forms.donaldjtrump.com Open in urlscan Pro
2606:4700::6812:9444 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/3jgSoXi
Effective URL:
https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=2020...
Submission: On October 01 via manual (October 1st 2020, 12:15:44 am UTC) from US

Summary HTTP 68 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 22 IPs in 8 countries across 18 domains to perform 68 HTTP transactions. The main IP is 2606:4700::6812:9444, located in United States and belongs to CLOUDFLARENET, US. The main domain is forms.donaldjtrump.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 14th 2020. Valid for: a year.

This is the only time forms.donaldjtrump.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
11	2606:4700::68... 2606:4700::6812:9444	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
4	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1 2	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1	143.204.90.161 143.204.90.161	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
23	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	54.77.92.238 54.77.92.238	16509 (AMAZON-02) (AMAZON-02)
68	22

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:9444 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.donaldjtrump.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.donaldjtrump.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.donaldjtrump.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7baf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::729 (Ascension Island)

ASN54113 (FASTLY, US)

stream.mux.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manifest-gce-us-east4-production.fastly.mux.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.134 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f134.1e100.net

9448820.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.90.161 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-161.fra50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

chunk-gce-us-east4-production.hwcdn.mux.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.92.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-92-238.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	mux.com stream.mux.com manifest-gce-us-east4-production.fastly.mux.com chunk-gce-us-east4-production.hwcdn.mux.com	35 MB
11	donaldjtrump.com forms.donaldjtrump.com assets.donaldjtrump.com cdn.donaldjtrump.com	2 MB
4	facebook.com www.facebook.com	558 B
4	cloudflare.com cdnjs.cloudflare.com	37 KB
3	facebook.net connect.facebook.net	160 KB
3	doubleclick.net 1 redirects 9448820.fls.doubleclick.net stats.g.doubleclick.net	988 B
3	google-analytics.com www.google-analytics.com	18 KB
2	adsrvr.org js.adsrvr.org insight.adsrvr.org	2 KB
2	yimg.com s.yimg.com	7 KB
2	gstatic.com fonts.gstatic.com	27 KB
2	unpkg.com 1 redirects unpkg.com	3 KB
1	yahoo.com sp.analytics.yahoo.com	857 B
1	google.de www.google.de	106 B
1	google.com www.google.com	106 B
1	googletagmanager.com www.googletagmanager.com	43 KB
1	jsdelivr.net cdn.jsdelivr.net	59 KB
1	googleapis.com fonts.googleapis.com	778 B
1	bit.ly 1 redirects bit.ly	594 B
68	18

	Domain	Requested by
23	chunk-gce-us-east4-production.hwcdn.mux.com	cdn.jsdelivr.net
6	assets.donaldjtrump.com	forms.donaldjtrump.com
4	www.facebook.com	forms.donaldjtrump.com
4	cdnjs.cloudflare.com	forms.donaldjtrump.com
4	cdn.donaldjtrump.com	forms.donaldjtrump.com
3	connect.facebook.net	forms.donaldjtrump.com connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	manifest-gce-us-east4-production.fastly.mux.com	cdn.jsdelivr.net
2	s.yimg.com	forms.donaldjtrump.com s.yimg.com
2	9448820.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	unpkg.com	1 redirects forms.donaldjtrump.com
1	insight.adsrvr.org	js.adsrvr.org
1	sp.analytics.yahoo.com	s.yimg.com
1	www.google.de	forms.donaldjtrump.com
1	www.google.com	forms.donaldjtrump.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.adsrvr.org	www.googletagmanager.com
1	stream.mux.com	cdn.jsdelivr.net
1	www.googletagmanager.com	forms.donaldjtrump.com
1	cdn.jsdelivr.net	forms.donaldjtrump.com
1	fonts.googleapis.com	forms.donaldjtrump.com
1	forms.donaldjtrump.com	forms.donaldjtrump.com
1	bit.ly	1 redirects
68	24

This site contains links to these domains. Also see Links.

Domain
sms-terms.com
www.donaldjtrump.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-14` - `2021-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-21` - `2021-04-17`	7 months	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
b2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-14` - `2021-08-15`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-09-28` - `2020-11-11`	a month	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
chunk-gce-us-east4-production.hwcdn.mux.com Let's Encrypt Authority X3	`2020-09-08` - `2020-12-07`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-01` - `2021-01-28`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
Frame ID: 8F9A5D5BABCECA958513D670C1B6A546
Requests: 66 HTTP requests in this frame

Frame: https://9448820.fls.doubleclick.net/activityi;dc_pre=CLfQjc6OkuwCFdvBuwgdjUwMYg;src=9448820;type=pagev0;cat=djt-p0;ord=4538282600000;gtm=2wg9g1;auiddc=1842108647.1601511327;~oref=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience21435_na%26utm_campaign%3D20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na%26utm_content%3Dna%26amount%3Dna
Frame ID: BDDA29C6D93735F6C4CFB9E42035C6A5
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=mozu5ac&ref=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience21435_na%26utm_campaign%3D20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na%26utm_content%3Dna%26amount%3Dna&upid=u1mkbm0&upv=1.1.0
Frame ID: 36498EC65CDDDBA39AEA6914E8E98F1B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bit.ly/3jgSoXi HTTP 301
https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

68
Requests

97 %
HTTPS

77 %
IPv6

18
Domains

24
Subdomains

22
IPs

8
Countries

37494 kB
Transfer

38365 kB
Size

10
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://sms-terms.com/88022
Title: sms-terms.com/88022

Search URL Search Domain Scan URL

URL: https://www.donaldjtrump.com/app/text
Title: DOWNLOAD THE TRUMP APP

Search URL Search Domain Scan URL

URL: https://www.donaldjtrump.com/privacy-policy/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.donaldjtrump.com/terms-of-service/
Title: PolicyTerms & Conditions

Search URL Search Domain Scan URL

URL: https://www.donaldjtrump.com/contact/
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/3jgSoXi HTTP 301
https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP 302
https://unpkg.com/filepond-plugin-file-validate-type@1.2.5/dist/filepond-plugin-file-validate-type.js

Request Chain 23

https://9448820.fls.doubleclick.net/activityi;src=9448820;type=pagev0;cat=djt-p0;ord=4538282600000;gtm=2wg9g1;auiddc=1842108647.1601511327;~oref=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience21435_na%26utm_campaign%3D20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na%26utm_content%3Dna%26amount%3Dna HTTP 302
https://9448820.fls.doubleclick.net/activityi;dc_pre=CLfQjc6OkuwCFdvBuwgdjUwMYg;src=9448820;type=pagev0;cat=djt-p0;ord=4538282600000;gtm=2wg9g1;auiddc=1842108647.1601511327;~oref=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience21435_na%26utm_campaign%3D20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na%26utm_content%3Dna%26amount%3Dna

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
forms.donaldjtrump.com/landing/biden-progressive/
Redirect Chain

http://bit.ly/3jgSoXi
https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_c...

