offer.trumplighters.com Open in urlscan Pro
2606:4700:3036::6815:46a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.nationalpartisan.com/a/1614/click/6518/522757/de9d8bac222387e594542027a90e32ce5e534edf/e9ca49ed9bfadc1f2d34b8b2aa9cbb...
Effective URL:
https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-89...
Submission: On April 18 via api (April 18th 2024, 9:14:49 pm UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3036::6815:46a, located in United States and belongs to CLOUDFLARENET, US. The main domain is offer.trumplighters.com.
TLS certificate: Issued by GTS CA 1P5 on April 5th 2024. Valid for: 3 months.

This is the only time offer.trumplighters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.253.72.70 34.253.72.70	16509 (AMAZON-02) (AMAZON-02)
2 2	54.174.227.185 54.174.227.185	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.190.39.198 35.190.39.198	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:46a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	172.67.131.253 172.67.131.253	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.102.51 18.66.102.51	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.15 18.66.112.15	16509 (AMAZON-02) (AMAZON-02)
1	34.246.205.163 34.246.205.163	16509 (AMAZON-02) (AMAZON-02)
41	9

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.nationalpartisan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.72.70 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-72-70.eu-west-1.compute.amazonaws.com

go.offerwave.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.174.227.185 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-227-185.compute-1.amazonaws.com

ecommmkt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.198 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 198.39.190.35.bc.googleusercontent.com

www.y6hjvtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:46a (United States)

ASN13335 (CLOUDFLARENET, US)

offer.trumplighters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 172.67.131.253 (United States)

ASN13335 (CLOUDFLARENET, US)

offer.trumplighters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.205.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-205-163.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	trumplighters.com offer.trumplighters.com	2 MB
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2774 content.hotjar.io — Cisco Umbrella Rank: 6496	393 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 737 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	165 KB
2	y6hjvtrk.com 1 redirects www.y6hjvtrk.com	9 KB
2	ecommmkt.com 2 redirects ecommmkt.com	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2404	250 B
1	offerwave.org 1 redirects go.offerwave.org	2 KB
1	nationalpartisan.com 1 redirects links.nationalpartisan.com	592 B
41	9

	Domain	Requested by
33	offer.trumplighters.com	offer.trumplighters.com
2	www.googletagmanager.com	offer.trumplighters.com www.googletagmanager.com
2	www.y6hjvtrk.com	1 redirects www.googletagmanager.com
2	ecommmkt.com	2 redirects
1	content.hotjar.io	script.hotjar.com
1	vc.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	go.offerwave.org	1 redirects
1	links.nationalpartisan.com	1 redirects
41	11

This site contains links to these domains. Also see Links.

Domain
electriclighters.com

Subject Issuer	Validity	Valid
trumplighters.com GTS CA 1P5	`2024-04-05` - `2024-07-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
y6hjvtrk.com Starfield Secure Certificate Authority - G2	`2023-04-16` - `2024-05-17`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Frame ID: D8490C5B4794B857623EE3B66DB9F7EC
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trump Lighter

Page URL History Show full URLs

http://links.nationalpartisan.com/a/1614/click/6518/522757/de9d8bac222387e594542027a90e32ce5e534edf/e9ca49ed9b... HTTP 307
https://links.nationalpartisan.com/a/1614/click/6518/522757/de9d8bac222387e594542027a90e32ce5e534edf/e9ca49ed9b... HTTP 302
https://go.offerwave.org/aff_c?offer_id=2825&aff_id=1423&aff_sub=04/17national HTTP 302
https://ecommmkt.com/?a=8929&c=156925&s1=04/17national&s2=102a3a700f5e490bdd19e98c2c163d HTTP 302
https://ecommmkt.com/?a=8929&c=156925&s1=04/17national&s2=102a3a700f5e490bdd19e98c2c163d&ch-redir... HTTP 302
https://www.y6hjvtrk.com/FNX4R/363TCP/?uid=227&sub1=8929&sub2=04%2f17national&sub3=720811259 HTTP 302
https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff... Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Checkout

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

100 %
HTTPS

25 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

2712 kB
Transfer

3812 kB
Size

12
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://electriclighters.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://electriclighters.com/terms/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://electriclighters.com/contact/
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.nationalpartisan.com/a/1614/click/6518/522757/de9d8bac222387e594542027a90e32ce5e534edf/e9ca49ed9bfadc1f2d34b8b2aa9cbb125cd70482 HTTP 307
https://links.nationalpartisan.com/a/1614/click/6518/522757/de9d8bac222387e594542027a90e32ce5e534edf/e9ca49ed9bfadc1f2d34b8b2aa9cbb125cd70482 HTTP 302
https://go.offerwave.org/aff_c?offer_id=2825&aff_id=1423&aff_sub=04/17national HTTP 302
https://ecommmkt.com/?a=8929&c=156925&s1=04/17national&s2=102a3a700f5e490bdd19e98c2c163d HTTP 302
https://ecommmkt.com/?a=8929&c=156925&s1=04/17national&s2=102a3a700f5e490bdd19e98c2c163d&ch-redir=1&ckmxid=cogoqgdb0002fe688vog HTTP 302
https://www.y6hjvtrk.com/FNX4R/363TCP/?uid=227&sub1=8929&sub2=04%2f17national&sub3=720811259 HTTP 302
https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pre4 Show response
offer.trumplighters.com/trump/en/us/
Redirect Chain

http://links.nationalpartisan.com/a/1614/click/6518/522757/de9d8bac222387e594542027a90e32ce5e534edf/e9ca49ed9bfadc1f2d34b8b2aa9cbb125cd70482
https://links.nationalpartisan.com/a/1614/click/6518/522757/de9d8bac222387e594542027a90e32ce5e534edf/e9ca49ed9bfadc1f2d34b8b2aa9cbb125cd70482
https://go.offerwave.org/aff_c?offer_id=2825&aff_id=1423&aff_sub=04/17national
https://ecommmkt.com/?a=8929&c=156925&s1=04/17national&s2=102a3a700f5e490bdd19e98c2c163d
https://ecommmkt.com/?a=8929&c=156925&s1=04/17national&s2=102a3a700f5e490bdd19e98c2c163d&ch-redir=1&ckmxid=cogoqgdb0002fe688vog
https://www.y6hjvtrk.com/FNX4R/363TCP/?uid=227&sub1=8929&sub2=04%2f17national&sub3=720811259
https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a

