urlscan.io logo urlscan.io
SecurityTrails logo

trump-organisation.online.qfsglobalsystem.com Open in urlscan Pro
62.76.25.135  Public Scan

Go To Rescan Add Verdict Report
URL: https://trump-organisation.online.qfsglobalsystem.com/
Submission: On May 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 63 HTTP transactions. The main IP is 62.76.25.135, located in Moscow, Russian Federation and belongs to NETRACK-AS, RU. The main domain is trump-organisation.online.qfsglobalsystem.com.
TLS certificate: Issued by R3 on May 7th 2024. Valid for: 3 months.
This is the only time trump-organisation.online.qfsglobalsystem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

36    62.76.25.135 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)
PTR: msk.rackserver.ru
trump-organisation.online.qfsglobalsystem.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    172.67.72.223 (United States)

ASN13335 (CLOUDFLARENET, US)
code.tidio.co
7    2606:4700:20::681a:98b (United States)

ASN13335 (CLOUDFLARENET, US)
widget-v4.tidiochat.com
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
36 qfsglobalsystem.com
trump-organisation.online.qfsglobalsystem.com
11 MB
7 tidiochat.com
widget-v4.tidiochat.com — Cisco Umbrella Rank: 22230
319 KB
4 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 312
20 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2533
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
268 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
73 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
274 B
1 gstatic.com
fonts.gstatic.com
33 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
21 KB
1 tidio.co
code.tidio.co — Cisco Umbrella Rank: 17224
485 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 776
30 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
990 B
63 13
Domain Requested by
36 trump-organisation.online.qfsglobalsystem.com trump-organisation.online.qfsglobalsystem.com
7 widget-v4.tidiochat.com trump-organisation.online.qfsglobalsystem.com
code.tidio.co
4 cdn.cookielaw.org trump-organisation.online.qfsglobalsystem.com
cdn.cookielaw.org
www.googletagmanager.com
3 www.googletagmanager.com trump-organisation.online.qfsglobalsystem.com
www.googletagmanager.com
2 cdnjs.cloudflare.com
2 connect.facebook.net trump-organisation.online.qfsglobalsystem.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.facebook.com trump-organisation.online.qfsglobalsystem.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.jsdelivr.net trump-organisation.online.qfsglobalsystem.com
1 code.tidio.co 1 redirects
1 code.jquery.com trump-organisation.online.qfsglobalsystem.com
1 fonts.googleapis.com trump-organisation.online.qfsglobalsystem.com
63 14

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
twitter.com
Subject Issuer Validity Valid
trump-organisation.online.qfsglobalsystem.com
R3		 2024-05-07 -
2024-08-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-15 -
2024-05-15		 3 months crt.sh
tidiochat.com
GTS CA 1P5		 2024-03-17 -
2024-06-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 3 frames:

Primary Page: https://trump-organisation.online.qfsglobalsystem.com/
Frame ID: 7D7B16FBFD768645173639FA15BB3D0A
Requests: 54 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_223_0/static/js/chunk-WidgetIframe-ab0ffde36be6aa7a153d.js
Frame ID: 4E9658F5C78B6171907C519D1FC2921A
Requests: 4 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Frame ID: 8CBB5967C3DF7ADBC8386FC3278B5009
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Trump Organization | Luxury Real Estate Portfolio

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
Overall confidence: 100%
Detected patterns
  • /npm/sweetalert2@([\d.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

63
Requests

97 %
HTTPS

79 %
IPv6

13
Domains

14
Subdomains

14
IPs

4
Countries

11943 kB
Transfer

14220 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://code.tidio.co/el3xdvooeqc8yaqnmjk6as4pykt5evum.js HTTP 302
  • https://widget-v4.tidiochat.com/1_223_0/static/js/render.ab0ffde36be6aa7a153d.js

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
trump-organisation.online.qfsglobalsystem.com/ 		62 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
5812abb0d519b4c1f3b371682313e269741d6b1890a21466e7b126b5a278dcac