37 KB
11 KB

321ms
298ms

Document
text/html

2606:4700::6812:9444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9444 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d41185de500af732f0e710a4ba460bc6e6425c09feef565ec8228b18561e991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: forms.donaldjtrump.com
:scheme: https
:path: /landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 01 Oct 2020 00:15:26 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d97819c98db5e41560304c2a930fba2df1601511326; expires=Sat, 31-Oct-20 00:15:26 GMT; path=/; domain=.donaldjtrump.com; HttpOnly; SameSite=Lax XSRF-TOKEN=eyJpdiI6IjBKczh4akFEQm8rMVI2K1FmOFRVWGc9PSIsInZhbHVlIjoiaEZCZDBWa3BXZVJZdHBLNzZVUlZrRWdGRlNWaU9sNVJZSU5qWWc0a1lMSzNsV0k3QWE0Z1phQlZVcTBLU1h0M3lJOEFCeEx3dlpCUk5uV01iWVJpR29SbXpoWFZyRXFZalgwZ3p4SWdpNlJDTktpaWQ1VjFFUlJQTWJodUF0TEYiLCJtYWMiOiIzMzEzZGE5YTlmNzVjYWExN2NmNDIxYWZlZmM4N2QzNjhhMzU2MDE3MDQ3MWEyM2NlOTNjYTI3ZDIzZDU2Njk5In0%3D; expires=Thu, 01-Oct-2020 02:15:26 GMT; Max-Age=7200; path=/ nsession=eyJpdiI6IndWei9Jb2pJYTFhNkpGTjNORkN3Vnc9PSIsInZhbHVlIjoiVlBudnRybUZMaGp0VkRRS1JIbHdERmV4S3R0NzcwWWRzSUIvbFlZTVVPKzNPMS9qYzA1YkRlb0tqbm9UWDcrb2ozRVVpc1NMVnZPTUFuYXk4N09VSXlJUzdQN1VCdVFWKzlxTmMrai9DMlcrUXVQOTdpOWlpL0ozZjJUNnlRSUciLCJtYWMiOiIxMWVhMWM0OGQyNjI4OWUwOGYwMjUwNTgyNmQxNzUyMzQ3MjM3M2FhNWE1Y2Y0ZTYwNWRkMmYwYjAzN2IyN2FmIn0%3D; expires=Thu, 01-Oct-2020 02:15:26 GMT; Max-Age=7200; path=/; httponly __cfruid=b7b0075e3695093521d144cdd93751d802c2454b-1601511326; path=/; domain=.donaldjtrump.com; HttpOnly; Secure; SameSite=None
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-request-id: 05831c9b8b0000d6f955a23200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5db1fd3f4b6bd6f9-FRA
content-encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 01 Oct 2020 00:15:26 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 383
Cache-Control: private, max-age=90
Location: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
Set-Cookie: _bit=k910fq-083589f2a798f54b6b-00B; Domain=bit.ly; Expires=Tue, 30 Mar 2021 00:15:26 GMT
Via: 1.1 google

GET
H2 200 css
fonts.googleapis.com/ 6 KB
778 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,600,700&display=swap

Requested by

Host: forms.donaldjtrump.com
URL: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b3ecd0aad052d58d2870679c3da3fbb59459e1a2c16147106e9a5148aca2de4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Sep 2020 23:27:15 GMT
server: ESF
date: Thu, 01 Oct 2020 00:15:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Oct 2020 00:15:26 GMT

GET
H2 200 bp_bg-1.png
assets.donaldjtrump.com/2017/web/hero_images/ 238 KB
238 KB 335ms
326ms Image
image/webp 2606:4700::6812:9444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donaldjtrump.com/2017/web/hero_images/bp_bg-1.png
Requested by: Host: forms.donaldjtrump.com
URL: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9444 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25f270941bf21f5a5498409e35cd3b2cfaf7daffc86c0bc20af27ab253227451

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: CFB5D4A65CE14ABA
cf-polished: origFmt=png, origSize=248225
status: 200
content-disposition: inline; filename="bp_bg-1.webp"
content-length: 243688
x-amz-id-2: Jel+EhzaeQTKKW//rzIPEt6CV9aVYDAQp+92yP4W4lU/GqYAtDJq00r/yMjhiXtCxGSM/sG5gQo=
last-modified: Thu, 20 Aug 2020 17:55:15 GMT
server: cloudflare
etag: "a1c49ee0a48ad88dbe5eb1a08cf08c72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 01 Nov 2020 00:15:27 GMT
cache-control: public, max-age=2678400
cf-request-id: 05831c9cc30000d6f955a28200000001
accept-ranges: bytes
cf-ray: 5db1fd413daad6f9-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 bp_bg-2.png
assets.donaldjtrump.com/2017/web/hero_images/ 135 KB
135 KB 303ms
300ms Image
image/webp 2606:4700::6812:9444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donaldjtrump.com/2017/web/hero_images/bp_bg-2.png
Requested by: Host: forms.donaldjtrump.com
URL: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9444 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aec2c42a28464509ab815d2140d2f0a43c47f5f2b6a9a782de7fa5ae47fc39b9

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 4FFF8626C93EB2A1
cf-polished: origFmt=png, origSize=150518
status: 200
content-disposition: inline; filename="bp_bg-2.webp"
content-length: 138272
x-amz-id-2: MDdj3ugUKEjFyT6j6EI0+t/j2MA9RGnln6++4SjLbw0m3CZFBGHiCXto76ZAtN6l+RM5i8DWZdA=
last-modified: Thu, 20 Aug 2020 17:55:15 GMT
server: cloudflare
etag: "27dce2e222b5a8787e5504222e3eb78b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 01 Nov 2020 00:15:27 GMT
cache-control: public, max-age=2678400
cf-request-id: 05831c9cd20000d6f955a29200000001
accept-ranges: bytes
cf-ray: 5db1fd415db9d6f9-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 bp_bg-3.png
assets.donaldjtrump.com/2017/web/hero_images/ 122 KB
123 KB 289ms
286ms Image
image/webp 2606:4700::6812:9444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donaldjtrump.com/2017/web/hero_images/bp_bg-3.png
Requested by: Host: forms.donaldjtrump.com
URL: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9444 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cab9446728fa7d8ff9639af1ceb7a35bd4fabe0c3cf916f4682f415c1070a0a1

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: E292256D331512B8
cf-polished: origFmt=png, origSize=144788
status: 200
content-disposition: inline; filename="bp_bg-3.webp"
content-length: 125420
x-amz-id-2: w6LioVGoBSk7+t12p7+uCF6vss46SRpDp0zK1vRD2el1405hDximB7Qs0/8zkCuGxdOeTfhgFbA=
last-modified: Thu, 20 Aug 2020 17:55:15 GMT
server: cloudflare
etag: "64ddcbd8a35a5df1a4e4c79aa0928345"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 01 Nov 2020 00:15:27 GMT
cache-control: public, max-age=2678400
cf-request-id: 05831c9cd20000d6f955a2a200000001
accept-ranges: bytes
cf-ray: 5db1fd415dbcd6f9-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 website_footer_graphic_1920x1020.jpg
cdn.donaldjtrump.com/public-files/press_assets/ 167 KB
168 KB 306ms
296ms Image
image/webp 2606:4700::6812:9444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.donaldjtrump.com/public-files/press_assets/website_footer_graphic_1920x1020.jpg
Requested by: Host: forms.donaldjtrump.com
URL: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9444 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 626f58eb909514be1f92070f3618846ae6acd0e70b614334c153c8ac932c3460