25 KB
7 KB

77ms
34ms

Document
text/html

2606:4700:3036::6815:46a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:46a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a97e7afffbec510ac563a00e84c45372271edc19ba1d657f83ddbb0bea604b4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

age: 110418
alt-svc: h3=":443"; ma=86400
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
cf-cache-status: DYNAMIC
cf-ray: 8767aa7fbc951907-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Apr 2024 21:14:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8elEdItpIj%2Bz9F2uV7Ui%2BW1eSznvPK0JMhPQzNR6lFgLjMMtl%2FdXTiQnFPQQZNvVlgFVwsqzx8WnT8rZoJhx5Xn1E7qMN8V1AF8DTAJ9bVxexo4FLaSHUBcCBDdkVQPJ1ugV9bUvoYbgM%2Bx%2FesX81J5jAZtk7w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-nf-request-id: 01HVSGZJYYBC0GFJ47AETXTEZS

Redirect headers

accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 232
content-type: text/html; charset=utf-8
date: Thu, 18 Apr 2024 21:14:42 GMT
location: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
server: nginx
vary: Origin
via: 1.1 google
x-eflow-request-id: 32d6cd96-d029-4b2f-b91f-b8c03a524271

GET
H3 200 style-pre1.css
offer.trumplighters.com/trump/en/us/css/pre/ 37 KB
8 KB 50ms
49ms Stylesheet
text/css 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb578811acec354d0efcf56fdd812405b5ef15dbc45f6b306294947bd67e2a1c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVS15CCEY5KEB7BZ2KGR4GZT
date: Thu, 18 Apr 2024 21:14:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"bbf133a6063c9f3cf502b482dd13ca2f-ssl-df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JC7DNGF5jOMckvn2uYzWAphs1HnQVsroZGWEduZlBz%2Biy%2Bn4%2Bm4rPDU6Flu1TZopc20OL%2FmFXLKtQaknxX9pdc7zU3iLamR1GQFmO5gSv36GjtH2GtC9UwEf18UXc89mIhQqmqmzc%2FgyIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8767aa7ff8e95d9f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo.png
offer.trumplighters.com/trump/en/us/img/pre/ 4 KB
5 KB 33ms
33ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/logo.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ce6db5e52a303b321fa5f07a6ff4b8d3c030a815234150b8622bd820bbdc39b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HV0J915ZEPBTJ81GCKCA5ZSB
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "054d5555812a45e504f9ab9871185dd6-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U6gKzU6bOHr%2BGngL%2F2HOsUXV%2FFw4GY5UVdfLcCXrqWbzC5X2aalgJnjebiPit4JV0PP%2F7asBuNmiqCoKZCViPPGwQT8jfVXe25FsPTiI%2BDRzFKS0RFOVDYE5D0X6xx%2FCtup76tCoBzIK4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa7ff8ea5d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4396

GET
H3 200 author-img.png
offer.trumplighters.com/trump/en/us/img/pre/ 6 KB
7 KB 61ms
56ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/author-img.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6318f5d803ae122c3f43a480a870cc8fa6dc0b18198506b95dfb4a3b2b2351d3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVP966T0PQP470EKDDSWG3MW
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "08b8c15d6aad33ad50fd2132a8f4f7e6-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qLGXOdgIUawQMdPFHg%2BEf67GCE0D5aAQ6GcBeHPxEcm85DjmsNBRn80Evth6DgJL51IGu%2FlHyNuY9MyOqMtaV7y4PXe3sAicf%2FjZ8vQuozpJaQUf7I6R1b%2BvtWYg2f7NXUA3nmKjnSmkWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa8059465d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6336

GET
H3 200 Rectangle%2036.jpg
offer.trumplighters.com/trump/en/us/img/pre/ 38 KB
39 KB 33ms
33ms Image
image/jpeg 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/Rectangle%2036.jpg
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa12c82c086b1e0aab0944417ac77add7f2cefa828940637f686cd29ff7a899c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVPBHB9YA7Z0R5EHJ8X4WCV9
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "e7084b406f4b6eb938ec98cd81252902-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fvwxvK2IlUdgz%2BEIWqTP9nN8%2Fh%2FlP1AMw6QbYmxLNmckHCr%2BfW4w4izFpK3XS9AMEUzPKBB9S%2BS3x6lR8QiCQDmfYlF0McujG1RtPcgzFttHl9L5n5%2F5fjMGDh6Bxte8lJQAW7C7S%2FQD0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa7ff8ec5d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 38941

GET
H3 200 Rectangle%2054.jpg
offer.trumplighters.com/trump/en/us/img/pre/ 91 KB
91 KB 46ms
45ms Image
image/jpeg 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/Rectangle%2054.jpg
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f364f10c2ee55cda4e6279af70d8059f7571277c8971649c4a56b2320d508f3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HV9NX3W7CDSQTTB6FKPXC1VT
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "5de9f5f2a1aafb3caee378ffa4481230-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y6y72M531UaGf0hh%2BjIPfJscnR2d9fxwqODJwpjw9g6fDP85UL5ep9uJoURdj2bLRo1YW7sn7cvq2RIx2SUNMFRHomDttG%2B5rilKZnrLPT%2F2XTcqNOPLMqp4AUHBK4r6nOjTXHDSma0n%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa80391d5d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 93091