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 07 May 2024 22:17:24 GMT
vary
Accept-Encoding
css
fonts.googleapis.com/ 		3 KB
990 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1076d5bb7f1896b00ca2e5fe084f70af57c528d2b01ef24d986e4a5941bc270a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 May 2024 22:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 May 2024 21:58:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 May 2024 22:17:25 GMT
site.css
trump-organisation.online.qfsglobalsystem.com/assets/css/ 		206 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
32dfeed679af85bdcc816468f5b73ddc6ec39b89ce49b5b21e269f04203a163d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 22:17:24 GMT
content-encoding
br
last-modified
Mon, 21 Aug 2023 16:50:26 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
24647
expires
Tue, 14 May 2024 22:17:24 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 22:17:25 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
976426
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-mxp6942-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1715120245.111877,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
5, 443283
render.ab0ffde36be6aa7a153d.js
widget-v4.tidiochat.com/1_223_0/static/js/
Redirect Chain
  • https://code.tidio.co/el3xdvooeqc8yaqnmjk6as4pykt5evum.js
  • https://widget-v4.tidiochat.com/1_223_0/static/js/render.ab0ffde36be6aa7a153d.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_223_0/static/js/render.ab0ffde36be6aa7a153d.js
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H2
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5d95d14910af85648443b6c5c45602ad1075b028950459e1ceaad8ef63578c0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://trump-organisation.online.qfsglobalsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 07 May 2024 22:17:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 07:40:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1921
etag
W/"6626145b-1472"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOJ7xAqUIVV41eSO3gBo4Eql7TT%2BoE9qiIZxGYHVri%2FOVyxX3JvVuX8ADiS%2B0AJMfIo8CttSvfsCo3MzZpxIVEF6KW0dcM4LiBpXYN7OCujsX3skVK6HXIhTiB3fzWCyqpwrVU2LF0nMuo2k9396XPPbLIK9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
880494806d0630f3-FRA

Redirect headers

date
Tue, 07 May 2024 22:17:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
widget-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WtEkYuDU61agxIvRrvDcnSjJrFTnAm%2FLkaRcxwgvC192WHNwBOdGKSvjG5KnlnrqPK0jAhFmmy7cH%2BC%2BKLVpHw1eLn7buynfurPqUE5pPDyGtX5VAdXcOxX%2F45eSJi4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://widget-v4.tidiochat.com/1_223_0/static/js/render.ab0ffde36be6aa7a153d.js
cache-control
public, s-maxage=300, max-age=0
cf-ray
8804947dda719164-FRA
sweetalert2@11
cdn.jsdelivr.net/npm/ 		74 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@11
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ef7aceda0ec9484ac6f22b195c2b1edfd29fe721ae78f823cafa2dffc71108d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 07 May 2024 22:17:25 GMT
x-content-type-options
nosniff
content-encoding
br
age
24693
x-jsd-version
11.10.8
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21319
x-served-by
cache-fra-eddf8230029-FRA, cache-mxp6956-MXP
x-jsd-version-type
version
etag
W/"129b5-XGZJUMaOVjBYPbRYOQFSrQ4cZNk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
f1c5fa45-25a4-4dad-884f-7803664a0269.js
cdn.cookielaw.org/consent/ 		56 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/f1c5fa45-25a4-4dad-884f-7803664a0269.js
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bef5ed6dc0999377be3f96fc49a59a93343d975a7efc91ad0c111eaccea0185
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 May 2024 22:17:25 GMT
content-encoding
GZIP
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
371
content-md5
GiBK9yE8xcC0QyekHimB3Q==
content-length
14217
x-ms-lease-status
unlocked
last-modified
Thu, 02 Jan 2020 19:15:26 GMT
server
cloudflare
etag
0x8D78FB81FA61A8B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2dc3cfb8-301e-000b-2e7f-22c2e8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8804947bedbc5b44-FRA
expires
Wed, 08 May 2024 22:17:25 GMT
story_mm.jpg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/story_mm.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
ce884fad850403b16f304bc9b582eabe120e6ad7720cdaf8f28719d87a8d94f9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:24 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:28 GMT
accept-ranges
bytes
content-length
28415
expires
Tue, 14 May 2024 22:17:24 GMT
chi-mobile.png
trump-organisation.online.qfsglobalsystem.com/website/general/ 		582 KB
582 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/chi-mobile.png
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
d4d8bd3892933d4731ca7bccd068ec2cc4cf9fcb3407d3e657d9332cbc0c61b1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/png
date
Tue, 07 May 2024 22:17:24 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:30 GMT
accept-ranges
bytes
content-length
595964
expires
Tue, 14 May 2024 22:17:24 GMT
res_mm.jpg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/res_mm.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
1601b45eb4a0c583443b38a6759895b468224ac5f6cbd9827f296cf0e65c8ec2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 22:17:25 GMT
last-modified
Mon, 21 Aug 2023 16:50:30 GMT
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
103896
expires
Tue, 14 May 2024 22:17:25 GMT
estates_mm.jpg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/estates_mm.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
595eb37bfef4681b6e378572f1b1dea8a512c68594503e180d7a0f8beb0050f5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:28 GMT
accept-ranges
bytes
content-length
65777
expires
Tue, 14 May 2024 22:17:25 GMT
media_mm.jpg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/media_mm.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
ed94fc256db05b443d9239209ca4a28bbf65ca82b34b4374f107837a5266313e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:28 GMT
accept-ranges
bytes
content-length
45533
expires
Tue, 14 May 2024 22:17:25 GMT
site.js
trump-organisation.online.qfsglobalsystem.com/assets/js/ 		15 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trump-organisation.online.qfsglobalsystem.com/assets/js/site.js
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
8fb44e078475f85cc7ca31999f3e7d977659f21f3f347d7d68a833e21b6fe91a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 22:17:25 GMT
content-encoding
br
last-modified
Mon, 21 Aug 2023 16:50:26 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2222
expires
Tue, 14 May 2024 22:17:25 GMT
vendor.js
trump-organisation.online.qfsglobalsystem.com/assets/js/ 		376 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trump-organisation.online.qfsglobalsystem.com/assets/js/vendor.js
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
fc9993532ad932a812b6f7a044edd7c01c52f0609c6f1f794bcf1794c543364a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 22:17:25 GMT
content-encoding
br
last-modified
Mon, 21 Aug 2023 16:50:26 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
77491
expires
Tue, 14 May 2024 22:17:25 GMT
optanon.css
cdn.cookielaw.org/skins/5.9.0/default_flat_bottom_two_button_black/v2/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/skins/5.9.0/default_flat_bottom_two_button_black/v2/css/optanon.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/f1c5fa45-25a4-4dad-884f-7803664a0269.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 May 2024 22:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
iV3i3isuIEXEsxHTpwJ4bQ==
age
21973
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
5553
x-ms-lease-status
unlocked
last-modified
Tue, 17 Dec 2019 20:41:22 GMT
server
cloudflare
etag
0x8D783317A467D05
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ee34c804-a01e-009f-2c43-237581000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8804947d2e645b44-FRA
gtm.js
www.googletagmanager.com/ 		273 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TZF569M
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a4c1d5135f13423a2eda7b1fca3ec37536efb19df69234bceabc9e3ac9aeb39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 22:17:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98856
x-xss-protection
0
last-modified
Tue, 07 May 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 May 2024 22:17:25 GMT
logo.png
trump-organisation.online.qfsglobalsystem.com/assets/images/site/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/assets/images/site/logo.png
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
e171fc339b696206e5b400f11b7a1d34adf08f08b1c5140e8da5befdb058fddb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/png
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:26 GMT
accept-ranges
bytes
content-length
3383
expires
Tue, 14 May 2024 22:17:25 GMT
instagram.svg
trump-organisation.online.qfsglobalsystem.com/assets/images/site/ 		199 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/assets/images/site/instagram.svg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
555c1ecd81bce5e0eb9d5e614c506f2671fa2c594f9baab055a322ed9210a585