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: E8590B481A05E46B
cf-polished: origFmt=jpeg, origSize=380578
status: 200
content-disposition: inline; filename="website_footer_graphic_1920x1020.webp"
content-length: 171218
x-amz-id-2: GhhYC7hbqNZogvZA4XLuKTGNVYEfG26Gtub84rjbzNOSlPUas04cCxfM++nPYUJkoL4JrEkrRwo=
last-modified: Sun, 30 Aug 2020 15:12:14 GMT
server: cloudflare
etag: "035b0db388926ec03e7c9c7866ac6324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 01 Nov 2020 00:15:27 GMT
cache-control: public, max-age=2678400
cf-request-id: 05831c9cda0000d6f955a2c200000001
accept-ranges: bytes
cf-ray: 5db1fd415dd1d6f9-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 bp_background-video.jpg
assets.donaldjtrump.com/2017/web/hero_images/ 7 KB
8 KB 273ms
272ms Image
image/jpeg 2606:4700::6812:9444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donaldjtrump.com/2017/web/hero_images/bp_background-video.jpg
Requested by: Host: forms.donaldjtrump.com
URL: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9444 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 790df6e929bbe731ecee8ca639eca16a76d851fd33fc21cbc551c4c99eec967f

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 7X6XEVBVEK7Y1NAG
cf-polished: status=not_needed
status: 200
last-modified: Thu, 20 Aug 2020 17:55:15 GMT
content-length: 7671
x-amz-id-2: ssfepD23CVxplKDcrkl6XkbEgSOtqYdh8DneUEGYMhM/VY/3zhYne9jOk8/ypusPyZBKoJafHrY=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "e016178e4347dfcdc7f6ef1c9838a947"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
cf-request-id: 05831c9ceb0000d6f955a2d200000001
accept-ranges: bytes
cf-ray: 5db1fd417de7d6f9-FRA
expires: Sun, 01 Nov 2020 00:15:27 GMT

GET
H2 200 bp_audio-on.png
assets.donaldjtrump.com/2017/web/hero_images/ 20 KB
21 KB 431ms
431ms Image
image/png 2606:4700::6812:9444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donaldjtrump.com/2017/web/hero_images/bp_audio-on.png
Requested by: Host: forms.donaldjtrump.com
URL: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9444 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de320e1684dcacc51fbf882833ccfc082ba582f45ee90601e582806fe9cdace4

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
cf-cache-status: MISS
x-amz-request-id: C93838BB6C8FBCF0
status: 200
content-length: 20794
x-amz-id-2: oHV73rL2quAVEQMRJ3nUbwdp0RGStfpb21QQD18vlNPfxcI2sUe6cO2U2YYFB4PaMf9EOcuzN0w=
last-modified: Thu, 20 Aug 2020 17:55:15 GMT
server: cloudflare
etag: "ed25c4611bacc1ecda5b91f1f2499ae7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2678400
cf-request-id: 05831c9cf50000d6f955a2e200000001
accept-ranges: bytes
cf-ray: 5db1fd418df7d6f9-FRA
expires: Sun, 01 Nov 2020 00:15:27 GMT

GET
H2 200 bp_audio-off.png
assets.donaldjtrump.com/2017/web/hero_images/ 2 KB
2 KB 269ms
268ms Image
image/webp 2606:4700::6812:9444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donaldjtrump.com/2017/web/hero_images/bp_audio-off.png
Requested by: Host: forms.donaldjtrump.com
URL: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9444 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bafd4b834a46f0b79b330af19a3445c50c3b2f68a05b2c4c4a260e53afe70a19

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 593A59F73DF7030A
cf-polished: origFmt=png, origSize=11670
status: 200
content-disposition: inline; filename="bp_audio-off.webp"
content-length: 2140
x-amz-id-2: J+8ni+wUvb0M/o81jc5mgbwCFb33RBtIg3MamWQKeNXGsq720QLaF8JFMVGohkp0RpofRgqISV8=
last-modified: Thu, 20 Aug 2020 17:55:15 GMT
server: cloudflare
etag: "41b465a3c1394307c2cc93e152862575"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 01 Nov 2020 00:15:27 GMT
cache-control: public, max-age=2678400
cf-request-id: 05831c9cf50000d6f955a2f200000001
accept-ranges: bytes
cf-ray: 5db1fd418df8d6f9-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 website-graphics-video-thumbnails-djt_1.jpg
cdn.donaldjtrump.com/public-files/press_assets/ 214 KB
215 KB 275ms
275ms Image
image/webp 2606:4700::6812:9444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.donaldjtrump.com/public-files/press_assets/website-graphics-video-thumbnails-djt_1.jpg
Requested by: Host: forms.donaldjtrump.com
URL: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9444 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2924a551f2a31b9f8fbc18f7477ed96b662f92d211af223b17f0c91fa4a10385

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 877D2FB05DBC996A
cf-polished: origFmt=jpeg, origSize=409820
status: 200
content-disposition: inline; filename="website-graphics-video-thumbnails-djt_1.webp"
content-length: 219162
x-amz-id-2: jPJbCaf5q24o5nbtdyNGUgLX3HI2DdHonyVSraS/E/tJv8lAB4eROwc/8c1E69otfKVWJ71Ab8I=
last-modified: Sun, 30 Aug 2020 20:53:15 GMT
server: cloudflare
etag: "15da2bfd692d52e413b8654d0fc642f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 01 Nov 2020 00:15:27 GMT
cache-control: public, max-age=2678400
cf-request-id: 05831c9cf80000d6f955a30200000001
accept-ranges: bytes
cf-ray: 5db1fd418dfbd6f9-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 website-graphics-video-thumbnails-djt_2.jpg
cdn.donaldjtrump.com/public-files/press_assets/ 385 KB
386 KB 274ms
274ms Image
image/webp 2606:4700::6812:9444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.donaldjtrump.com/public-files/press_assets/website-graphics-video-thumbnails-djt_2.jpg
Requested by: Host: forms.donaldjtrump.com
URL: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9444 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17d5ced610338a94ada82c2045c799190c272326eb360986a80dc60d2e28aa27

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 0DF78A1C3AAD3D6F
cf-polished: origFmt=jpeg, origSize=631526
status: 200
content-disposition: inline; filename="website-graphics-video-thumbnails-djt_2.webp"
content-length: 394576
x-amz-id-2: QXIKv6KXn39gy5OuuBbtDhQOrgp58UPVhMnDwzH3o/3ednXRx5R7ht70S0hVl7qapK8rh1CYdkg=
last-modified: Sun, 30 Aug 2020 20:53:17 GMT
server: cloudflare
etag: "9fd3ab5598b606e8dc696fc2fce76d88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 01 Nov 2020 00:15:27 GMT
cache-control: public, max-age=2678400
cf-request-id: 05831c9cfd0000d6f955a31200000001
accept-ranges: bytes
cf-ray: 5db1fd419e06d6f9-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 website-graphics-video-thumbnails-djt_3.jpg
cdn.donaldjtrump.com/public-files/press_assets/ 350 KB
351 KB 378ms
377ms Image
image/webp 2606:4700::6812:9444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.donaldjtrump.com/public-files/press_assets/website-graphics-video-thumbnails-djt_3.jpg
Requested by: Host: forms.donaldjtrump.com
URL: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9444 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b08358598f139f21775b95d8b88185dbdde65daf859815acb91e6c9ccef5ca8

