MB
407 KB 27ms
25ms Script
application/javascript 2606:4700::6812:1214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumpcard.trumphotels.com/skins/skin-prodtrumpcard/1727989871/assets/loyalty/scripts/scripts.min.js

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1214 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7183981b50e249b21e12cf7a1194dec444ce703b7452ed2949621fb1e1efc2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/trump-card

Response headers

content-encoding: gzip
service-worker-allowed: /
etag: W/"66ff086c-129949"
age: 720623
cf-cache-status: HIT
expires: Sun, 12 Oct 2025 08:34:31 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: application/javascript
last-modified: Thu, 03 Oct 2024 21:11:08 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=31536000
cf-ray: 8d15c050ba1dd2ee-FRA
server: cloudflare

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 348 KB
112 KB 97ms
57ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyC1YuO7IqFV0B_cvvaFF8Gyz-lATwxwSXk&callback=initAutocomplete&libraries=places&v=weekly

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

79fc4570e4ebd8a1616bed6202806b50d7c9150f10782fda13302a8611f5de6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

cache-control: public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: gzip
etag: 9562a198
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114553
date: Sat, 12 Oct 2024 08:34:31 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
vary: Accept-Language, Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 76ms
36ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://trumpcard.trumphotels.com
Referer: https://trumpcard.trumphotels.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8d15c050fb8d9742-FRA
access-control-allow-origin: *
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 logo-black.svg
trumpcard.trumphotels.com/skins/skin-prodtrumpcard/1727989871/assets/loyalty/images/ 10 KB
4 KB 59ms
59ms Image
image/svg+xml 2606:4700::6812:1214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trumpcard.trumphotels.com/skins/skin-prodtrumpcard/1727989871/assets/loyalty/images/logo-black.svg

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1214 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

031a0368beab51d73df97a25a863419fb53e216238351a0340ca882037f70e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/trump-card

Response headers

content-encoding: gzip
service-worker-allowed: /
etag: W/"66ff086c-282a"
age: 717767
cf-cache-status: HIT
expires: Sun, 12 Oct 2025 08:34:31 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2024 21:11:08 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=31536000
cf-ray: 8d15c050ba2ed2ee-FRA
server: cloudflare

GET
H/1.1 200
OK f853e2a34c8d1f83b0a3f66d909694a7.jpg
d1gd5ngg4o7o11.cloudfront.net/trumpcard.trumphotels.com-1115220585/cms/cache/v2/65c3f728ab674.jpg/1800x1200/fit/80/ 471 KB
471 KB 50ms
11ms Image
image/jpeg 3.160.156.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1gd5ngg4o7o11.cloudfront.net/trumpcard.trumphotels.com-1115220585/cms/cache/v2/65c3f728ab674.jpg/1800x1200/fit/80/f853e2a34c8d1f83b0a3f66d909694a7.jpg
Requested by: Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.182 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-182.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b52f3e53253eb8c974cd6d6429327a99918f325f9bb834b0b445f34e1b07aaea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

Cache-Control: public, max-age=31536000
x-amz-version-id: Mgpz6X6FAn_5UfTbiu5Y.iyq.tR5TwCT
ETag: "23da31c4fad6f80da3617a6fb7076dca"
Age: 2617078
Connection: keep-alive
Via: 1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
Content-Length: 481867
X-Amz-Cf-Id: ocSTmCG1Yw9oNih1y942-6KYZBjd8WGZ2GL2E9yK6xuux37MFYn4Rw==
Date: Thu, 12 Sep 2024 01:36:34 GMT
Content-Type: image/jpeg
Last-Modified: Wed, 24 Apr 2024 17:22:50 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P7

GET
H3 200 Gotham-Book.woff2
trumpcard.trumphotels.com/skins/skin-prodtrumpcard/1727989871/assets/loyalty/fonts/ 31 KB
31 KB 45ms
41ms Font
font/woff2 2606:4700::6812:1214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumpcard.trumphotels.com/skins/skin-prodtrumpcard/1727989871/assets/loyalty/fonts/Gotham-Book.woff2

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1214 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8ca8ed0f32f7a269e112b200f20e4fa74138a3e8c15318d54f930c86bc96625

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://trumpcard.trumphotels.com
Referer: https://trumpcard.trumphotels.com/trump-card

Response headers

service-worker-allowed: /
etag: "66ff086c-7cb4"
age: 717767
cf-cache-status: HIT
expires: Sun, 12 Oct 2025 08:34:31 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: font/woff2
last-modified: Thu, 03 Oct 2024 21:11:08 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=31536000
cf-ray: 8d15c050da81d2ee-FRA
accept-ranges: bytes
content-length: 31924
server: cloudflare

GET
H3 200 GothamHTF-Medium.woff2
trumpcard.trumphotels.com/skins/skin-prodtrumpcard/1727989871/assets/loyalty/fonts/ 11 KB
12 KB 44ms
40ms Font
font/woff2 2606:4700::6812:1214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumpcard.trumphotels.com/skins/skin-prodtrumpcard/1727989871/assets/loyalty/fonts/GothamHTF-Medium.woff2

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1214 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70141a2cb05f27c0422d349a2e6a538261ccab6dca01dac957cd5cf702178438

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://trumpcard.trumphotels.com
Referer: https://trumpcard.trumphotels.com/trump-card

Response headers

service-worker-allowed: /
etag: "66ff086c-2de0"
age: 717767
cf-cache-status: HIT
expires: Sun, 12 Oct 2025 08:34:31 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: font/woff2
last-modified: Thu, 03 Oct 2024 21:11:08 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=31536000
cf-ray: 8d15c050da86d2ee-FRA
accept-ranges: bytes
content-length: 11744
server: cloudflare