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html
facebook.svg
trump-organisation.online.qfsglobalsystem.com/assets/images/site/ 		708 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/assets/images/site/facebook.svg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html
twitter.svg
trump-organisation.online.qfsglobalsystem.com/assets/images/site/ 		708 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/assets/images/site/twitter.svg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html
leadership_II__copy_thumbnail.jpeg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		295 KB
295 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/leadership_II__copy_thumbnail.jpeg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
033896f8e8d73d8850d1d11ad8fc0dea4b544c6f38369051ee4dda7cef5aa364

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:28 GMT
accept-ranges
bytes
content-length
302449
expires
Tue, 14 May 2024 22:17:25 GMT
TND_SFrances_SignatureShot_Daytime_NOGOLFERS_Square.jpg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/TND_SFrances_SignatureShot_Daytime_NOGOLFERS_Square.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
2a6d094562437a995955ffba20762b3a0e8e4d40d80f0d59752a9bdf68a3ee48

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:28 GMT
accept-ranges
bytes
content-length
1296389
expires
Tue, 14 May 2024 22:17:25 GMT
golf_mm.jpg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/golf_mm.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
02cab8d006479b023949f9b3629c8daf95965bc8e4758850eff126a76393d0d2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:28 GMT
accept-ranges
bytes
content-length
72841
expires
Tue, 14 May 2024 22:17:25 GMT
residential.jpg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/residential.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
7ea5bf0980e88d5ca95f765a5318d37fd79826f7297f754e10353845a1ce3e4a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:28 GMT
accept-ranges
bytes
content-length
1261491
expires
Tue, 14 May 2024 22:17:25 GMT
estates.jpg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		178 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/estates.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
72506678e8663810ff7489d28e1c4c8ba4adcd0e1a6ea4548c2497bcefd1c0e2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:28 GMT
accept-ranges
bytes
content-length
181794
expires
Tue, 14 May 2024 22:17:25 GMT
lifestyle.php_mobile.jpg
trump-organisation.online.qfsglobalsystem.com/website/general./ 		708 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general./lifestyle.php_mobile.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html
1X1A2372.jpg1.jpg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		469 KB
469 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/1X1A2372.jpg1.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
a4e060d99b52fce104d5ed70036733c0b6206601710123231cb8c4d89d804f6b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:28 GMT
accept-ranges
bytes
content-length
479991
expires
Tue, 14 May 2024 22:17:25 GMT
realty.jpg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		273 KB
273 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/realty.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
0a183abef3bf6231637767d4815f0b90541a605a26093c2fb7a3f9c025daa665