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: F4482F5565473F34
cf-polished: origFmt=jpeg, origSize=563507
status: 200
content-disposition: inline; filename="website-graphics-video-thumbnails-djt_3.webp"
content-length: 358598
x-amz-id-2: yHXh25g8E9l3l8vbhxdkB34IP6+Nvt/F0dlgmbllyGYyQ0BMWJHeZDuYMq1xmaewVkZ5ewYAo64=
last-modified: Sun, 30 Aug 2020 20:53:19 GMT
server: cloudflare
etag: "7919d5041080199a7131deb54790dafc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 01 Nov 2020 00:15:27 GMT
cache-control: public, max-age=2678400
cf-request-id: 05831c9d410000d6f955a33200000001
accept-ranges: bytes
cf-ray: 5db1fd420e53d6f9-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 hls.js@0.8.2 Show response
cdn.jsdelivr.net/npm/ 207 KB
59 KB 21ms
7ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hls.js@0.8.2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3361cbf1496fdad3f3c7acbda0d5705df999b6c32d87f849a3006b66481957d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 5476385
x-cache: HIT, HIT
status: 200
content-length: 60213
etag: W/"33b95-JuqtA01oCcp+2KI62LO4Tbhnx4s"
x-served-by: cache-fra19145-FRA, cache-hhn4031-HHN
date: Thu, 01 Oct 2020 00:15:26 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 es6-promise.auto.min.js Show response
cdnjs.cloudflare.com/ajax/libs/es6-promise/4.1.1/ 6 KB
3 KB 37ms
15ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/es6-promise/4.1.1/es6-promise.auto.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

388dcdf7308a69b0e8bf6ad917397c94951709c3fb126b06706a0fe83317402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 516845
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2190
cf-request-id: 05831c9ce400002bd64686b200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:56 GMT
server: cloudflare
etag: "5eb03e54-18d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601511327"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5db1fd416b562bd6-FRA
expires: Tue, 21 Sep 2021 00:15:26 GMT

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.19.2/ 14 KB
4 KB 38ms
16ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.2/axios.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ff7fb4a3bb565f34d7c187bb245a7d22765081708dd1c1d2d24b8fc8ecd40a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3210395
content-security-policy-report-only: default-src https: data: wss: 'unsafe-eval' 'unsafe-inline'; report-uri https://cdnjs.cloudflare.com/cdn-cgi/beacon/csp?req_id=5db1fd416b572bd6
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4253
cf-request-id: 05831c9ce400002bd64686c200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:02 GMT
server: cloudflare
etag: "5eb03d6a-36a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601511327"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5db1fd416b572bd6-FRA
expires: Tue, 21 Sep 2021 00:15:26 GMT

GET
H2

200

filepond-plugin-file-validate-type.js Show response
unpkg.com/filepond-plugin-file-validate-type@1.2.5/dist/
Redirect Chain

https://unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
https://unpkg.com/filepond-plugin-file-validate-type@1.2.5/dist/filepond-plugin-file-validate-type.js

7 KB
2 KB

11ms
11ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/filepond-plugin-file-validate-type@1.2.5/dist/filepond-plugin-file-validate-type.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3daf3ce786a15a8c0efecf6c1f1eb50e220fdae60d50e11f3311bb01e369dc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13809981
status: 200
vary: Accept-Encoding
cf-request-id: 05831c9d21000005ed24267200000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1bf1-VJ5ukuIYPCvO9MA5/Qw7wWVSB9g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: a9c48a06f69487186c2f91278320213b
cache-control: public, max-age=31536000
cf-ray: 5db1fd41c87e05ed-FRA

Redirect headers

date: Thu, 01 Oct 2020 00:15:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 219
status: 302
vary: Accept, Accept-Encoding
content-length: 106
cf-request-id: 05831c9ce3000005ed24262200000001
access-control-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
location: /filepond-plugin-file-validate-type@1.2.5/dist/filepond-plugin-file-validate-type.js
x-cloud-trace-context: 24996e696d2e8885f5b42bd470f7977e
cache-control: public, s-maxage=600, max-age=60
cf-ray: 5db1fd41681b05ed-FRA

GET
H2 200 filepond.min.js Show response
cdnjs.cloudflare.com/ajax/libs/filepond/4.13.7/ 108 KB
27 KB 40ms
18ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/filepond/4.13.7/filepond.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dbccf4fb1e24dceb5003f521980b052bc9d93d43f597dd9d07b6184f540cff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 812517
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27873
cf-request-id: 05831c9ce400002bd64686d200000001
timing-allow-origin: *
last-modified: Mon, 25 May 2020 19:12:40 GMT
server: cloudflare
etag: "5ecc18a8-1b084"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601511327"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5db1fd416b582bd6-FRA
expires: Tue, 21 Sep 2021 00:15:26 GMT

GET
H2 200 filepond.min.css
cdnjs.cloudflare.com/ajax/libs/filepond/4.13.7/ 16 KB
3 KB 46ms
24ms Stylesheet
text/css 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/filepond/4.13.7/filepond.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a59ef088365940a2428bd9ff2f4af62bac74e020cde8483f231965a41ba4f004

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 812517
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2742
cf-request-id: 05831c9ce400002bd64686e200000001
timing-allow-origin: *
last-modified: Mon, 25 May 2020 19:12:40 GMT
server: cloudflare
etag: "5ecc18a8-3e5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601511327"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5db1fd416b592bd6-FRA
expires: Tue, 21 Sep 2021 00:15:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 140 KB
43 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ccb123269b3cd7b9313662fb96491cc59f2349c4acfefd0db9fe95aa95a47f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43789
x-xss-protection: 0
last-modified: Thu, 01 Oct 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Oct 2020 00:15:27 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://forms.donaldjtrump.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,600,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 18:26:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 107361
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Wed, 29 Sep 2021 18:26:05 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://forms.donaldjtrump.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,600,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 18:26:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 107323
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Wed, 29 Sep 2021 18:26:43 GMT

GET video.mp4
forms.donaldjtrump.com/landing/biden-progressive/video/ 0
0

GET
H2 200 7omVDlQIjaruGtx9XBe8S4vzx6lYY6Vt3gyR0116FMAU.m3u8 Show response
stream.mux.com/ 2 KB
3 KB 148ms
129ms XHR
application/x-mpegurl 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.mux.com/7omVDlQIjaruGtx9XBe8S4vzx6lYY6Vt3gyR0116FMAU.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fb7bde3d0b62da68db6e909cf13968bba13990657f0f3e19e43eb76a1b12a684

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
via: 1.1 varnish
x-cdn: fastly
x-timer: S1601511327.061895,VS0,VE123
x-served-by: cache-fra19179-FRA
status: 200
x-cache: MISS
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
grpc-metadata-content-type: application/grpc
accept-ranges: bytes
x-request-id: 00dc3662-830d-4e92-a1c7-c8ab4c204452
x-cache-hits: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 6106
date: Wed, 30 Sep 2020 22:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 01 Oct 2020 00:33:41 GMT

GET
H3-Q050

200

activityi;dc_pre=CLfQjc6OkuwCFdvBuwgdjUwMYg;src=9448820;type=pagev0;cat=djt-p0;ord=4538282600000;gtm=2wg9g1;auiddc=1842108647.1601511327;~oref=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden...
9448820.fls.doubleclick.net/ Frame BDDA
Redirect Chain

https://9448820.fls.doubleclick.net/activityi;src=9448820;type=pagev0;cat=djt-p0;ord=4538282600000;gtm=2wg9g1;auiddc=1842108647.1601511327;~oref=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbid...
https://9448820.fls.doubleclick.net/activityi;dc_pre=CLfQjc6OkuwCFdvBuwgdjUwMYg;src=9448820;type=pagev0;cat=djt-p0;ord=4538282600000;gtm=2wg9g1;auiddc=1842108647.1601511327;~oref=https%3A%2F%2Fform...