GET
H3 200 Group%20248.png
offer.trumplighters.com/trump/en/us/img/pre/ 152 KB
153 KB 48ms
48ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/Group%20248.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4d781b20d03091203589da1c2e8871f79f04f858ce95311c3977645cbd34731

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVPBHBA760QGTF07AJV5PK0F
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "e8fdde36a6f691529f15f932b83c8f80-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZZDe4sBarM9IkqIrPUcuZOeoUdWpXl2YETfFboG%2F3LWsdlab1%2Fb55I701ohovhfqqk%2Br%2F%2F6AQgkeevG7Lg0%2BMlNVsJlzpcEHjQ1Wzsn4MEMNWISarU1OR41KTmOjXwE8g0iE%2FNWUbNolYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa8049365d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 156135

GET
H3 200 Rectangle%2055.jpg
offer.trumplighters.com/trump/en/us/img/pre/ 91 KB
91 KB 39ms
38ms Image
image/jpeg 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/Rectangle%2055.jpg
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3632f7c32e3c49b43b378378e4f6f768b1449faed22af2b6b60320a5d25502b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVP966SBR8WZTPJJXEE7R3F1
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "3c81d1bfbdd449d8d71ae282536e9cd7-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=px9b29SJ9cI0CtFZ4XfluzSP1G56nmL%2BOcHtXiXy2Lc%2B%2FwHVpPEYS3S1LS660bqJnJ0kYpSaeG7xlLZZj33%2BykQwDeEmUgSW3Bfy6rkuQXbzTlsxw3Ngq8fk2YwG1uyymCbVKm6ixZg9uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa8049395d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 92754

GET
H3 200 lighter-marshmallow-2%201.png
offer.trumplighters.com/trump/en/us/img/pre/ 134 KB
135 KB 62ms
56ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/lighter-marshmallow-2%201.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b9d030fa0fe8125450375caa17272c5a3b9be14c47afdc9a25df580598a689a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVP966T2BR51CVS965BFXZVG
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "51b3698be602b4b167198de191882c9f-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K0KiyoTk7pXU576YnF1OTjCS5LRN2QbwJ1i6a76JA4JnjQj8CsytXpkv94%2FJ62hGQ7YiNaLo6334nKs%2FgKyKwlKlI6rIeiKgU7i%2BDYfmap6a%2FmY8KBsfg6FQeA5j30%2BCODqXdjNn%2BK1TyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa8059485d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 137643

GET
H3 200 news-1%201.png
offer.trumplighters.com/trump/en/us/img/pre/ 115 KB
116 KB 76ms
71ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/news-1%201.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8910474eddae742d07eed26ccfa91ca60595baaa926db54c5393444c08888d8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HV9NX3WE3QY8KKGPDPZCAMAC
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "0112fb38751012de90f6a6475d000923-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lw2G8YARRBBxJMRqVNMx%2BTcZplAqxq60DMs1h%2FQfmTAVHQwpDQgiM%2FyzwSnWfZbBLliU6tAW%2FSQB3fl%2BEdIJCFIPMihYlVu1BnSAzhboIUA20McMdawwNaY2f48yDWpNWM1GxjfIoo7BLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa8059495d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 118044

GET
H3 200 news-2%201.png
offer.trumplighters.com/trump/en/us/img/pre/ 182 KB
183 KB 75ms
69ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/news-2%201.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96446cfa2bf1b46b70df9e04eb6c501eb3d521ceb91dc056512b82c11cfd05ac

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVP966SNXZB9EBCKR3YMSY0N
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "140fc79cc0407e32ea97055921a6ca9c-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SSoZuyqM3CftPtJTqTyimaajNYrWX%2BrfQ0WPgGap%2BS47kLUR7H0EabkpFbcy4h6lz86e9iIOt1DB45q4KQBdXbwAKpTWA1FFfKADaOi6%2B4HdB8PdSFap%2Fb2mgH45u6R%2BtLEO8YvWj6exVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa80594b5d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 186472

GET
H3 200 news-3%201.png
offer.trumplighters.com/trump/en/us/img/pre/ 214 KB
215 KB 91ms
86ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/news-3%201.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a7cda41d50f64db5c7c90f3c15472a5e8dfc8f497a7738d5beaadffef385fc7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HV9NX4A9F5GV6V4FWXZDTA5A
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
etag: "a52d58d4beb2fe7bb4e68b0050377d4e-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8H%2FxCUxX6HHRUJllLf9sdIqQ24HDwoTaLW59jP2sC6oV6TNyfIT4CVUcvUW0uSjRxxMWg6R0QbYXxGsCv0gGNqAS8ptc%2Fz8uagDi42PPXXCG6AlUKrS6stHDCDCzw%2BT6uYJTDw2MNyYnGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa80594d5d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 219191

GET
H3 200 news-6%201.png
offer.trumplighters.com/trump/en/us/img/pre/ 240 KB
241 KB 106ms
101ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/news-6%201.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48dcfd1ca779007ec8c7d438f0574bd3ab6502f07db95b6483e25ae1afe804a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HV9NX4AMRN1594EWJFSWFQHT
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
etag: "726396c58c1fe76cd65c9f71c1103925-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I0392Nm8nCQQOO%2FzokI53nyoVKY6Ixg1MY6VGAoSL9ZSD9NifqL8VMVmPfNa2XwNJKaCUcIoUrUGzHVlPKkvL%2FdIuBktyc43JmJ6GE4hllGcP5l6X5QY9%2F%2FxxrtwyeztsitfmKaWwqiskw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa80594e5d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 245708