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:28 GMT
accept-ranges
bytes
content-length
279222
expires
Tue, 14 May 2024 22:17:25 GMT
noise.png
trump-organisation.online.qfsglobalsystem.com/assets/images/site/ 		708 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/assets/images/site/noise.png
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html
commercial.jpg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		371 KB
371 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/commercial.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
f1b4487faf2512d4b5adb9a7a1ea9553f5968e3f330fcac6f9e7594bd8478c10

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:30 GMT
accept-ranges
bytes
content-length
380004
expires
Tue, 14 May 2024 22:17:25 GMT
vineyard_homepage_thumnbnail.jpg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		395 KB
395 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/vineyard_homepage_thumnbnail.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
0f729d9623655290482177c5465cae592bba3dac4d81a6da2e1cc1676c58ae64

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:28 GMT
accept-ranges
bytes
content-length
404491
expires
Tue, 14 May 2024 22:17:25 GMT
chi-crop2400spire.jpg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/chi-crop2400spire.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
8ad6eeb20aea4007293650eaca83108b635dd641640295c5cc887082564abfe0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:28 GMT
accept-ranges
bytes
content-length
3731339
expires
Tue, 14 May 2024 22:17:25 GMT
golf.jpg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		432 KB
432 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/golf.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
a48bc0aa6b7d38dc024cec3fa470041972cc73cfb287bbd4347b5fa8dd07acc1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:30 GMT
accept-ranges
bytes
content-length
441956
expires
Tue, 14 May 2024 22:17:25 GMT
piscina_exterior_dia_smaller.jpg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/piscina_exterior_dia_smaller.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
86a9bb239871fa58b74320474eb88e0df3f0e0e8564119c157ea909480966700

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:30 GMT
accept-ranges
bytes
content-length
1184130
expires
Tue, 14 May 2024 22:17:25 GMT
trumporgthumbnial.jpeg
trump-organisation.online.qfsglobalsystem.com/website/business/ 		368 KB
368 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/business/trumporgthumbnial.jpeg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
6aafaa78f07dbb4ccfa4467a6771a963033a575669e43ce304bbbeabfaae5634

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:34 GMT
accept-ranges
bytes
content-length
377016
expires
Tue, 14 May 2024 22:17:25 GMT
shop.jpg
trump-organisation.online.qfsglobalsystem.com/website/general/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/shop.jpg
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
e317a2c9d9fe5b33b7b51ca673451e16490cb931cc24861be008801cd031fb20