GET
H3 200 GothamHTF-Light.woff2
trumpcard.trumphotels.com/skins/skin-prodtrumpcard/1727989871/assets/loyalty/fonts/ 11 KB
12 KB 83ms
80ms Font
font/woff2 2606:4700::6812:1214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumpcard.trumphotels.com/skins/skin-prodtrumpcard/1727989871/assets/loyalty/fonts/GothamHTF-Light.woff2

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1214 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1576970a3c17962ea9c82cd7970bd08795cc557688d6762f2cbffd1c97e7040e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://trumpcard.trumphotels.com
Referer: https://trumpcard.trumphotels.com/trump-card

Response headers

service-worker-allowed: /
etag: "66ff086c-2d68"
age: 717767
cf-cache-status: HIT
expires: Sun, 12 Oct 2025 08:34:31 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: font/woff2
last-modified: Thu, 03 Oct 2024 21:11:08 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=31536000
cf-ray: 8d15c050da88d2ee-FRA
accept-ranges: bytes
content-length: 11624
server: cloudflare

GET
H3 200 GothamHTF-Book.woff2
trumpcard.trumphotels.com/skins/skin-prodtrumpcard/1727989871/assets/loyalty/fonts/ 11 KB
12 KB 83ms
81ms Font
font/woff2 2606:4700::6812:1214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumpcard.trumphotels.com/skins/skin-prodtrumpcard/1727989871/assets/loyalty/fonts/GothamHTF-Book.woff2

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1214 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

866897cc032a0811738e6109ba21db466748d3dc256733770deff6865136fce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://trumpcard.trumphotels.com
Referer: https://trumpcard.trumphotels.com/trump-card

Response headers

service-worker-allowed: /
etag: "66ff086c-2da0"
age: 131237
cf-cache-status: HIT
expires: Sun, 12 Oct 2025 08:34:31 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: font/woff2
last-modified: Thu, 03 Oct 2024 21:11:08 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=31536000
cf-ray: 8d15c050da89d2ee-FRA
accept-ranges: bytes
content-length: 11680
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 698 KB
147 KB 200ms
125ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJQG87

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce735d858af983acbe23882810d449f2c5ceaafd20fc1c40d19b92bac463dd74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 12 Oct 2024 08:34:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 12 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 149487
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 36ms
20ms XHR
application/json 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC1YuO7IqFV0B_cvvaFF8Gyz-lATwxwSXk&callback=initAutocomplete&libraries=places&v=weekly

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

cache-control: private
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://trumpcard.trumphotels.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Sat, 12 Oct 2024 08:34:31 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
15 KB 74ms
31ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJQG87

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "803483b3aaadb1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 126176696A98499EAF8E3C3F150A58AC Ref B: FRAEDGE1305 Ref C: 2024-10-12T08:34:31Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14402
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:43:41 GMT
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
95 KB 27ms
25ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11353624665

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJQG87

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3764abba43ed419e5344742545807d1406cea493ce43526b737f720763532d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 12 Oct 2024 08:34:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 12 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97214
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 19ms
9ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4459, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: AVnvHBRKXd4pmAjATeZ4juGTK4WTW3gs48CUl+YGWvzLXbOWNTUuLAj8xLRMie8afpmde8ZB3Jcdt3WzsJKTmw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59131
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 beat.gif
p.relay-t.io/ 43 B
541 B 74ms
30ms Image
image/gif 2600:9000:275d:5800:1d:40aa:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p.relay-t.io/beat.gif?&idbe=3&date_format=YYYY-MM-DD&whtoken_c_debug=&current_url_debug=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&referrer_all_debug=%2F%3F&event_type_debug=global_tag&custom1_debug=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&custom4_debug=GTM-TJQG87&custom5_debug=gtm.js&dmp_date_debug=1728722071640

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:5800:1d:40aa:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

etag: "b4491705564909da7f9eaf749dbbfbb1"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: xCS1O1IU7b1HNe03NUa8Dunn_IyTr-2SyxZXjkhAPWwsnQ9gm4Vk9Q==
date: Sat, 12 Oct 2024 08:34:32 GMT
content-type: image/gif
last-modified: Fri, 26 Apr 2024 11:19:48 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5034084c037ff19008ba7c2c0b849a4c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 43
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P11
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 312 KB
105 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-58G59XTQ88&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJQG87

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db82dec3b29deb9816399a7d8e523f03fa1eb49c8cf15fe90c43749e99f37213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 12 Oct 2024 08:34:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 107459
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 4b347266-7934-497b-96cd-b9ab817622af.js Show response
cdn.cookielaw.org/consent/ 92 KB
17 KB 54ms
33ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b347266-7934-497b-96cd-b9ab817622af.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJQG87

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c24f3fbba81d362e13c8c5557dd5a05163bb47898a83471c6a778bc426395a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-md5: kaie4Wj8ruNJ05gTHvX3qw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: GZIP
cf-cache-status: HIT
etag: 0x8D78FA37A141ED6
age: 56425
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Sun, 13 Oct 2024 08:34:31 GMT
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: application/javascript
last-modified: Thu, 02 Jan 2020 16:47:38 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 95d8e154-601e-0032-44d1-9b19b9000000
cf-ray: 8d15c053fea93605-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16681
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 7552952714762566 Show response
connect.facebook.net/signals/config/ 65 KB
13 KB 180ms
179ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/7552952714762566?v=2.9.170&r=stable&domain=trumpcard.trumphotels.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e8f7e866ae4d95282815f16bbf8f7ec3a1ead28c711c09f631c6b1d2769fef9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=72, mss=1232, tbw=67289, tp=63, tpl=0, uplat=170, ullat=1
pragma: public
x-fb-debug: Al73g7UP2oRi/vSUl+gvdgZS89U8XbBXw+Jl11hCO75PQgOJS/nFk9JKBbjBP01abJ6HxwgulrnJYUPWibUnDA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
70 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=HA-75&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJQG87