GET
H3 200 fathers-day-1%201.png
offer.trumplighters.com/trump/en/us/img/pre/ 206 KB
207 KB 117ms
112ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/fathers-day-1%201.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720d8cdd00b63a788a59431f9dceda8c098e8f88fe6c8e40978074a08327d223

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HV9NX5302JSEHYWJMYZTRF3B
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
etag: "8a25f2bce238b208e61d6c75edcb224f-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7buUiZ5h3DoA1GvYSSwLPrswUP6Y8btM3lwngHoUcYwnqJYaqen5zVGLBmCYBprBZk%2FbOP5qmusHoezc05%2BzdvMl2Jh2sMOl1ZUUqfAKiqaKINIB4w8QTGdXg5izCP19wT7rOjKbdxlBqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa8059505d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 211353

GET
H3 200 right-img3.jpg
offer.trumplighters.com/trump/en/us/img/pre/ 129 KB
130 KB 128ms
124ms Image
image/jpeg 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/right-img3.jpg
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53a8318a4b95a737f39f6bbdacf9b47140b6acc336054bf3a9731f34e96f583f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVP966ST6K62HXF0W78C07KD
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "96fa553d925497aa8e08921d0df640aa-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oTqr6ZaA1YiZGvxukammk5CishvEwYw5fDu15zTSt%2BiH2G53I5Dc90g7VBImw5fvoHVu25go0XsBrhYXpenUnAS05DQarueLjM%2FrQsOnHEdOpotr2LPSp0OzJupF60eKAG3EaXkSn%2FtFug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa8059535d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 132512

GET
H3 200 cut-icn.png
offer.trumplighters.com/trump/en/us/img/pre/ 3 KB
4 KB 140ms
135ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/cut-icn.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76f1f6526cb7d13d927dd098ab11b373d670c5bfe824d3afcb2b9c132ec25583

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVP966SQTC6HBPD65EQFJ36Z
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "282e413e5bdedaebbfae92bad8bfa6c0-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bYTUNVp5Iz6Dh2cUsjdcde30EBD4mvSkIKGOyjVpZzAb3anjVqLyCih%2FnM%2BIDWPUSofDX64FSFlY36N0yUomQRt5s57zWGirmIJmo9%2FvW6FE5JNDX39JKjU6n62bBlGBoTzP0k%2FyyEp4TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa8059565d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3554

GET
H3 200 yello-bdr-tick.png
offer.trumplighters.com/trump/en/us/img/pre/ 2 KB
3 KB 142ms
137ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/yello-bdr-tick.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfb127f31cb64bbf68d03d747caa6e5c94c139f37c0b4c538f706ba7e0626e93

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVP966SZ4V8F2976V46ZJ4P8
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "0568b01bf1fe436e420bc79c63aa8945-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aSfAtG4ltm1%2FKrNbF7SWt7TUgRbaWD14u3GGc4YX23ZDAZjjc5tebX8NBf1%2FLIyXDJxC2doDROAUH52nuzjNv%2BUOTLorbVrawuGHrejv%2FZd%2BHqpMuzVqZ3htPAeqtFwqn8CckSYtaqyfxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa8059575d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2385

GET
H3 200 Group%20253.png
offer.trumplighters.com/trump/en/us/img/pre/ 18 KB
19 KB 143ms
138ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/Group%20253.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ae01720dd802bf5224efe3f6f44380d324dc049fdacb2754eb403c34e492273

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVRJ8N7D9VEDERAAHMP2PTAQ
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "94b4625f8e8c9ade198718040dab5323-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S6laJVWhMzW%2BENiAmv%2BEH%2FwyIS39MTl%2B7BRKpFAeGfLwn4TqP1NOJb4gwq9IgolOQ9Pv3V3UWfBZMNuUV%2Bi9dNzwOuV8jZh%2FqHSHt67mOFBpGqIqS4iy%2F50%2FOQ3NL0ugadQibjP0yWJF5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa80595b5d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 18824

GET
H3 200 s7-card-1.png
offer.trumplighters.com/trump/en/us/img/pre/ 23 KB
23 KB 144ms
139ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/s7-card-1.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a538fdf41aff5cb1c6c89d3ce52bac81d0b42e4116feea7b14d21036fa2195c5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVP966SR75ZRCQJSHSJD2QSN
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "0a404773d180ae31cac82162850687b0-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YO6KrrrplsgojcmX1ni0xbJAJn3lbiWEx20zRHLYhy1ZivDPgFXBXTQR2NZycVVtXYGnpQ6AP1PvkfToxsujBUTRtl7V0mkizfMnICAjdUAFm19Mmg8UAxg31zEFrv%2Bf1N9B1Wb%2FK3v5IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa80595d5d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 23281

GET
H3 200 Group%20250.png
offer.trumplighters.com/trump/en/us/img/pre/ 13 KB
13 KB 144ms
139ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/Group%20250.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b691dd6aecaa3ece62e9afd6bdb265a918dfc12cb9e8ad2b24a1e0726ee650d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVP966SQJ5MQWZCBYTAJETSS
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "09eb1c4c4512a0935279a67060503211-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VX6sxAtC9luthY4pCmITW2q8VpVuEr5kBArFumrWD%2Bg0fxSfg%2FVV9uKT9ekM8QbmEV3GVT2o0MjWuw%2F6UWqXu%2BNZziVWfGCsTWVFn5IPRCVpSjFPRzXajenf%2Bi9qhphqsjX1o7ltXifW4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa80595e5d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13270