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/jpeg
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
public, max-age=604800
last-modified
Mon, 21 Aug 2023 16:50:26 GMT
accept-ranges
bytes
content-length
63891
expires
Tue, 14 May 2024 22:17:25 GMT
shop.jpg)
trump-organisation.online.qfsglobalsystem.com/website/general/ 		708 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trump-organisation.online.qfsglobalsystem.com/website/general/shop.jpg)
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://trump-organisation.online.qfsglobalsystem.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 17:34:04 GMT
x-content-type-options
nosniff
age
103401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 May 2025 17:34:04 GMT
DidotLTStd-Bold.woff2
trump-organisation.online.qfsglobalsystem.com/assets/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://trump-organisation.online.qfsglobalsystem.com/assets/fonts/DidotLTStd-Bold.woff2
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Origin
https://trump-organisation.online.qfsglobalsystem.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html
DidotLTStd-Bold.woff
trump-organisation.online.qfsglobalsystem.com/assets/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://trump-organisation.online.qfsglobalsystem.com/assets/fonts/DidotLTStd-Bold.woff
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Origin
https://trump-organisation.online.qfsglobalsystem.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html
DidotLTStd-Bold.ttf
trump-organisation.online.qfsglobalsystem.com/assets/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://trump-organisation.online.qfsglobalsystem.com/assets/fonts/DidotLTStd-Bold.ttf
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/assets/css/site.css
Origin
https://trump-organisation.online.qfsglobalsystem.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 22:17:25 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html
js
www.googletagmanager.com/gtag/ 		273 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZCV38NP6ZV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZF569M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7fad45c445d13cb0362a34a2365a57bc9f17e9fe6209b02442865dfddd7926e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 22:17:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95424
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 07 May 2024 22:17:25 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZF569M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 May 2024 22:07:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
576
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 08 May 2024 00:07:49 GMT
destination
www.googletagmanager.com/gtag/ 		213 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-1008360742&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZF569M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
04231cfc4beb60c2da0189a572e3c0a8d4867b65ada2ef0de3b6a7c7c0dd7ed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 22:17:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79106
x-xss-protection
0
last-modified
Tue, 07 May 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 May 2024 22:17:25 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 07 May 2024 22:17:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2802, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
1SZl77dkqfX715OnhkWgCJURWTbNu0wtEUsjj2qPw4PQyUWloZz2TiG6lXr/BMGFmPe+T2LHlNHrR+adOt0M/A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
f1c5fa45-25a4-4dad-884f-7803664a0269.js
cdn.cookielaw.org/consent/ 		56 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/f1c5fa45-25a4-4dad-884f-7803664a0269.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZF569M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bef5ed6dc0999377be3f96fc49a59a93343d975a7efc91ad0c111eaccea0185
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 May 2024 22:17:25 GMT
content-encoding
GZIP
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
GiBK9yE8xcC0QyekHimB3Q==
age
371
content-length
14217
x-ms-lease-status
unlocked
last-modified
Thu, 02 Jan 2020 19:15:26 GMT
server
cloudflare
etag
0x8D78FB81FA61A8B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2dc3cfb8-301e-000b-2e7f-22c2e8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8804947bedbc5b44-FRA
expires
Wed, 08 May 2024 22:17:25 GMT
collect
region1.google-analytics.com/g/ 		0
275 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZCV38NP6ZV&gtm=45je4510v9115063022z8811081150za200&_p=1715120245276&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=560811798.1715120246&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1715120246&sct=1&seg=0&dl=https%3A%2F%2Ftrump-organisation.online.qfsglobalsystem.com%2F&dt=The%20Trump%20Organization%20%7C%20Luxury%20Real%20Estate%20Portfolio&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=7733
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZCV38NP6ZV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 22:17:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://trump-organisation.online.qfsglobalsystem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optanon.css