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a4d29d0533f96d43c0df349bf89853778776ff2fa92d815a7dc6d48fbaab4b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 12 Oct 2024 08:34:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 12 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 71857
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 wh.js Show response
p.relay-t.io/ 4 KB
5 KB 68ms
67ms Script
application/javascript 2600:9000:275d:5800:1d:40aa:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.relay-t.io/wh.js

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:5800:1d:40aa:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f50e35eed6b133c5adf2b14a6aa920dbf7384d40d0b2282b3b00670bccb48191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

etag: "53ab807de88f695459be24327e46aad6"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: ta71ntPuvbxcn9DleYA-IW3fpPWLiwNg1SgSNdrYh6CsY1kwV4GPFw==
date: Sat, 12 Oct 2024 08:34:32 GMT
content-type: application/javascript
last-modified: Thu, 08 Feb 2024 13:34:04 GMT
vary: Origin
x-frame-options: SAMEORIGIN
x-amz-meta-content-type: application/javascript
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5034084c037ff19008ba7c2c0b849a4c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 4196
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P11
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 44ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-58G59XTQ88&gtm=45je4a90v870989343z86812521za200zb6812521&_p=1728722071361&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&cid=1520141848.1728722072&ecid=1247730659&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1728722071&sct=1&seg=0&dl=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&dt=Hotel%20Loyalty%20%26%20Member%20Programs%20%7C%20Trump%20Card%20%E2%80%93%20Sign%20In&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1128
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-58G59XTQ88&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://trumpcard.trumphotels.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
561 B 72ms
29ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-58G59XTQ88&cid=1520141848.1728722072&gtm=45je4a90v870989343z86812521za200zb6812521&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-58G59XTQ88&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://trumpcard.trumphotels.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 65ms
47ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-58G59XTQ88&cid=1520141848.1728722072&gtm=45je4a90v870989343z86812521za200zb6812521&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101686685&tag_exp=101671035~101686685&z=2144921566

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 12 Oct 2024 08:34:31 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 35ms
14ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-58G59XTQ88&gtm=45je4a90v870989343z86812521za200zb6812521&_p=1728722071361&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&cid=1520141848.1728722072&ecid=1247730659&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=2&sid=1728722071&sct=1&seg=0&dl=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&dt=Hotel%20Loyalty%20%26%20Member%20Programs%20%7C%20Trump%20Card%20%E2%80%93%20Sign%20In&en=page_loaded&_et=2&tfd=1136
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-58G59XTQ88&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://trumpcard.trumphotels.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 optanon.css
cdn.cookielaw.org/skins/5.9.0/default_flat_bottom_two_button_black/v2/css/ 23 KB
6 KB 23ms
23ms Stylesheet
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/skins/5.9.0/default_flat_bottom_two_button_black/v2/css/optanon.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/4b347266-7934-497b-96cd-b9ab817622af.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-md5: iV3i3isuIEXEsxHTpwJ4bQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8D783317A467D05
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 39722
x-content-type-options: nosniff
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2019 20:41:22 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: ee34c804-a01e-009f-2c43-237581000000
cf-ray: 8d15c054af663605-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5553
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 0.js Show response
bat.bing.com/p/action/ 369 B
424 B 47ms
47ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/0.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1436939ed29c528098b948903ff835b1f1066a45afc277c43053a25964d1761c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5C4F3D14C94A4CC4A6F13386543A8BF6 Ref B: FRAEDGE1305 Ref C: 2024-10-12T08:34:31Z
x-cache: CONFIG_NOCACHE
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 beat.js Show response
p.relay-t.io/ 21 B
563 B 30ms
30ms Script
application/javascript 2600:9000:275d:5800:1d:40aa:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.relay-t.io/beat.js?type=tg&idhotel=idH&pmsId=pms&tkraw=&tk=&ref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card

Requested by

Host: p.relay-t.io
URL: https://p.relay-t.io/wh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:5800:1d:40aa:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13abb95134934e2b6ab33036f989d3eb588ec2586fee172d534061cb29e6834a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

etag: "590efd78ccb474abbf45b795b73e37d8"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: yWTv8bc6OImQDgYB1PSy0pHakamY2JrVSva3BVLGpXtAhS4gDNSHbw==
date: Sat, 12 Oct 2024 08:34:32 GMT
content-type: application/javascript
last-modified: Thu, 08 Feb 2024 13:34:05 GMT
vary: Origin
x-frame-options: SAMEORIGIN
x-amz-meta-content-type: application/javascript
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5034084c037ff19008ba7c2c0b849a4c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 21
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P11
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 204 0
bat.bing.com/action/ 0
285 B 36ms
35ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=0&tm=gtm002&Ver=2&mid=66430a10-9246-43d9-9a61-6bc4dab5b638&sid=cd955220887411efab9ea1fa793c9fbd&vid=cd955400887411ef94501bfccc990cdb&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Hotel%20Loyalty%20%26%20Member%20Programs%20%7C%20Trump%20Card%20%E2%80%93%20Sign%20In&p=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&r=&lt=752&evt=pageLoad&sv=1&cdb=AQET&rn=365548