GET
H3 200 btn-arw.png
offer.trumplighters.com/trump/en/us/img/pre/ 1 KB
2 KB 147ms
142ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/btn-arw.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af43b4c9ff0572b4fed1935a9bde8986d0adb73484dca46a5489e337b866e30d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HV9NX8CT1NJQ92NNCYV7525K
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "cea4c51cd237871514e8eadf94a9d2b1-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AtSnxPls%2FixTjlKHOD2pfjfiTAaHGcFnosc0TS%2B%2Bn8zb%2BAwh3RNcud%2FRoExwZtVYeNONe2ogvLx1zym%2BRtHJvtKw3CL7yvr3j%2B1XGQPZwgYc6Jk1%2FALVJz%2By2ywXppqlFQ3EOb1LXI471Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa8059635d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1063

GET
H3 200 LogoF.png
offer.trumplighters.com/trump/en/us/img/pre/ 6 KB
7 KB 148ms
143ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/LogoF.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbf6ba2b04ebea1f8b07edb4267779c5170b0cfaba01075372d7ee2522ece9ee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HV1JC0VEAFTQ53HR5KFBZ68V
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
etag: "4a16ee19f89a7e5cdc960ba340960397-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXGerLWJC7xUoyR8%2FAojNqmjNlrUfwVyjvvcZgjZ4QLWyA4lDXUs6bM99wjXjAwP6qBe0z6k5%2Fyg88UwK4y09AMGWatr%2Bm1Fngjg0R0PCuZU%2FcHfuxfQmfdobZGY2FwL%2Bf02KiKPPQfxYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa8059675d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6126

GET
H3 200 email-decode.min.js Show response
offer.trumplighters.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 13ms
11ms Script
application/javascript 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.trumplighters.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:14:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Apr 2024 08:54:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661ceb5d-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VpR82VKZXp75ZP06%2BuZic799eujSfiYb%2FZE0HLQicao9H0jF3vS2UJcPUnzufh%2Fl411HJbXgOsVd5HO6DM6PRx4LHQh2p9GU9cn6gaellby4xJp380cmS4Ps0YKKU%2BUs0tP87t6wXc2www%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8767aa80593d5d9f-FRA
expires: Sat, 20 Apr 2024 21:14:42 GMT

GET
H3 200 jquery-3.6.0.min.js Show response
offer.trumplighters.com/trump/en/us/js/pre/ 87 KB
32 KB 58ms
54ms Script
application/javascript 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/js/pre/jquery-3.6.0.min.js
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVS15CQEQVZ1YXK0MF2G4G8A
date: Thu, 18 Apr 2024 21:14:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"d02571e3593c7ac903004599031cdc0e-ssl-df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hkb5xflJumxgY%2BlQVXaQz2YGT1n9mQ6Rtv7dLEbMlgtDe10arp0KJfQ1Aa5uD0f4BwZ4jAvjlWGercTkr9FXq6FOolHMJqBNyCGZi1c9IMBAIWNP%2BNZ9pU3IdlwE9AXLVtRMBf%2FNf3OmCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8767aa80593f5d9f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.sticky.js Show response
offer.trumplighters.com/trump/en/us/js/pre/ 4 KB
2 KB 60ms
56ms Script
application/javascript 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/js/pre/jquery.sticky.js
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cf7833ee174c4af5765d79030bd45b759e7c1d47799e4062b8ad64cf7b3d581

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVM1ZY0BME7P9KMG4FJKB90S
date: Thu, 18 Apr 2024 21:14:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"4d0cd952936b15bf95416a49f2f8ffd1-ssl-df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PHTEzvAHnm%2Faq6cOrJqm7lXazNaDyeu0ZC3R6OUXDrWqK3vMKgTwLIfbgPyTGb%2FzX7cyJR5zUsnLusDXheVwx86kQC3vMPRuhICBaH6OtNi6zXdNs1YN62vK%2FE1c79pxY2%2B%2BASvA5EJFZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8767aa8059425d9f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 campaign.js Show response
offer.trumplighters.com/trump/en/us/js/pre/ 24 KB
4 KB 61ms
55ms Script
application/javascript 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/js/pre/campaign.js
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9ea17f3b92f547393274b661ed542513d53e8a8e95da34aa92ae11e2744f5bb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVQHEP32X7PW87N4YZ2GN6NS
date: Thu, 18 Apr 2024 21:14:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"79ca8a82abeb3c905014d956d4f6753a-ssl-df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=133JniyVcc2KvKQ8cBRUW%2Fnigze0ssMEfCGN6nOQoDe7Ic3trhRzBOxNvtQolSBFG3RUCwwZiQhpCJfuxUaH50mr5rO%2BRZzkQ1dojurpt2t8olbs4K%2FmxFUuqbjhrqIHqRMz9KV0h3v52w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8767aa8059445d9f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 189 KB
67 KB 59ms
29ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6J4G4J

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b17cabe6addb2e76e8fce826321ab7462b7a8260cdad2ebc9b5a4944f20de1cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:14:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Apr 2024 21:14:42 GMT

GET
H3 200 Group%20255.png
offer.trumplighters.com/trump/en/us/img/pre/ 60 KB
61 KB 146ms
143ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/Group%20255.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beefc344e4a6c4a5e667bb68de613543765c946d454b8c5dc78997a5e47764c4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVPBHSN40X8FFWS1T1P9MGD9
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "d8db728b46f33764d7f003ea377a2f69-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M0TopUNfdo92JOabI29qvm39ZXa6XBgy5ku57vixLJwQXnU5vLeFiXBPYLhNVt9XCh882%2BYAPzcskAw4csWaIUtxP7DpxzYWVWGppr6xNzwBaur%2FPMfJcCwdN91n%2BrqC7njmua4HOLbiTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa8059695d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 61774