0
0

128ms
63ms

Document
text/html

216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9448820.fls.doubleclick.net/activityi;dc_pre=CLfQjc6OkuwCFdvBuwgdjUwMYg;src=9448820;type=pagev0;cat=djt-p0;ord=4538282600000;gtm=2wg9g1;auiddc=1842108647.1601511327;~oref=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience21435_na%26utm_campaign%3D20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na%26utm_content%3Dna%26amount%3Dna?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9448820.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLfQjc6OkuwCFdvBuwgdjUwMYg;src=9448820;type=pagev0;cat=djt-p0;ord=4538282600000;gtm=2wg9g1;auiddc=1842108647.1601511327;~oref=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience21435_na%26utm_campaign%3D20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na%26utm_content%3Dna%26amount%3Dna?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 01 Oct 2020 00:15:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 533
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Oct-2020 00:30:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 01 Oct 2020 00:15:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9448820.fls.doubleclick.net/activityi;dc_pre=CLfQjc6OkuwCFdvBuwgdjUwMYg;src=9448820;type=pagev0;cat=djt-p0;ord=4538282600000;gtm=2wg9g1;auiddc=1842108647.1601511327;~oref=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience21435_na%26utm_campaign%3D20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na%26utm_content%3Dna%26amount%3Dna?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

364bfcbd2c2eb80bea8d7bc435e7791de681966bb075baead08288599ff02620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23071
x-xss-protection: 0
pragma: public
x-fb-debug: 1EukYgMe5z55cl0Zkd9D9J2q4XXgenOsATS6yNg/Vv6zu5UBWqTPoJABY7wCP9QYUFtb8syQ2V+WkXdWJO5fxQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 01 Oct 2020 00:15:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 51ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 30 Sep 2020 23:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3304
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
content-length: 5581
x-amz-id-2: HnWacof8culf52ZODr98glHeIUGdZQEVnBrTc+Ujul/C4lg1quK6+CwJZrMfDuuBB3RyKd8aogc=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 24 Sep 2020 23:08:16 GMT
server: ATS
etag: "49db10c8315384e8dad2e92a6841ed81-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 0TAV9WFTBMASAR2M
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 99ms
31ms Script
application/x-javascript 143.204.90.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.161 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-161.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Sep 2020 15:17:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 32294
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 92sjudrJP4I8OeNPC0Io68YrYgJgNjnnzGYJPDUjLtKSLdSwRexFfA==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
130 B 13ms
13ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1780722176&t=pageview&_s=1&dl=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience21435_na%26utm_campaign%3D20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na%26utm_content%3Dna%26amount%3Dna&ul=en-us&de=UTF-8&dt=Most%20Progressive&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1903239629&gjid=1867505895&cid=416489266.1601511327&tid=UA-60901920-1&_gid=1919000858.1601511327&_r=1&gtm=2wg9g1M27JCG&z=1048179691

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 00:15:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://forms.donaldjtrump.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 181084665799192 Show response
connect.facebook.net/signals/config/ 234 KB
69 KB 65ms
64ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/181084665799192?v=2.9.26&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ea6cabc733f66c1460c2aba0348f87ff042231218ff4443f57d7a99eab1f77d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: ihGOPp8hlBhl9dLZYQ5EfPeljuFKXWjq/jLRi929AJyKzLjuzbHmQql4PVe9W5HnfZrVYkPucx7Fqz0TEgCEPw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 01 Oct 2020 00:15:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
92 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-60901920-1&cid=416489266.1601511327&jid=1903239629&gjid=1867505895&_gid=1919000858.1601511327&_u=YEBAAEAAAAAAAC~&z=1012834628

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 01 Oct 2020 00:15:27 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://forms.donaldjtrump.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 18ms
18ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-60901920-1&cid=416489266.1601511327&jid=1903239629&_u=YEBAAEAAAAAAAC~&z=1138818849

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 00:15:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 22ms
22ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-60901920-1&cid=416489266.1601511327&jid=1903239629&_u=YEBAAEAAAAAAAC~&z=1138818849

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Oct 2020 00:15:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10096637.json Show response
s.yimg.com/wi/config/ 2 B
494 B 158ms
119ms XHR
application/json 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10096637.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 15105742BCAC7678
x-amz-id-2: hPomvDTgIlInjOyjiVSQ1e5NRwC6sJHl0yY+xBIx0E1P5XNgPCSa2y9ZIVoFxLVLEufkI3nCQg8=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 rendition.m3u8 Show response
manifest-gce-us-east4-production.fastly.mux.com/wOYoxrZ00m1KY3m3wS5Cq01aKL6Gm5F1oWoi9eOLbpdswGr8o72EZgbzsOeQKsFTgKMbodnWyvgJjrYqb24I102Z7evkYvb00EGK/ 6 KB
1 KB 108ms
101ms XHR
application/x-mpegurl 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest-gce-us-east4-production.fastly.mux.com/wOYoxrZ00m1KY3m3wS5Cq01aKL6Gm5F1oWoi9eOLbpdswGr8o72EZgbzsOeQKsFTgKMbodnWyvgJjrYqb24I102Z7evkYvb00EGK/rendition.m3u8?cdn=highwinds&expires=1602115200&skid=default&signature=NWY3ZTU2ODBfN2Y5MzNhMGE3NDBlOWMzNTU2OTQyMDQwNjAzNTBjNzcxMGEzZTRhYTAyNzY2OGFhMzMyNzJjYzliNTIyYjg5YQ==
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 236b3ec2ea8910cf297d9454a71b12bc8630970f4019731197340c2897323fb8

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
content-encoding: gzip
x-cdn: fastly
age: 0
x-cache: HIT, MISS
status: 200
grpc-metadata-content-type: application/grpc
content-length: 1131
x-request-id: 5c28f17a-9b55-4ec8-8803-2613f0161e65
x-served-by: cache-dca17770-DCA, cache-fra19179-FRA
access-control-allow-origin: *
x-timer: S1601511327.203274,VS0,VE95
vary: Accept-Encoding
content-type: application/x-mpegURL
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 2558854747672869 Show response
connect.facebook.net/signals/config/ 234 KB
68 KB 60ms
59ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2558854747672869?v=2.9.26&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f65a8882e6e952ce81c391b70af18cf3e11e5519bf5f9b427ee653b08238550