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5DF8F7A2354247AA8D9AD3DF23CCE698 Ref B: FRAEDGE1305 Ref C: 2024-10-12T08:34:31Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sat, 12 Oct 2024 08:34:31 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 25ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=7552952714762566&ev=PageView&dl=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&rl=&if=false&ts=1728722071898&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728722071893.284929219196034330&ler=empty&cdl=API_unavailable&it=1728722071691&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=3272, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 217ms
200ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=7552952714762566&ev=PageView&dl=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&rl=&if=false&ts=1728722071898&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728722071893.284929219196034330&ler=empty&cdl=API_unavailable&it=1728722071691&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=FGET

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7424804759008225072"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xe70a13b5713ae048","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["7171707196289202"]},"debug_reporting":true,"debug_key":"1338188525155929283"}
date: Sat, 12 Oct 2024 08:34:32 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: McZyvyvOsj0kCQ/S9t2mbbFDbMv8fQGlu9YQE3aw+pqC8xolFu7zmAcMdESSb6KgjOoINmmTu80o3EYgBjt0HA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7424804759008225072", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=16, mss=1328, tbw=6248, tp=-1, tpl=-1, uplat=193, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 25ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=7552952714762566&ev=ViewContent&dl=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&rl=&if=false&ts=1728722071899&cd[value]=undefined&cd[currency]=undefined&cd[page_url]=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&cd[hotel_id]=undefined&cd[arrival_date]=undefined&cd[departure_date]=undefined&cd[adult_qty]=undefined&cd[child_qty]=undefined&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=12318&fbp=fb.1.1728722071893.284929219196034330&ler=empty&cdl=API_unavailable&it=1728722071691&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2986, tp=-1, tpl=-1, uplat=0, ullat=1
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 12 Oct 2024 08:34:31 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 212ms
196ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=7552952714762566&ev=ViewContent&dl=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&rl=&if=false&ts=1728722071899&cd[value]=undefined&cd[currency]=undefined&cd[page_url]=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&cd[hotel_id]=undefined&cd[arrival_date]=undefined&cd[departure_date]=undefined&cd[adult_qty]=undefined&cd[child_qty]=undefined&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=12318&fbp=fb.1.1728722071893.284929219196034330&ler=empty&cdl=API_unavailable&it=1728722071691&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=FGET

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7424804759560772761"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:32 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: P7HQpNj4cfcZey4UqdW4TF7u0Amc+LI8INlhyun/gs0ah4eOqqMBOkAOd4SYNFgo0KJBMtH+b+vMEKgri/SimQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7424804759560772761", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=16, mss=1328, tbw=3427, tp=-1, tpl=-1, uplat=188, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 404 cookie-icon.png
trumpcard.trumphotels.com/images/ 152 B
152 B 299ms
299ms Image
text/html 2606:4700::6812:1214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trumpcard.trumphotels.com/images/cookie-icon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1214 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0a0852e85dd3ceeacad155f67943f0f5e51c3854213ebd53fd2ba5a963169b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/trump-card

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: EXPIRED
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 8d15c056da51d2ee-FRA
expires: Sat, 12 Oct 2024 12:34:32 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:32 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 40ms
7ms Script
text/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJQG87

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: gzip
age: 374
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 10:28:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 08:28:18 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 17168
server: Golfe2

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-2833303&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJQG87

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eaa678b512734e98a17f7f673df7bb43c8d7215e68babf5af274d61c3bca45ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 12 Oct 2024 08:34:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 08:34:32 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 12 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81507
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 237 KB
85 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1007260908&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJQG87

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d3c542ed406c5456374314288b567706e127ce279c631829dadf690af091c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 12 Oct 2024 08:34:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 08:34:32 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 12 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 87167
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 253 KB
89 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-787485211&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJQG87

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0cc7860c7e29127a07053f7239ca78a0cde2d4a166613ef6305105387a5689e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 12 Oct 2024 08:34:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 08:34:32 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 12 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 91148
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-11128133&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJQG87

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6627adad9660993e6d0cb53e6f02cc8353fb4d486e4635fc4f1073e9b6e34f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 12 Oct 2024 08:34:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 08:34:32 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 12 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81545
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 1571288923183304 Show response
connect.facebook.net/signals/config/ 24 KB
3 KB 142ms
142ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1571288923183304?v=2.9.170&r=stable&domain=trumpcard.trumphotels.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f221d43f23aefdfe7749694fc488a8f5803b3bda46615253e2f75429edff97c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:32 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=83, mss=1232, tbw=81047, tp=78, tpl=0, uplat=134, ullat=0
pragma: public
x-fb-debug: 6WpnDBl8pFEleA4j80igZS1PjzS3YvxSep1gWULD+qO09K9kJXqlrbmFzAFsN8pFcg8zs+Eipo31kJxPfskFrg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 96a5eae656a1e.js Show response
t.contentsquare.net/uxa/ 0
491 B 38ms
7ms Script
application/javascript 18.244.18.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/96a5eae656a1e.js
Requested by: Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: br
etag: "9eecb7db59d16c80417c72d1e1f4fbf1"
age: 0
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 9e0VOc1-Si5N_R1cO1smJL6kixZnVdkTezLryFrXjLPW4qkR47R3PQ==
date: Thu, 10 Oct 2024 10:26:46 GMT
content-type: application/javascript;charset=utf-8
last-modified: Tue, 08 Oct 2024 12:19:27 GMT
vary: Origin
cache-control: max-age=900
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
via: 1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 1
x-amz-cf-pop: FRA56-P11
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 twin.js Show response
twin-iq.kickfire.com/ 424 B
696 B 798ms
159ms Script
application/javascript 52.88.121.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://twin-iq.kickfire.com/twin.js?15084

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJQG87

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.121.62 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-121-62.us-west-2.compute.amazonaws.com