GET
H3 200 Group%20249.png
offer.trumplighters.com/trump/en/us/img/pre/ 217 KB
218 KB 149ms
146ms Image
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/Group%20249.png
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 627483e2cdfe6ea853aed8560860b80dcedfae93bd2e85f8c8c4d2c3cfee823c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HV9NX40TQQ4Q5PRRHEBMJCJE
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
etag: "718107a0db9d48fd169c2f537e2895fd-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ME0MK0iIDKTThwSRxzisLX34Z%2F1PV%2FqQQs6Nvs1F9Ksbbbj3o8SOZ3fA20D9uSaSh2UAYEhTfpp3OFPd7Kf%2Bgt0UEEOJJ8JxHXMld3%2FZCapmdoe1iiNY5s0JftcVGCsOYjw8lWRYcHLwvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa80596b5d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 222370

GET
H3 200 Inter-Regular.ttf
offer.trumplighters.com/trump/en/us/css/pre/ 303 KB
140 KB 133ms
131ms Font
font/ttf 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/css/pre/Inter-Regular.ttf
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3127f0b873387ee37e2040135a06e9e9c05030f509eb63689529becf28b50384

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Origin: https://offer.trumplighters.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HV9NX3XG3RQB700BZV8Q7F7F
date: Thu, 18 Apr 2024 21:14:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"798536f5da2329d2a37de67236c0ff0f-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2zLcRDcsI9dsh3%2Fgv4jBRDAXolimsJQQVOlORIIKoT%2BmqcjKKVbJlfKhsHCN%2BgOivccwqCrUFjLrqutt5GOTVW4KjpLzJ2ygH7oCNUoqREZ4v4TaOLzo%2FvDnJ%2FgIHNnb9ILY5jN2z%2BO76A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8767aa8089805d9f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Monarcha%20W01%20Regular.woff2
offer.trumplighters.com/trump/en/us/css/pre/ 20 KB
21 KB 141ms
140ms Font
font/woff2 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/css/pre/Monarcha%20W01%20Regular.woff2
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f14094f640c5cd971656c6e59efdbdcc7bf4468a78ae4decd012bed0bd49d777

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Origin: https://offer.trumplighters.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HV9NX3XGWMM7X3XVDKEXAZTA
date: Thu, 18 Apr 2024 21:14:42 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
etag: "8f31c9da01f3110c6ce848b4cc2c3a76-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XswtrmEKQJH9IVxGtKheLtr4WQ4yda1cUzvXv7E%2FI%2Ft6lXSQWQtc4utQ%2BYYyCqpeeCxIpUYtjzl29bKhEEKewslMaXeZ12OJ1PGAv6vyF7xaK5heD33lPGYa20vaCXwXFBsIsMLGUTKiuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa8089855d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20544

GET
H3 200 Inter-Bold.ttf
offer.trumplighters.com/trump/en/us/css/pre/ 309 KB
151 KB 142ms
142ms Font
font/ttf 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/css/pre/Inter-Bold.ttf
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 412c068eab6f36e6807d630ff89127165e8e4d3e8653434cdfb56b60cdcc3a32

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Origin: https://offer.trumplighters.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVP966SYXNGYJ61R5PPYAXYH
date: Thu, 18 Apr 2024 21:14:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"5dd1b2eaa6391e430b738445c110195e-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5sExdB%2BXrd5mSbhvkEDo%2FApLa1eU96RQ1BXViFlv0bdJmR9uyDMl%2FWYimS8a1AL1A74qSx5vUw5CDjiIlL9qvj9HjeuHpSamGX5N92a1%2FpZRFhWoYoilTpfWjTRaUyTCcIEDPMFHA8Mqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8767aa8089875d9f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Inter-Semibold.ttf
offer.trumplighters.com/trump/en/us/css/pre/ 309 KB
150 KB 157ms
156ms Font
font/ttf 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/css/pre/Inter-Semibold.ttf
Requested by: Host: offer.trumplighters.com
URL: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0b540e69bf6717016e33874670e09acf4bffc2ca3f4c1cf174a4ff696308c65

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/css/pre/style-pre1.css
Origin: https://offer.trumplighters.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HV9NX41GB9XJRE40SWT58JNB
date: Thu, 18 Apr 2024 21:14:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
etag: W/"e325e00a37e13471c206ac1103d0ff30-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uiN%2Bagq9t%2BUfX%2BGNetyA4g0ZobdwoxP4X1rG7mzQMxQyUQERYuOWaCyVMVLTyKjyrL4F8J6pJneyAMoK1XF4klD7Ej3ZsTMukzq8VZlkdRMuH9aONzf1lbLOCnrjfl6HU1jVElTyrgFZpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8767aa80898a5d9f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
98 KB 41ms
28ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-05H6BTS6HK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6J4G4J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c45954541f2bc6f0c03e62c8879ca79001a9d6b3ed6c2f255244401d54f9d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:14:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100067
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Apr 2024 21:14:42 GMT

GET
H2 200 hotjar-3644136.js Show response
static.hotjar.com/c/ 9 KB
4 KB 107ms
42ms Script
application/javascript 18.66.102.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3644136.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6J4G4J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-51.fra56.r.cloudfront.net

Software

Resource Hash

0048a429d0bb05a34062000a70ab9e4506434df017006bcbfdc3e4599f1ff30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 18 Apr 2024 21:14:42 GMT
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/86516b5e3262a4a210fcdf3ce461ed2b
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: BaLwLFIGNXIDs6kkJ45GqNzhj60HUglYEygMM3owOsOPj4dR5CXhLQ==