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 6vPpYYIH5QiYx+vsBs+XZeOmd6F4baQfBTgddXIygglCm7Q/bPYhOG5xs3Ig2bssKdC2I4x97CsZd6lZ0exrrQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 01 Oct 2020 00:15:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=181084665799192&ev=PageView&dl=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience21435_na%26utm_campaign%3D20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na%26utm_content%3Dna%26amount%3Dna&rl=&if=false&ts=1601511327236&sw=1600&sh=1200&v=2.9.26&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1601511327235.1745313435&it=1601511327133&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 01 Oct 2020 00:15:27 GMT

GET
H/1.1 200
OK 0.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/nu3O4HwamSoKAryWaVcBJWz01pSt1sqkg02RxUFXJ007mUfJQjJneZL7Sffvtb007lMlZhGmhkWn7Q2NjAtuQvx0110200uT3Kj00urI/ 943 KB
944 KB 39ms
9ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/nu3O4HwamSoKAryWaVcBJWz01pSt1sqkg02RxUFXJ007mUfJQjJneZL7Sffvtb007lMlZhGmhkWn7Q2NjAtuQvx0110200uT3Kj00urI/0.ts?skid=highwinds&e=1602115200&st=803306da004769a983f4e4b137b24869
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: d88b8dd36ae80715de723d3fefd79722d1a51a0ec88eb97924ba56cd829a8b74

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:27 GMT
Last-Modified: Sun, 30 Aug 2020 20:51:04 GMT
X-CDN: highwinds
ETag: "1598820664"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511327.dop143.fr8.t,1601511327.cds166.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=71660
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 965944

GET
BLOB 200
OK e5d9c0e0-0f4f-43db-a2a9-308143139728
https://forms.donaldjtrump.com/ 59 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://forms.donaldjtrump.com/e5d9c0e0-0f4f-43db-a2a9-308143139728
Requested by: Host: forms.donaldjtrump.com
URL: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65e09a635e928a48cb815b6c182b0b1758cfa957f0f4fb3542cd1e9695b741c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 60803
Content-Type: text/javascript

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2558854747672869&ev=PageView&dl=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience21435_na%26utm_campaign%3D20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na%26utm_content%3Dna%26amount%3Dna&rl=&if=false&ts=1601511327316&sw=1600&sh=1200&v=2.9.26&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1601511327235.1745313435&it=1601511327133&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 01 Oct 2020 00:15:27 GMT

GET
H/1.1 200
OK sp.pl Show response
sp.analytics.yahoo.com/ 0
857 B 384ms
130ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2001%20Oct%202020%2000%3A15%3A27%20GMT&n=-2d&b=Most%20Progressive&.yp=10096637&f=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience21435_na%26utm_campaign%3D20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na%26utm_content%3Dna%26amount%3Dna&enc=UTF-8&tagmgr=gtm

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:27 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 01 Oct 2020 00:15:27 GMT

GET
H2 200 rendition.m3u8 Show response
manifest-gce-us-east4-production.fastly.mux.com/iSjGCAFbf201gsGI1gKlp3F79CKLHBmcut6H01eNKPpepF6tOHFeemwK2ARbZUqgVKQPjVl7JvAJjGjBNx14dFkqFazYZbgM19/ 5 KB
1 KB 96ms
95ms XHR
application/x-mpegurl 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest-gce-us-east4-production.fastly.mux.com/iSjGCAFbf201gsGI1gKlp3F79CKLHBmcut6H01eNKPpepF6tOHFeemwK2ARbZUqgVKQPjVl7JvAJjGjBNx14dFkqFazYZbgM19/rendition.m3u8?cdn=highwinds&expires=1602115200&skid=default&signature=NWY3ZTU2ODBfM2EwZTM2M2U5ZjVmN2U5YWVjNDkyZjM5ZmEzYTI0MWYyYzAxMDk1YmU3MmE1Njg1NzU1M2MxNzhlMjEwZmY1NQ==
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 92bd76d5c9bc5a1aeed34979598974efafeabfeb9b66cdde08e78b1d9728ed59

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
content-encoding: gzip
x-cdn: fastly
age: 0
x-cache: HIT, MISS
status: 200
grpc-metadata-content-type: application/grpc
content-length: 1133
x-request-id: 0dcc69a2-e8ab-478e-9a38-d5e3b4ac1eae
x-served-by: cache-dca17735-DCA, cache-fra19179-FRA
access-control-allow-origin: *
x-timer: S1601511327.454972,VS0,VE90
vary: Accept-Encoding
content-type: application/x-mpegURL
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H/1.1 200
OK 1.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 1 MB
1 MB 9ms
9ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/1.ts?skid=highwinds&e=1602115200&st=b69d022ce45684f5d7419f3e154c65d3
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 036617e26868534a9b01383f73331c4b43ec4e8f6a406a472a817a14a9c220cf

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:27 GMT
Last-Modified: Sun, 30 Aug 2020 20:51:04 GMT
X-CDN: highwinds
ETag: "1598820664"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511327.dop143.fr8.t,1601511327.cds018.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79307
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1456248

GET
H/1.1 200
OK 2.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 2 MB
2 MB 9ms
9ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/2.ts?skid=highwinds&e=1602115200&st=c38ce0d265e78399166721dcd319938f
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9439103ee3d530b317fdce9c402517520f51da498f17303571787e96df645188

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:27 GMT
Last-Modified: Sun, 30 Aug 2020 22:17:23 GMT
X-CDN: highwinds
ETag: "1598825843"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511327.dop143.fr8.t,1601511327.cds012.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=71663
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2400760

GET
H2 200 up
insight.adsrvr.org/track/ Frame 3649 0
0 201ms
71ms Document
text/html 54.77.92.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=mozu5ac&ref=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience21435_na%26utm_campaign%3D20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na%26utm_content%3Dna%26amount%3Dna&upid=u1mkbm0&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.92.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-92-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=mozu5ac&ref=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience21435_na%26utm_campaign%3D20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na%26utm_content%3Dna%26amount%3Dna&upid=u1mkbm0&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na

Response headers

status: 200
date: Thu, 01 Oct 2020 00:15:27 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
61 B 6ms
6ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=1780722176&t=timing&_s=2&dl=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience21435_na%26utm_campaign%3D20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na%26utm_content%3Dna%26amount%3Dna&ul=en-us&de=UTF-8&dt=Most%20Progressive&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1322&pdt=5&dns=7&rrt=195&srt=298&tcp=16&dit=691&clt=691&_gst=708&_gbt=728&_cst=541&_cbt=697&_u=YGBACEABBAAAAC~&jid=&gjid=&cid=416489266.1601511327&tid=UA-60901920-1&_gid=1919000858.1601511327&gtm=2wg9g1M27JCG&z=929806794

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 21:46:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8916
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=181084665799192&ev=Microdata&dl=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience21435_na%26utm_campaign%3D20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na%26utm_content%3Dna%26amount%3Dna&rl=&if=false&ts=1601511327739&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Most%20Progressive%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Most%20Progressive%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.donaldjtrump.com%2F_backgrounds%2Fogimages%2Ftrump_fist.jpg%22%2C%22og%3Asite_name%22%3A%22Donald%20J.%20Trump%20for%20President%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.26&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1601511327235.1745313435&it=1601511327133&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 01 Oct 2020 00:15:27 GMT