Software

Apache/2.4.58 () /

Resource Hash

034acd3ced0cf00cdfcb684283fdc624a48c2dc8dcddeb55e09412f92971056d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-security-policy: frame-ancestors 'none';
etag: "1a8-5d4ef7d746e6f"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 424
date: Sat, 12 Oct 2024 08:34:32 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Thu, 06 Jan 2022 20:12:30 GMT
server: Apache/2.4.58 ()
x-frame-options: DENY

GET
H/1.1 200
OK 7b58f96e-ae84-4d96-bdfd-627594df2323.js Show response
www.rumiview.com/containers/ 217 KB
59 KB 535ms
147ms Script
application/javascript 212.69.158.198
DATABANK-DFW

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rumiview.com/containers/7b58f96e-ae84-4d96-bdfd-627594df2323.js
Requested by: Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.69.158.198 , United States, ASN13767 (DATABANK-DFW, US),
Reverse DNS: 212-69-158-198.databank.com
Software: /
Resource Hash: c75c513aca0d71531e4350a8f68c35d6f560545e4ff133d2618ba1fdcaff03c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

transfer-encoding: chunked
x-robots-tag: none
cache-control: public, must-revalidate, max-age=360
content-encoding: gzip
date: Sat, 12 Oct 2024 08:34:32 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding, Cookie

POST
H3 204 rum Show response
trumpcard.trumphotels.com/cdn-cgi/ 0
148 B 16ms
15ms XHR
text/plain 2606:4700::6812:1214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumpcard.trumphotels.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1214 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://trumpcard.trumphotels.com/trump-card

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8d15c0570ae5d2ee-FRA
access-control-allow-origin: https://trumpcard.trumphotels.com
date: Sat, 12 Oct 2024 08:34:32 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 favicon.ico
trumpcard.trumphotels.com/skins/skin-prodtrumpcard/ 1 KB
442 B 57ms
57ms Other
image/x-icon 2606:4700::6812:1214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trumpcard.trumphotels.com/skins/skin-prodtrumpcard/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1214 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a749449dc7c280af7fbb26df66cce16b79418dc032f530907a7b2af203edd440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/trump-card

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=14400
content-encoding: gzip
service-worker-allowed: /
etag: W/"66ff086c-47e"
cf-cache-status: HIT
cf-ray: 8d15c0571afed2ee-FRA
expires: Sat, 12 Oct 2024 12:34:32 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:32 GMT
content-type: image/x-icon
last-modified: Thu, 03 Oct 2024 21:11:08 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
410 B 16ms
15ms Image
image/gif 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1727618747&utmhn=trumpcard.trumphotels.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Hotel%20Loyalty%20%26%20Member%20Programs%20%7C%20Trump%20Card%20%E2%80%93%20Sign%20In&utmhid=1562523811&utmr=-&utmp=%2Ftrump-card&utmht=1728722072203&utmac=UA-41848973-1&utmgtm=45He4a90n71TJQG87v6812521za200&utmcc=__utma%3D139886838.1520141848.1728722072.1728722072.1728722072.1%3B%2B__utmz%3D139886838.1728722072.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1713546582&utmredir=1&utmu=qmAAAABAAAGBAAAAAgABAAAE~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:169:0"}],}
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:169:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 08:34:32 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
server: Golfe2

GET
H2

200

activityi;dc_pre=CKyopci3iIkDFeWT_Qcdm10V7A;src=2833303;type=inqui0;cat=undefined;ord=5204641817050;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=434908649;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
2833303.fls.doubleclick.net/ Frame 223B
Redirect Chain

https://2833303.fls.doubleclick.net/activityi;src=2833303;type=inqui0;cat=undefined;ord=5204641817050;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=434908649;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
https://2833303.fls.doubleclick.net/activityi;dc_pre=CKyopci3iIkDFeWT_Qcdm10V7A;src=2833303;type=inqui0;cat=undefined;ord=5204641817050;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=434908649;uaa=;u...

0
0

33ms
32ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2833303.fls.doubleclick.net/activityi;dc_pre=CKyopci3iIkDFeWT_Qcdm10V7A;src=2833303;type=inqui0;cat=undefined;ord=5204641817050;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=434908649;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9190491864z86812521za201zb6812521;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101671035~101686685;epver=2;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-2833303&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trumpcard.trumphotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 370
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Oct 2024 08:34:32 GMT
expires: Sat, 12 Oct 2024 08:34:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Oct 2024 08:34:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://2833303.fls.doubleclick.net/activityi;dc_pre=CKyopci3iIkDFeWT_Qcdm10V7A;src=2833303;type=inqui0;cat=undefined;ord=5204641817050;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=434908649;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9190491864z86812521za201zb6812521;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101671035~101686685;epver=2;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET activity;register_conversion=1;src=2833303;type=inqui0;cat=undefined;ord=5204641817050;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=434908649;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noa...
ad.doubleclick.net/ 0
0

GET
H2

200

activityi;dc_pre=CNqspci3iIkDFXLuuwgdK8Mwqg;src=11128133;type=siter0;cat=siter0;ord=1355967438846;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=1875583382;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
11128133.fls.doubleclick.net/ Frame EF3D
Redirect Chain

https://11128133.fls.doubleclick.net/activityi;src=11128133;type=siter0;cat=siter0;ord=1355967438846;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=1875583382;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
https://11128133.fls.doubleclick.net/activityi;dc_pre=CNqspci3iIkDFXLuuwgdK8Mwqg;src=11128133;type=siter0;cat=siter0;ord=1355967438846;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=1875583382;uaa=;u...