GET
H2 200 everflow.js Show response
www.y6hjvtrk.com/scripts/sdk/ 31 KB
9 KB 157ms
114ms Script
text/javascript 35.190.39.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.y6hjvtrk.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6J4G4J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.198 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 198.39.190.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3abe720fe60d68c7771bbf5bce406d244480b0989ed41e05012e6d3bd5cf100f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:14:42 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: 807fb685-99e7-4f59-874c-ee2be1f1b8ed
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 59ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-05H6BTS6HK&gtm=45je44f0v9116032628z89116025465za200&_p=1713474882604&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=346546295.1713474883&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713474882&sct=1&seg=0&dl=https%3A%2F%2Foffer.trumplighters.com%2Ftrump%2Fen%2Fus%2Fpre4%3Fbar%3Dn%26subid%3D10%26clickid%3D4cb0606d97a64bbca22b684038ffed3a%26aff%3D10%26utm_source%3D10-8929%26utm_content%3D44%26evclid%3D4cb0606d97a64bbca22b684038ffed3a&dt=Trump%20Lighter&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1990
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-05H6BTS6HK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 18 Apr 2024 21:14:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offer.trumplighters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.9c3b50ddbc74247d2ae3.js Show response
script.hotjar.com/ 221 KB
55 KB 46ms
7ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.9c3b50ddbc74247d2ae3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3644136.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

84abbb88240359c728c738ec4acb83fc354afd75d7470279f1fe01f9841e5f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 17:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 187416
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55691
last-modified: Tue, 16 Apr 2024 17:10:18 GMT
etag: "cb9e8e6a84fdeebfc271614ce016b88e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -PwTBuzA2LNAm7hicOQRq0QfHpWy1UeOIqfWmjiSDU-HtXXwFG3kAQ==

GET
H2 204 3644136 Show response
vc.hotjar.io/sessions/ 0
232 B 131ms
33ms XHR
text/plain 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3644136?s=0.25&r=0.03479944590599482
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9c3b50ddbc74247d2ae3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 18 Apr 2024 21:14:43 GMT
cache-control: no-store
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 7JApkSoU1-87EwW8mMbSkdoe5wL6B8hlCG4ldQlnPC_pyq44vf3egw==
x-cache: Miss from cloudfront

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 140ms
60ms XHR
application/json 34.246.205.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=3644136&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9c3b50ddbc74247d2ae3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.246.205.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-205-163.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 03e7a635fc14e83ca2e6bc72bcc5231ba86285024fadabbe0fac31aea29ce8b8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://offer.trumplighters.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 18 Apr 2024 21:14:43 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H3 200 favicon.png
offer.trumplighters.com/trump/en/us/img/pre/ 2 KB
2 KB 34ms
28ms Other
image/png 172.67.131.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.trumplighters.com/trump/en/us/img/pre/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26b43226bd2cdc442af79b9185e075cdbae727bcf5ba10c02984a7ae412e102b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HVP9673Q9DQ92MXZ4HFQJHXQ
date: Thu, 18 Apr 2024 21:14:43 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "4694db8fd0ff763dc4453fbf1a01743b-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rGD%2FPOwh0sde8hIpe38dReo49tKFJ%2BlNTyd%2BaHCdAnf5OBnhIJuQfg8%2Fx3XgNuinZL56kpt9l5sSMEUd2z5bc%2FaPr7%2BeiosVvql9A457uBAwYC0aTI2SY2A49mH2vTIQ%2FZs%2BhBqtsCCxtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8767aa83cc845d9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1875