GET
H/1.1 200
OK 3.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 2 MB
2 MB 15ms
8ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/3.ts?skid=highwinds&e=1602115200&st=4ff9f93d4484b26f36817a4bd61ed29d
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 62ac2aa7db84f68f30d156aaab7515b0e8643fb55f213400c8b445cb2185f4bf

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:27 GMT
Last-Modified: Sun, 30 Aug 2020 22:17:25 GMT
X-CDN: highwinds
ETag: "1598825845"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511327.dop143.fr8.t,1601511327.cds265.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79308
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2154104

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2558854747672869&ev=Microdata&dl=https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience21435_na%26utm_campaign%3D20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na%26utm_content%3Dna%26amount%3Dna&rl=&if=false&ts=1601511327817&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Most%20Progressive%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Most%20Progressive%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fforms.donaldjtrump.com%2Flanding%2Fbiden-progressive%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.donaldjtrump.com%2F_backgrounds%2Fogimages%2Ftrump_fist.jpg%22%2C%22og%3Asite_name%22%3A%22Donald%20J.%20Trump%20for%20President%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.26&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1601511327235.1745313435&it=1601511327133&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 01 Oct 2020 00:15:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 01 Oct 2020 00:15:27 GMT

GET
H/1.1 200
OK 4.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 2 MB
2 MB 9ms
8ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/4.ts?skid=highwinds&e=1602115200&st=0293d17672a9c6f49bff28842f8dd266
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: fb29a034af6e4eb66f8a595d90aeaf52e4cff63dfac703ecbcfb52b570b97296

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:27 GMT
Last-Modified: Sun, 30 Aug 2020 22:17:28 GMT
X-CDN: highwinds
ETag: "1598825848"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511327.dop143.fr8.t,1601511327.cds251.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79308
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2217272

GET
H/1.1 200
OK 5.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 2 MB
2 MB 10ms
9ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/5.ts?skid=highwinds&e=1602115200&st=a6a7954255b8cfcffa029e2e8305d6cc
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 3dd4a0145c1bd15087ab656d78c54bc357fc15f79934e054f13b1d7f34e26269

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:28 GMT
Last-Modified: Sun, 30 Aug 2020 22:17:28 GMT
X-CDN: highwinds
ETag: "1598825848"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511328.dop143.fr8.t,1601511328.cds041.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79308
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2030776

GET
H/1.1 200
OK 6.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 2 MB
2 MB 8ms
8ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/6.ts?skid=highwinds&e=1602115200&st=7412c3f1e103db330d76b60f7bdeeee8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 337b8762f1e43ca5e298b71a3318e334662719ea0a63c45c1bc4ea35e9571d23

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:28 GMT
Last-Modified: Sun, 30 Aug 2020 22:17:27 GMT
X-CDN: highwinds
ETag: "1598825847"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511328.dop143.fr8.t,1601511328.cds287.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79308
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1814200

GET
H/1.1 200
OK 7.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 2 MB
2 MB 9ms
9ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/7.ts?skid=highwinds&e=1602115200&st=d8e80994111e98d6ebffe78b638395f5
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 11dd53b57e0b8f32b7d503a329c6acd977abf2c718432b87e5ff17c288abbda1

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:28 GMT
Last-Modified: Sun, 30 Aug 2020 22:17:31 GMT
X-CDN: highwinds
ETag: "1598825851"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511328.dop143.fr8.t,1601511328.cds145.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79309
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2039800

GET
H/1.1 200
OK 8.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 2 MB
2 MB 9ms
9ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/8.ts?skid=highwinds&e=1602115200&st=581078bf96fc25755f2942af29d8a059
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 23c76758d52dd3f6148776bada41987b4004a910254a2ce95f2c865a37d08b1e

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:28 GMT
Last-Modified: Sun, 30 Aug 2020 22:17:34 GMT
X-CDN: highwinds
ETag: "1598825854"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511328.dop143.fr8.t,1601511328.cds143.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79309
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1946552

GET
H/1.1 200
OK 9.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 2 MB
2 MB 10ms
9ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/9.ts?skid=highwinds&e=1602115200&st=e8267072e0976954e3e7e884f1b43e83
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 0032f218afbe1e3489c41e2e7596b151538ffcb4e422696b383ead9a4cdc7ef7

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:28 GMT
Last-Modified: Sun, 30 Aug 2020 22:17:33 GMT
X-CDN: highwinds
ETag: "1598825853"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511328.dop143.fr8.t,1601511328.cds161.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79309
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1723960

GET
H/1.1 200
OK 10.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 2 MB
2 MB 9ms
8ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/10.ts?skid=highwinds&e=1602115200&st=8aac175d535bf05a42a0b6c8a68e5e91
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5326c1edd5d0493e3e9dc6537a45160ede73f0439fa3a7f67783d6b1740d8946

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:28 GMT
Last-Modified: Sun, 30 Aug 2020 22:17:38 GMT
X-CDN: highwinds
ETag: "1598825858"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511328.dop143.fr8.t,1601511328.cds292.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79310
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2409784

GET
H/1.1 200
OK 11.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 2 MB
2 MB 8ms
7ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/11.ts?skid=highwinds&e=1602115200&st=6d2a59f7e3ed346a3f7245d9f7e6331d
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7a06a9d0c657f687e045d1b44b5023263a15fc4552b2cb5fbd48694c14d70b2c

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:28 GMT
Last-Modified: Sun, 30 Aug 2020 22:18:31 GMT
X-CDN: highwinds
ETag: "1598825911"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511328.dop143.fr8.t,1601511328.cds276.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79310
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2316536

GET
H/1.1 200
OK 12.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 1 MB
1 MB 9ms
8ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/12.ts?skid=highwinds&e=1602115200&st=f6e1c074a5a8b39d98fa6df1b1a14f79
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: a270ec5c5f18922d8b60fabde322e157b3e91ab24129e67c9bf0186bfd4d01f2

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:29 GMT
Last-Modified: Sun, 30 Aug 2020 22:18:32 GMT
X-CDN: highwinds
ETag: "1598825912"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511329.dop143.fr8.t,1601511329.cds130.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79310
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1116344

GET
H/1.1 200
OK 13.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 2 MB
2 MB 9ms
9ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/13.ts?skid=highwinds&e=1602115200&st=ca16d450af10db9fa13c7cd1d25b0e55
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: cca136c1fcc27b54a1a06d728b61cf7862250539da1e7f7ce95c45b4e85a2573

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:29 GMT
Last-Modified: Sun, 30 Aug 2020 22:18:31 GMT
X-CDN: highwinds
ETag: "1598825911"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511329.dop143.fr8.t,1601511329.cds242.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79310
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1636728

GET
H/1.1 200
OK 14.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 2 MB
2 MB 8ms
8ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/14.ts?skid=highwinds&e=1602115200&st=1053ab31b253ab2c766a78f457c30bf4
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: fa091c3a663f8e4ac8f0d1815232e53ca05b5c2b4b28b6123a8d6d758bf53323

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:29 GMT
Last-Modified: Sun, 30 Aug 2020 22:18:33 GMT
X-CDN: highwinds
ETag: "1598825913"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511329.dop143.fr8.t,1601511329.cds221.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79310
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1958584