0
0

27ms
26ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11128133.fls.doubleclick.net/activityi;dc_pre=CNqspci3iIkDFXLuuwgdK8Mwqg;src=11128133;type=siter0;cat=siter0;ord=1355967438846;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=1875583382;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9189028993z86812521za201zb6812521;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101686685;epver=2;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-11128133&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trumpcard.trumphotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Oct 2024 08:34:32 GMT
expires: Sat, 12 Oct 2024 08:34:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Oct 2024 08:34:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11128133.fls.doubleclick.net/activityi;dc_pre=CNqspci3iIkDFXLuuwgdK8Mwqg;src=11128133;type=siter0;cat=siter0;ord=1355967438846;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=1875583382;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9189028993z86812521za201zb6812521;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101686685;epver=2;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=11128133;type=siter0;cat=siter0;ord=1355967438846;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=1875583382;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noap...
ad.doubleclick.net/ 0
23 B 41ms
41ms Image
image/png 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=11128133;type=siter0;cat=siter0;ord=1355967438846;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=1875583382;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9189028993z86812521za201zb6812521;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101671035~101686685;epver=2;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Sat, 12 Oct 2024 08:34:32 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"193017249911774909"}],"aggregatable_trigger_data":[{"filters":[{"14":["11809494"]}],"key_piece":"0xabdb7cddb18bee2c","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x70507bcdeb940cef","not_filters":{"14":["11809494"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"2251299932134672803","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"193017249911774909","filters":[{"14":["11809494"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"193017249911774909","filters":[{"14":["11809494"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"193017249911774909","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"193017249911774909","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["11128133"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H2 200 /
www.facebook.com/tr/ 0
101 B 7ms
6ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1571288923183304&ev=PageView&dl=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&rl=&if=false&ts=1728722072320&cd[hotel_id]=undefined&cd[arrival_date]=undefined&cd[departure_date]=undefined&cd[adult_qty]=undefined&cd[child_qty]=undefined&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728722071893.284929219196034330&ler=empty&cdl=API_unavailable&it=1728722071691&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=7415, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 12 Oct 2024 08:34:32 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 122ms
122ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1571288923183304&ev=PageView&dl=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&rl=&if=false&ts=1728722072320&cd[hotel_id]=undefined&cd[arrival_date]=undefined&cd[departure_date]=undefined&cd[adult_qty]=undefined&cd[child_qty]=undefined&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728722071893.284929219196034330&ler=empty&cdl=API_unavailable&it=1728722071691&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7424804764861223813"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Oct 2024 08:34:32 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7424804764861223813", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: yQLt1PNYw0Dut38tdz0yCGC7KPIUYjOp7xyxEO1TSHqcPcRjDhd4H+6vmy65lzW7u4oGKeaKUFxZAS1UfE7ZNA==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=7560, tp=-1, tpl=-1, uplat=115, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H/1.1 200
OK ppms.js Show response
www.rumiview.com/ 72 KB
24 KB 129ms
128ms Script
application/javascript 212.69.158.198
DATABANK-DFW

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rumiview.com/ppms.js

Requested by

Host: trumpcard.trumphotels.com
URL: https://trumpcard.trumphotels.com/trump-card

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.69.158.198 , United States, ASN13767 (DATABANK-DFW, US),

Reverse DNS

212-69-158-198.databank.com

Software

Resource Hash

559e729c20a906611c1cc59ed46bb970176f0f4fd7ac153700baaef221c076cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

transfer-encoding: chunked
cache-control: max-age=21600
content-encoding: gzip
etag: W/"6253ec2a-11e9b"
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 14:34:33 GMT
date: Sat, 12 Oct 2024 08:34:33 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 08:51:54 GMT
vary: Accept-Encoding

GET
H2 200 twin.php
twin-iq.kickfire.com/ 95 B
365 B 164ms
163ms Image
image/png 52.88.121.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://twin-iq.kickfire.com/twin.php?TWIQ=15084&kftwiqpg=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&Hst=trumpcard.trumphotels.com&r=0.7906667640119642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.121.62 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-121-62.us-west-2.compute.amazonaws.com

Software

Apache/2.4.58 () / PHP/7.2.34

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-security-policy: frame-ancestors 'none';
x-content-type-options: nosniff
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Sat, 12 Oct 2024 08:34:33 GMT
x-xss-protection: 1; mode=block
content-type: image/png
x-powered-by: PHP/7.2.34
server: Apache/2.4.58 ()
x-frame-options: DENY

GET
H/1.1 200
OK ppms.php
www.rumiview.com/ 43 B
168 B 153ms
152ms Image
image/gif 212.69.158.198
DATABANK-DFW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rumiview.com/ppms.php?action_name=Hotel%20Loyalty%20%26%20Member%20Programs%20%7C%20Trump%20Card%20%E2%80%93%20Sign%20In&idsite=7b58f96e-ae84-4d96-bdfd-627594df2323&rec=1&r=661669&h=10&m=34&s=33&url=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&_id=52564914ccf672a0&_idts=1728722073&_idvc=1&_idn=0&_viewts=1728722073&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=378&t_ss=80&t_fs=56&t_ds=59&t_cs=73&t_ce=96&t_qs=96&t_as=444&t_ae=474&t_dl=456&t_di=748&t_ls=750&t_le=752&t_dc=1477&t_ee=1519&pv_id=vjHBHW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.69.158.198 , United States, ASN13767 (DATABANK-DFW, US),
Reverse DNS: 212-69-158-198.databank.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: none
content-length: 43
date: Sat, 12 Oct 2024 08:34:33 GMT
content-type: image/gif

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/8/intl/de_ALL/ 290 KB
63 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/8/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC1YuO7IqFV0B_cvvaFF8Gyz-lATwxwSXk&callback=initAutocomplete&libraries=places&v=weekly