cdn.cookielaw.org/skins/5.9.0/default_flat_bottom_two_button_black/v2/css/ 		23 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/skins/5.9.0/default_flat_bottom_two_button_black/v2/css/optanon.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/f1c5fa45-25a4-4dad-884f-7803664a0269.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 07 May 2024 22:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
iV3i3isuIEXEsxHTpwJ4bQ==
age
21973
content-length
5553
x-ms-lease-status
unlocked
last-modified
Tue, 17 Dec 2019 20:41:22 GMT
server
cloudflare
etag
0x8D783317A467D05
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ee34c804-a01e-009f-2c43-237581000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8804947d2e645b44-FRA
chunk-WidgetIframe-ab0ffde36be6aa7a153d.js
widget-v4.tidiochat.com/1_223_0/static/js/ Frame 4E96 		477 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_223_0/static/js/chunk-WidgetIframe-ab0ffde36be6aa7a153d.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/el3xdvooeqc8yaqnmjk6as4pykt5evum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5262e3f73f35616febd13fbe6feee14613d076774ff644e48489f7cd6694a8dc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 22:17:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 07:40:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4792
etag
W/"6626145b-775a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BcJdCQ4cEw0UOue3%2BazAtU8kZWFFjZk0cf%2B0bWq4I%2Bny36GQFad9bHC0bJMVhZv32HC%2FgW4PvjQ%2BZjpRrRhYfbXGSmvJFyTEgDRMZKpIWKaaFxUoaLpehh1z1M483vGo2ns4VVTMNTIIoaxp0W2m27VmrTHC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
880494829e6b30f3-FRA
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame 4E96 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/el3xdvooeqc8yaqnmjk6as4pykt5evum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://trump-organisation.online.qfsglobalsystem.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 22:17:26 GMT
cf-cache-status
MISS
last-modified
Mon, 22 Apr 2024 07:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66261456-6b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wCGgeJuEadt%2BoYpR1a3jtT8Xy1IUnTkNRX0CM7xinr4hAXDeBqf%2Bs3GiWXxJqe2yOob5cAgqvsw5lWjG%2FQbPhmPEMgc1FUpanfLNBdDnB5x5jRz81yUBpcCwkqZaBi7AkJzbBPVS8RAqE7llSWK7y%2FdL8RFy"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
880494831e56976a-FRA
content-length
27400
1110865209023422
connect.facebook.net/signals/config/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1110865209023422?v=2.9.155&r=stable&domain=trump-organisation.online.qfsglobalsystem.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dd25e44a54fb8da6c47220971836a4c80f3471e51f5161a64b1e8ae37cfb6d90
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 07 May 2024 22:17:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=65, mss=1294, tbw=63346, tp=-1, tpl=-1, uplat=103, ullat=1
pragma
public
x-fb-debug
86vYKsOVtGnUwe8wveIRyp+9N87g44N3Dv7QUFBwlc908FWKqLQpRhJv1PNmDPBwHuTPSImJW1D2uA+23q9oRw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tururu.mp3
widget-v4.tidiochat.com// Frame 4E96 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 22:17:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1291988
Content-Range
bytes 0-7223/7224
Content-Length
7224
pragma
public
last-modified
Mon, 22 Apr 2024 07:40:06 GMT
server
cloudflare
etag
"66261456-1c38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4xmBVFfJd9S%2FvL9uACrsZPPfJdd9bglhe%2B7SIZfAgrdq1xahxWhAIuedkFYcznjRTRewgdoqx%2F%2B246AmBFc3oOYtdGCePaYJvWykfM8CCVP9lPw8LnTGdkviUp3bANlCc4L627ADZYEySTyPni6KxjCbtUlC"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
88049482ce9430f3-FRA
expires
Mon, 06 May 2024 23:24:18 GMT
widget.ab0ffde36be6aa7a153d.js
widget-v4.tidiochat.com/1_223_0/static/js/ Frame 4E96 		493 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_223_0/static/js/widget.ab0ffde36be6aa7a153d.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/el3xdvooeqc8yaqnmjk6as4pykt5evum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69db969f017b237bf909e05cfc9a8b5fac05a5363f17888651bafb818a7e651c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 22:17:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 07:40:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
259
etag
W/"6626145b-7b531"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=My3o%2BOhsuqHswvSpK3iHOxXbLzFSk%2FJ0GnWEpN4utGO4V47t1Nydd%2FpMGgofOgZS7b%2BP15%2F4UiG5cNe2bkKAxGyzcsJfhRjnRhN6vyIHKvGNYDcsX9gi21hmaCSXmWM%2FbnV70WROUivWSpIJ%2BS8MXFYGRgcf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
88049482feab30f3-FRA
collect
www.google-analytics.com/j/ 		3 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1554075408&t=pageview&_s=1&dl=https%3A%2F%2Ftrump-organisation.online.qfsglobalsystem.com%2F&ul=de-de&de=UTF-8&dt=The%20Trump%20Organization%20%7C%20Luxury%20Real%20Estate%20Portfolio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1555828937&gjid=144083729&cid=560811798.1715120246&tid=UA-2043994-1&_gid=1761560280.1715120246&_r=1&_slc=1&gtm=45He4510n81TZF569Mv811081150za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1221173389