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
links.nationalpartisan.com/	1970-01-20 20:05:06	Name: _session_id Value: c20a29fbe31d5a7eacbec15a6b93322d
go.offerwave.org/	1970-01-20 20:41:06	Name: enc_aff_session_2825 Value: ENC0347cd201c9f0cb7fbe2bcce30850f661c20a609bfa67d990fc7b0e9f69e1b208fa4eba9e9524b0804cc0d1fa8d3d2a732989e2215b6dce2c8e1effb2a86c46112a61ea7c06e08169c4f475bfea8184416e171e82f098884b266be6c719c886895ad082480f7950d861c28e9cbb962bfa8bf4dbd741bfcf6fffcba12714f29235015420d0c
go.offerwave.org/	1970-01-21 05:33:54	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjQiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiYWNjZXB0X2xhbmd1YWdlIjoiZGUtREUsZGU7cT0wLjk7cT0wLjkiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=
.ecommmkt.com/	1969-12-31 23:59:59	Name: sid Value: 8DTSKyEbGjPFZ5ez4L6WFyerdx6Vpob5EqWjfV2IZr7IHo/YKorsYw==
.ecommmkt.com/	1970-01-21 05:33:54	Name: trk Value: ZEvAIerVd5tFkGTuI4uwvierdx6Vpob5EqWjfV2IZr7IHo/YKorsYw==
.ecommmkt.com/	1970-01-20 20:41:06	Name: c34461 Value: 8DTSKyEbGjO1+YnrdC1/Ex26LolAGmSfkDebVDnB8f6mt6Rnxa9E+g==
www.y6hjvtrk.com/	1970-01-20 19:59:21	Name: uniqueClick_363TCP Value: 202caf79-ffb3-4fa2-a356-ede589b17caa:1713474882
www.y6hjvtrk.com/	1970-01-20 22:07:30	Name: transaction_id Value: 4cb0606d97a64bbca22b684038ffed3a
.trumplighters.com/	1970-01-21 05:33:54	Name: _ga_05H6BTS6HK Value: GS1.1.1713474882.1.0.1713474882.0.0.0
.trumplighters.com/	1970-01-21 05:33:54	Name: _ga Value: GA1.1.346546295.1713474883
.trumplighters.com/	1970-01-21 04:43:30	Name: _hjSessionUser_3644136 Value: eyJpZCI6ImIyNDhhZmM2LWJlNTYtNWMyMC05Y2JlLTM5ODQ2OGM1ZGRhMSIsImNyZWF0ZWQiOjE3MTM0NzQ4ODMwNjYsImV4aXN0aW5nIjp0cnVlfQ==
.trumplighters.com/	1970-01-20 19:57:56	Name: _hjSession_3644136 Value: eyJpZCI6IjU4MzAyMzdkLWM2M2UtNGQ3YS04NjlhLTRmMmVmYTE3ZjE5MCIsImMiOjE3MTM0NzQ4ODMwNjcsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://offer.trumplighters.com/trump/en/us/pre4?bar=n&subid=10&clickid=4cb0606d97a64bbca22b684038ffed3a&aff=10&utm_source=10-8929&utm_content=44&evclid=4cb0606d97a64bbca22b684038ffed3a Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content.hotjar.io
ecommmkt.com
go.offerwave.org
links.nationalpartisan.com
offer.trumplighters.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
vc.hotjar.io
www.googletagmanager.com
www.y6hjvtrk.com
13.32.27.21
172.67.131.253
18.66.102.51
18.66.112.15
2001:4860:4802:32::36
2606:4700:3036::6815:46a
2a00:1450:4001:806::2008
34.246.205.163
34.253.72.70
35.190.39.198
35.238.129.105
54.174.227.185
0048a429d0bb05a34062000a70ab9e4506434df017006bcbfdc3e4599f1ff30e
03e7a635fc14e83ca2e6bc72bcc5231ba86285024fadabbe0fac31aea29ce8b8
0c45954541f2bc6f0c03e62c8879ca79001a9d6b3ed6c2f255244401d54f9d26
1a7cda41d50f64db5c7c90f3c15472a5e8dfc8f497a7738d5beaadffef385fc7
1b9d030fa0fe8125450375caa17272c5a3b9be14c47afdc9a25df580598a689a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26b43226bd2cdc442af79b9185e075cdbae727bcf5ba10c02984a7ae412e102b
2cf7833ee174c4af5765d79030bd45b759e7c1d47799e4062b8ad64cf7b3d581
2f364f10c2ee55cda4e6279af70d8059f7571277c8971649c4a56b2320d508f3
3127f0b873387ee37e2040135a06e9e9c05030f509eb63689529becf28b50384
3abe720fe60d68c7771bbf5bce406d244480b0989ed41e05012e6d3bd5cf100f
412c068eab6f36e6807d630ff89127165e8e4d3e8653434cdfb56b60cdcc3a32
4ae01720dd802bf5224efe3f6f44380d324dc049fdacb2754eb403c34e492273
53a8318a4b95a737f39f6bbdacf9b47140b6acc336054bf3a9731f34e96f583f
627483e2cdfe6ea853aed8560860b80dcedfae93bd2e85f8c8c4d2c3cfee823c
6318f5d803ae122c3f43a480a870cc8fa6dc0b18198506b95dfb4a3b2b2351d3
720d8cdd00b63a788a59431f9dceda8c098e8f88fe6c8e40978074a08327d223
76f1f6526cb7d13d927dd098ab11b373d670c5bfe824d3afcb2b9c132ec25583
7b691dd6aecaa3ece62e9afd6bdb265a918dfc12cb9e8ad2b24a1e0726ee650d
84abbb88240359c728c738ec4acb83fc354afd75d7470279f1fe01f9841e5f4b
8ce6db5e52a303b321fa5f07a6ff4b8d3c030a815234150b8622bd820bbdc39b
96446cfa2bf1b46b70df9e04eb6c501eb3d521ceb91dc056512b82c11cfd05ac
9a97e7afffbec510ac563a00e84c45372271edc19ba1d657f83ddbb0bea604b4
a538fdf41aff5cb1c6c89d3ce52bac81d0b42e4116feea7b14d21036fa2195c5
af43b4c9ff0572b4fed1935a9bde8986d0adb73484dca46a5489e337b866e30d
b0b540e69bf6717016e33874670e09acf4bffc2ca3f4c1cf174a4ff696308c65
b17cabe6addb2e76e8fce826321ab7462b7a8260cdad2ebc9b5a4944f20de1cd
b48dcfd1ca779007ec8c7d438f0574bd3ab6502f07db95b6483e25ae1afe804a
b4d781b20d03091203589da1c2e8871f79f04f858ce95311c3977645cbd34731
b8910474eddae742d07eed26ccfa91ca60595baaa926db54c5393444c08888d8
beefc344e4a6c4a5e667bb68de613543765c946d454b8c5dc78997a5e47764c4
c9ea17f3b92f547393274b661ed542513d53e8a8e95da34aa92ae11e2744f5bb
cb578811acec354d0efcf56fdd812405b5ef15dbc45f6b306294947bd67e2a1c
cbf6ba2b04ebea1f8b07edb4267779c5170b0cfaba01075372d7ee2522ece9ee
cfb127f31cb64bbf68d03d747caa6e5c94c139f37c0b4c538f706ba7e0626e93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f14094f640c5cd971656c6e59efdbdcc7bf4468a78ae4decd012bed0bd49d777
f3632f7c32e3c49b43b378378e4f6f768b1449faed22af2b6b60320a5d25502b
fa12c82c086b1e0aab0944417ac77add7f2cefa828940637f686cd29ff7a899c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

offer.trumplighters.com Open in urlscan Pro 2606:4700:3036::6815:46a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

25 %IPv6

9 Domains

11 Subdomains

9 IPs

3 Countries

2712 kBTransfer

3812 kBSize

12 Cookies

3 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

offer.trumplighters.com Open in urlscan Pro
2606:4700:3036::6815:46a Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

25 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

2712 kB
Transfer

3812 kB
Size

12
Cookies

41 HTTP transactions
0 data transactions