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2680ba043a35f0decbfbe2f0ea2b06d3bc9f441f648df6c7fbe92fc8485e2c23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: br
age: 218939
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 19:45:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 19:45:37 GMT
last-modified: Mon, 07 Oct 2024 22:41:34 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 63779
x-xss-protection: 0
server: sffe

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/8/intl/de_ALL/ 181 KB
55 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/8/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC1YuO7IqFV0B_cvvaFF8Gyz-lATwxwSXk&callback=initAutocomplete&libraries=places&v=weekly

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a2180d83f10d8013074f6794898bb6b9d18a6a9feda649d90d2ca72199a5e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

content-encoding: br
age: 218939
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 19:45:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 19:45:37 GMT
last-modified: Mon, 07 Oct 2024 22:41:34 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 56416
x-xss-protection: 0
server: sffe

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 15ms
14ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-58G59XTQ88&gtm=45je4a90v870989343za200zb6812521&_p=1728722071361&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&cid=1520141848.1728722072&ecid=1247730659&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=3&sid=1728722071&sct=1&seg=0&dl=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&dt=Hotel%20Loyalty%20%26%20Member%20Programs%20%7C%20Trump%20Card%20%E2%80%93%20Sign%20In&en=scroll&epn.percent_scrolled=90&_et=3&tfd=6137
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-58G59XTQ88&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://trumpcard.trumphotels.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://trumpcard.trumphotels.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 08:34:36 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/activity;register_conversion=1;src=2833303;type=inqui0;cat=undefined;ord=5204641817050;npa=1;auiddc=1749007090.1728722072;ps=1;pcor=434908649;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9190491864z86812521za201zb6812521;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101671035~101686685;epver=2;~oref=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card?

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
trumpcard.trumphotels.com/	1969-12-31 23:59:59	Name: CendynCms7 Value: b7etvdihha68csuthn9koahvq2
.trumphotels.com/	1969-12-31 23:59:59	Name: __cfruid Value: d37d4bc675eecea0125d72dad6e1ef44ec1f71d4-1728722071
.trumphotels.com/	1970-01-21 02:21:38	Name: _gcl_au Value: 1.1.1749007090.1728722072
.trumphotels.com/	1970-01-21 09:48:02	Name: _ga Value: GA1.1.1520141848.1728722072
.trumphotels.com/	1970-01-21 09:48:02	Name: _ga_58G59XTQ88 Value: GS1.1.1728722071.1.0.1728722071.60.0.1247730659
.trumphotels.com/	1970-01-21 00:13:28	Name: _uetsid Value: cd955220887411efab9ea1fa793c9fbd
.trumphotels.com/	1970-01-21 09:33:38	Name: _uetvid Value: cd955400887411ef94501bfccc990cdb
.bing.com/	1970-01-21 09:33:38	Name: MUID Value: 1D57D51C66BB61E92205C00A67696089
.trumphotels.com/	1970-01-21 02:21:38	Name: _fbp Value: fb.1.1728722071893.284929219196034330
.trumpcard.trumphotels.com/	1970-01-21 08:57:38	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Sat+Oct+12+2024+10%3A34%3A32+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=5.9.0&landingPath=https%3A%2F%2Ftrumpcard.trumphotels.com%2Ftrump-card&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1%2C0_105469%3A1%2C0_105467%3A1%2C0_105465%3A1%2C0_105470%3A1%2C0_105468%3A1%2C0_105466%3A1%2C101%3A1%2C102%3A1%2C103%3A1%2C104%3A1%2C105%3A1%2C106%3A1%2C107%3A1%2C108%3A1%2C109%3A1%2C110%3A1%2C111%3A1%2C112%3A1%2C113%3A1%2C114%3A1%2C115%3A1%2C116%3A1%2C117%3A1%2C118%3A1%2C119%3A1%2C120%3A1%2C121%3A1%2C122%3A1%2C123%3A1%2C124%3A1%2C125%3A1%2C126%3A1%2C127%3A1%2C128%3A1%2C129%3A1%2C130%3A1%2C131%3A1%2C132%3A1%2C133%3A1%2C134%3A1
.trumpcard.trumphotels.com/	1970-01-21 09:48:02	Name: __utma Value: 139886838.1520141848.1728722072.1728722072.1728722072.1
.trumpcard.trumphotels.com/	1969-12-31 23:59:59	Name: __utmc Value: 139886838
.trumpcard.trumphotels.com/	1970-01-21 04:34:50	Name: __utmz Value: 139886838.1728722072.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.trumpcard.trumphotels.com/	1970-01-21 00:12:02	Name: __utmt Value: 1
.trumpcard.trumphotels.com/	1970-01-21 00:12:03	Name: __utmb Value: 139886838.1.10.1728722072
.doubleclick.net/	1970-01-21 00:55:14	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 04:31:14	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 09:33:38	Name: IDE Value: AHWqTUnn12lvPhCywMLjIvnqALt7R34CtHSIz8VUsi88PQkuQ5zMGPq4RPPjpB2tdCk
trumpcard.trumphotels.com/	1970-01-21 08:57:38	Name: stg_returning_visitor Value: Sat%2C%2012%20Oct%202024%2008:34:32%20GMT
trumpcard.trumphotels.com/	1970-01-21 00:12:03	Name: stg_traffic_source_priority Value: 1
trumpcard.trumphotels.com/	1969-12-31 23:59:59	Name: stg_externalReferrer Value:
trumpcard.trumphotels.com/	1970-01-21 08:57:38	Name: stg_last_interaction Value: Sat%2C%2012%20Oct%202024%2008:34:32%20GMT
trumpcard.trumphotels.com/	1970-01-21 09:37:57	Name: _pk_id.7b58f96e-ae84-4d96-bdfd-627594df2323.21d0 Value: 52564914ccf672a0.1728722073.1.1728722073.1728722073.
trumpcard.trumphotels.com/	1970-01-21 00:12:03	Name: _pk_ses.7b58f96e-ae84-4d96-bdfd-627594df2323.21d0 Value: *