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 May 2024 22:17:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://trump-organisation.online.qfsglobalsystem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1110865209023422&ev=PageView&dl=https%3A%2F%2Ftrump-organisation.online.qfsglobalsystem.com%2F&rl=&if=false&ts=1715120246427&sw=1600&sh=1200&v=2.9.155&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1715120246426.1578658634&cs_est=true&ler=empty&cdl=API_unavailable&it=1715120246161&coo=false&rqm=GET
Requested by
Host: trump-organisation.online.qfsglobalsystem.com
URL: https://trump-organisation.online.qfsglobalsystem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2794, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 07 May 2024 22:17:26 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
trump-organisation.online.qfsglobalsystem.com/assets/images/site/ 		708 B
744 B 		Other
General
Check archive.org
Download Go to
Full URL
https://trump-organisation.online.qfsglobalsystem.com/assets/images/site/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 22:17:26 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html
favicon-32x32.png
trump-organisation.online.qfsglobalsystem.com/assets/images/site/ 		708 B
721 B 		Other
General
Check archive.org
Download Go to
Full URL
https://trump-organisation.online.qfsglobalsystem.com/assets/images/site/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 22:17:26 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html
favicon-16x16.png
trump-organisation.online.qfsglobalsystem.com/assets/images/site/ 		708 B
744 B 		Other
General
Check archive.org
Download Go to
Full URL
https://trump-organisation.online.qfsglobalsystem.com/assets/images/site/favicon-16x16.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.76.25.135 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
msk.rackserver.ru
Software
/
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 07 May 2024 22:17:27 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
content-type
text/html
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame 8CBB 		27 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Origin
https://trump-organisation.online.qfsglobalsystem.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 22:17:26 GMT
cf-cache-status
MISS
last-modified
Mon, 22 Apr 2024 07:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66261456-6b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wCGgeJuEadt%2BoYpR1a3jtT8Xy1IUnTkNRX0CM7xinr4hAXDeBqf%2Bs3GiWXxJqe2yOob5cAgqvsw5lWjG%2FQbPhmPEMgc1FUpanfLNBdDnB5x5jRz81yUBpcCwkqZaBi7AkJzbBPVS8RAqE7llSWK7y%2FdL8RFy"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
880494831e56976a-FRA
content-length
27400
1f44b.png
cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/ Frame 8CBB 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/1f44b.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 22:17:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1014907
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1224
last-modified
Sat, 19 Dec 2020 02:18:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fdd6306-505"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRb2ADZHhL%2FCNeZ0xhWG20Ub2SKoQVw3Iz5X8qyDtfy85G1OcxTlGFuRDzKUCM98qn4AxI0D8493OKxRgtKSG6EDwgZfRyR9A1oI27kcoixcDce%2BGCFdQkZFfXHrPiv0iJuV%2FEgL"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8804948bad7090f2-FRA
expires
Sun, 27 Apr 2025 22:17:27 GMT
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame 8CBB 		27 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Origin
https://trump-organisation.online.qfsglobalsystem.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 22:17:26 GMT
cf-cache-status
MISS
last-modified
Mon, 22 Apr 2024 07:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66261456-6b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wCGgeJuEadt%2BoYpR1a3jtT8Xy1IUnTkNRX0CM7xinr4hAXDeBqf%2Bs3GiWXxJqe2yOob5cAgqvsw5lWjG%2FQbPhmPEMgc1FUpanfLNBdDnB5x5jRz81yUBpcCwkqZaBi7AkJzbBPVS8RAqE7llSWK7y%2FdL8RFy"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
880494831e56976a-FRA
content-length
27400
1f44b.png
cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/ Frame 8CBB 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/1f44b.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://trump-organisation.online.qfsglobalsystem.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 22:17:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1014907
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1224
last-modified
Sat, 19 Dec 2020 02:18:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fdd6306-505"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRb2ADZHhL%2FCNeZ0xhWG20Ub2SKoQVw3Iz5X8qyDtfy85G1OcxTlGFuRDzKUCM98qn4AxI0D8493OKxRgtKSG6EDwgZfRyR9A1oI27kcoixcDce%2BGCFdQkZFfXHrPiv0iJuV%2FEgL"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8804948bad7090f2-FRA
expires
Sun, 27 Apr 2025 22:17:27 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| mssgto undefined| a undefined| c function| jsonFeed object| OneTrust object| Optanon string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer number| viewportWidth object| bodyScrollLock function| iosInnerHeight object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| onYouTubeIframeAPIReady object| SENTRY_RELEASE object| tidioChatApi object| gaGlobal function| OptanonWrapper object| gaplugins object| gaData