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://trumpcard.trumphotels.com/trump-card Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://trumpcard.trumphotels.com/images/cookie-icon.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11128133.fls.doubleclick.net
2833303.fls.doubleclick.net
ad.doubleclick.net
bat.bing.com
cdn.cookielaw.org
connect.facebook.net
d1gd5ngg4o7o11.cloudfront.net
maps.googleapis.com
p.relay-t.io
region1.analytics.google.com
ssl.google-analytics.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.contentsquare.net
trumpcard.com
trumpcard.trumphotels.com
twin-iq.kickfire.com
www.facebook.com
www.google.de
www.googletagmanager.com
www.rumiview.com
ad.doubleclick.net
172.217.16.134
172.217.18.102
18.244.18.115
2001:4860:4802:34::36
212.69.158.198
2600:9000:275d:5800:1d:40aa:1fc0:93a1
2606:4700::6810:4f49
2606:4700::6812:1162
2606:4700::6812:1214
2606:4700::6812:562a
2620:1ec:33:1::10
2a00:1450:4001:803::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c0c::9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.160.156.182
52.88.121.62
031a0368beab51d73df97a25a863419fb53e216238351a0340ca882037f70e81
034acd3ced0cf00cdfcb684283fdc624a48c2dc8dcddeb55e09412f92971056d
0d3c542ed406c5456374314288b567706e127ce279c631829dadf690af091c90
0e8f7e866ae4d95282815f16bbf8f7ec3a1ead28c711c09f631c6b1d2769fef9
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4
13abb95134934e2b6ab33036f989d3eb588ec2586fee172d534061cb29e6834a
1436939ed29c528098b948903ff835b1f1066a45afc277c43053a25964d1761c
1576970a3c17962ea9c82cd7970bd08795cc557688d6762f2cbffd1c97e7040e
2680ba043a35f0decbfbe2f0ea2b06d3bc9f441f648df6c7fbe92fc8485e2c23
2a2180d83f10d8013074f6794898bb6b9d18a6a9feda649d90d2ca72199a5e1b
3a93efdd6e3fc06eda81580b11218166e4019ba6796bd7f3821925af90d43ce2
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
45df6f3ef68ec9b40de34521614128d7b777f0b3cd97e08ee68f2fe7f0f0e52b
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5380e3fb48539274ad506768d22e8b2b47fa8678702d8e7c52a0cea379adf88e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559e729c20a906611c1cc59ed46bb970176f0f4fd7ac153700baaef221c076cd
70141a2cb05f27c0422d349a2e6a538261ccab6dca01dac957cd5cf702178438
7183981b50e249b21e12cf7a1194dec444ce703b7452ed2949621fb1e1efc2fc
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
79fc4570e4ebd8a1616bed6202806b50d7c9150f10782fda13302a8611f5de6d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
866897cc032a0811738e6109ba21db466748d3dc256733770deff6865136fce4
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9b05f0a176dc31740d778ae036b73cf86a64dc2e68e467171250183dfce81278
a0cc7860c7e29127a07053f7239ca78a0cde2d4a166613ef6305105387a5689e
a4d29d0533f96d43c0df349bf89853778776ff2fa92d815a7dc6d48fbaab4b0a
a6627adad9660993e6d0cb53e6f02cc8353fb4d486e4635fc4f1073e9b6e34f5
a749449dc7c280af7fbb26df66cce16b79418dc032f530907a7b2af203edd440
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b52f3e53253eb8c974cd6d6429327a99918f325f9bb834b0b445f34e1b07aaea
c0a0852e85dd3ceeacad155f67943f0f5e51c3854213ebd53fd2ba5a963169b4
c24f3fbba81d362e13c8c5557dd5a05163bb47898a83471c6a778bc426395a0a
c75c513aca0d71531e4350a8f68c35d6f560545e4ff133d2618ba1fdcaff03c1
c8ca8ed0f32f7a269e112b200f20e4fa74138a3e8c15318d54f930c86bc96625
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce735d858af983acbe23882810d449f2c5ceaafd20fc1c40d19b92bac463dd74
db82dec3b29deb9816399a7d8e523f03fa1eb49c8cf15fe90c43749e99f37213
e3764abba43ed419e5344742545807d1406cea493ce43526b737f720763532d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa678b512734e98a17f7f673df7bb43c8d7215e68babf5af274d61c3bca45ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f221d43f23aefdfe7749694fc488a8f5803b3bda46615253e2f75429edff97c3
f50e35eed6b133c5adf2b14a6aa920dbf7384d40d0b2282b3b00670bccb48191

trumpcard.trumphotels.com Open in urlscan Pro 2606:4700::6812:1214 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

98 %HTTPS

70 %IPv6

18 Domains

21 Subdomains

20 IPs

3 Countries

2193 kBTransfer

5947 kBSize

24 Cookies

4 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

trumpcard.trumphotels.com Open in urlscan Pro
2606:4700::6812:1214 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

98 %
HTTPS

70 %
IPv6

18
Domains

21
Subdomains

20
IPs

3
Countries

2193 kB
Transfer

5947 kB
Size

24
Cookies

63 HTTP transactions
1 data transactions