7 Cookies

Domain/Path Name / Value
.qfsglobalsystem.com/ Name: _gcl_au
Value: 1.1.1595906237.1715120246
.qfsglobalsystem.com/ Name: _ga_ZCV38NP6ZV
Value: GS1.1.1715120246.1.0.1715120246.0.0.0
.qfsglobalsystem.com/ Name: _ga
Value: GA1.1.560811798.1715120246
.trump-organisation.online.qfsglobalsystem.com/ Name: _ga
Value: GA1.4.560811798.1715120246
.trump-organisation.online.qfsglobalsystem.com/ Name: _gid
Value: GA1.4.1761560280.1715120246
.trump-organisation.online.qfsglobalsystem.com/ Name: _gat_UA-2043994-1
Value: 1
.qfsglobalsystem.com/ Name: _fbp
Value: fb.1.1715120246426.1578658634

14 Console Messages

Source Level URL
Text
network error URL: https://trump-organisation.online.qfsglobalsystem.com/assets/fonts/DidotLTStd-Bold.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://trump-organisation.online.qfsglobalsystem.com/assets/images/site/instagram.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://trump-organisation.online.qfsglobalsystem.com/assets/fonts/DidotLTStd-Bold.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://trump-organisation.online.qfsglobalsystem.com/assets/images/site/facebook.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://trump-organisation.online.qfsglobalsystem.com/assets/images/site/twitter.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://trump-organisation.online.qfsglobalsystem.com/website/general./lifestyle.php_mobile.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://trump-organisation.online.qfsglobalsystem.com/assets/images/site/noise.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://trump-organisation.online.qfsglobalsystem.com/website/general/shop.jpg)
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://trump-organisation.online.qfsglobalsystem.com/assets/fonts/DidotLTStd-Bold.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://connect.facebook.net/signals/config/1110865209023422?v=2.9.155&r=stable&domain=trump-organisation.online.qfsglobalsystem.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://trump-organisation.online.qfsglobalsystem.com/assets/images/site/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://trump-organisation.online.qfsglobalsystem.com/assets/images/site/favicon-32x32.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://trump-organisation.online.qfsglobalsystem.com/assets/images/site/favicon-16x16.png
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: about:blank
Message:
The resource https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
code.tidio.co
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
trump-organisation.online.qfsglobalsystem.com
widget-v4.tidiochat.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.17.25.14
172.67.72.223
2001:4860:4802:32::36
2606:4700:20::681a:98b
2606:4700::6813:b234
2a00:1450:4001:806::2008
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:831::200e
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:400::485
2a04:4e42::649
62.76.25.135
02cab8d006479b023949f9b3629c8daf95965bc8e4758850eff126a76393d0d2
033896f8e8d73d8850d1d11ad8fc0dea4b544c6f38369051ee4dda7cef5aa364
04231cfc4beb60c2da0189a572e3c0a8d4867b65ada2ef0de3b6a7c7c0dd7ed5
0a183abef3bf6231637767d4815f0b90541a605a26093c2fb7a3f9c025daa665
0f729d9623655290482177c5465cae592bba3dac4d81a6da2e1cc1676c58ae64
1076d5bb7f1896b00ca2e5fe084f70af57c528d2b01ef24d986e4a5941bc270a
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
1601b45eb4a0c583443b38a6759895b468224ac5f6cbd9827f296cf0e65c8ec2
1bef5ed6dc0999377be3f96fc49a59a93343d975a7efc91ad0c111eaccea0185
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2a6d094562437a995955ffba20762b3a0e8e4d40d80f0d59752a9bdf68a3ee48
32dfeed679af85bdcc816468f5b73ddc6ec39b89ce49b5b21e269f04203a163d
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c
5262e3f73f35616febd13fbe6feee14613d076774ff644e48489f7cd6694a8dc
555c1ecd81bce5e0eb9d5e614c506f2671fa2c594f9baab055a322ed9210a585
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8
5812abb0d519b4c1f3b371682313e269741d6b1890a21466e7b126b5a278dcac
595eb37bfef4681b6e378572f1b1dea8a512c68594503e180d7a0f8beb0050f5
69db969f017b237bf909e05cfc9a8b5fac05a5363f17888651bafb818a7e651c
6a4c1d5135f13423a2eda7b1fca3ec37536efb19df69234bceabc9e3ac9aeb39
6aafaa78f07dbb4ccfa4467a6771a963033a575669e43ce304bbbeabfaae5634
6b683c486d5ac58822706a5b853e188089c8ac224f68788c35cc27844357ec2d
72506678e8663810ff7489d28e1c4c8ba4adcd0e1a6ea4548c2497bcefd1c0e2
7ea5bf0980e88d5ca95f765a5318d37fd79826f7297f754e10353845a1ce3e4a
7fad45c445d13cb0362a34a2365a57bc9f17e9fe6209b02442865dfddd7926e3
86a9bb239871fa58b74320474eb88e0df3f0e0e8564119c157ea909480966700
8ad6eeb20aea4007293650eaca83108b635dd641640295c5cc887082564abfe0
8fb44e078475f85cc7ca31999f3e7d977659f21f3f347d7d68a833e21b6fe91a
a48bc0aa6b7d38dc024cec3fa470041972cc73cfb287bbd4347b5fa8dd07acc1
a4e060d99b52fce104d5ed70036733c0b6206601710123231cb8c4d89d804f6b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
ce884fad850403b16f304bc9b582eabe120e6ad7720cdaf8f28719d87a8d94f9
d4d8bd3892933d4731ca7bccd068ec2cc4cf9fcb3407d3e657d9332cbc0c61b1
dd25e44a54fb8da6c47220971836a4c80f3471e51f5161a64b1e8ae37cfb6d90
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
e171fc339b696206e5b400f11b7a1d34adf08f08b1c5140e8da5befdb058fddb
e317a2c9d9fe5b33b7b51ca673451e16490cb931cc24861be008801cd031fb20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d95d14910af85648443b6c5c45602ad1075b028950459e1ceaad8ef63578c0
ed94fc256db05b443d9239209ca4a28bbf65ca82b34b4374f107837a5266313e
ef7aceda0ec9484ac6f22b195c2b1edfd29fe721ae78f823cafa2dffc71108d4
f1b4487faf2512d4b5adb9a7a1ea9553f5968e3f330fcac6f9e7594bd8478c10
f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510
fc9993532ad932a812b6f7a044edd7c01c52f0609c6f1f794bcf1794c543364a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e