GET
H/1.1 200
OK 15.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 1 MB
1 MB 9ms
9ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/15.ts?skid=highwinds&e=1602115200&st=05958448d752ad7b51d58af00b08ebda
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f4a8041521720356135d162eb00e690c2e90bd94d62c7f16c0d455b6c073afc4

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:29 GMT
Last-Modified: Sun, 30 Aug 2020 22:18:35 GMT
X-CDN: highwinds
ETag: "1598825915"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511329.dop143.fr8.t,1601511329.cds269.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79311
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1131384

GET
H/1.1 200
OK 16.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 711 KB
712 KB 9ms
8ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/16.ts?skid=highwinds&e=1602115200&st=869c9f2d7668288ed3adc05298076d0b
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 644d8778382f1d288e43519b4e85fd6a6a7fc2c7837758b7ee443f26ad7b2275

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:29 GMT
Last-Modified: Sun, 30 Aug 2020 22:18:34 GMT
X-CDN: highwinds
ETag: "1598825914"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511329.dop143.fr8.t,1601511329.cds274.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79311
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 728312

GET
H/1.1 200
OK 17.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 705 KB
706 KB 8ms
8ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/17.ts?skid=highwinds&e=1602115200&st=158ef7095f3924a6abde3d07d0be9a50
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: e4aaabde7a3f49c4db1ca489cc4159f8647f23f48d756beb858a6f99ab223a9e

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:29 GMT
Last-Modified: Sun, 30 Aug 2020 22:18:35 GMT
X-CDN: highwinds
ETag: "1598825915"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511329.dop143.fr8.t,1601511329.cds222.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79632
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 722296

GET
H/1.1 200
OK 18.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 2 MB
2 MB 9ms
8ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/18.ts?skid=highwinds&e=1602115200&st=5cca72cc81298da17de2b512365bdcad
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 2d86149cf43726701fba788b516321f7366606e97acfe343dd33b225b807383f

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:29 GMT
Last-Modified: Sun, 30 Aug 2020 22:18:36 GMT
X-CDN: highwinds
ETag: "1598825916"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511329.dop143.fr8.t,1601511329.cds152.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79312
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2343608

GET
H/1.1 200
OK 19.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/ 2 MB
2 MB 10ms
9ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/Cys2bq33zIPCvkcxmkwWvCJqNEUwHF24C1WtXTBTn61yZOdKxbE9nQWeiit00hF1gS4AZjVrWIonSTZaCkUFVxuS5LCYxUStb/19.ts?skid=highwinds&e=1602115200&st=ee5b5ed841c82c7876d83c58e7d3d8bf
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 3029cd453a24587be8bebdb485e3e328e4fc702937fd02fa6163c2640489ab88

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:29 GMT
Last-Modified: Sun, 30 Aug 2020 22:18:36 GMT
X-CDN: highwinds
ETag: "1598825916"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511329.dop143.fr8.t,1601511329.cds232.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79312
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1621688

GET
H/1.1 200
OK 20.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/01mgKRe1mLml1FttklGI9zCIEGA02QLH9BTrZcrU702x36002AeDUXj702yMp8SCVYBtPQLW1100PMkgKzGHL4fsNZatHX4D01Ywk00V/ 1 MB
1 MB 10ms
9ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/01mgKRe1mLml1FttklGI9zCIEGA02QLH9BTrZcrU702x36002AeDUXj702yMp8SCVYBtPQLW1100PMkgKzGHL4fsNZatHX4D01Ywk00V/20.ts?skid=highwinds&e=1602115200&st=80567a0b5fedec738744e27d9410856d
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cdd21cf0f51415987953f0c916cc25cb58e91196846deac418e0e527302f5cc

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:29 GMT
Last-Modified: Sun, 30 Aug 2020 22:18:36 GMT
X-CDN: highwinds
ETag: "1598825916"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511329.dop143.fr8.t,1601511329.cds126.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79312
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1206584

GET
H/1.1 200
OK 21.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/VMOrZj6JJkYSwxz01L5nr01Cl7i9q6bNxDOUuD7C00RPrscinbpw6JEGOdgl00OR3zz3pPT02uZFTKW1TCAdk717i7qHrNrjYL00Pf/ 235 KB
236 KB 9ms
8ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/VMOrZj6JJkYSwxz01L5nr01Cl7i9q6bNxDOUuD7C00RPrscinbpw6JEGOdgl00OR3zz3pPT02uZFTKW1TCAdk717i7qHrNrjYL00Pf/21.ts?skid=highwinds&e=1602115200&st=49736fc15c4caa903d67883d0f29a89d
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b9344723b04fd03b7823982ecbfc4796a73b95a3df003f9450d5fae82f2c7dd2

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:31 GMT
Last-Modified: Sun, 30 Aug 2020 22:18:37 GMT
X-CDN: highwinds
ETag: "1598825917"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511331.dop143.fr8.t,1601511331.cds274.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79310
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 241016

GET
H/1.1 200
OK 22.ts Show response
chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/iSjGCAFbf201gsGI1gKlp3F79CKLHBmcut6H01eNKPpepF6tOHFeemwK2ARbZUqgVKQPjVl7JvAJjGjBNx14dFkqFazYZbgM19/ 127 KB
127 KB 9ms
8ms XHR
video/mp2t 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://chunk-gce-us-east4-production.hwcdn.mux.com/v1/chunk/iSjGCAFbf201gsGI1gKlp3F79CKLHBmcut6H01eNKPpepF6tOHFeemwK2ARbZUqgVKQPjVl7JvAJjGjBNx14dFkqFazYZbgM19/22.ts?skid=highwinds&e=1602115200&st=2baba0f82ec8760d24bea49557261cdb
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/hls.js@0.8.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6ce0de75b12e5fe2c6fcf411999364a8ccfb2a195a38b11e3488f732cd39c760

Request headers

Referer: https://forms.donaldjtrump.com/landing/biden-progressive/?utm_medium=sms&utm_source=opns_djt_audience21435_na&utm_campaign=20200930_na_september-30-sms-205-pa-16-djt_djtfp_djt_na_na_audience21435_creative50281_na_pa_na_na_na_na_na_na_opns_gotv_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 01 Oct 2020 00:15:36 GMT
Last-Modified: Sun, 30 Aug 2020 22:18:38 GMT
X-CDN: highwinds
ETag: "1598825918"
X-HW: 1601511327.dop143.fr8.t,1601511327.cds154.fr8.shn,1601511336.dop143.fr8.t,1601511336.cds208.fr8.c
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Cache,X-Cache-Hits,X-Served-By,X-CDN,Accept-Ranges,Content-Length,Content-Range
Cache-Control: max-age=79308
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 129720

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: forms.donaldjtrump.com
URL: https://forms.donaldjtrump.com/landing/biden-progressive/video/video.mp4

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.donaldjtrump.com/	1970-01-19 12:53:17	Name: _gid Value: GA1.2.1919000858.1601511327
.donaldjtrump.com/	1970-01-20 06:23:03	Name: _ga Value: GA1.2.416489266.1601511327
.donaldjtrump.com/	1969-12-31 23:59:59	Name: __cfruid Value: b7b0075e3695093521d144cdd93751d802c2454b-1601511326
.donaldjtrump.com/	1970-01-19 12:51:51	Name: _gat_UA-60901920-1 Value: 1
forms.donaldjtrump.com/	1970-01-19 12:51:58	Name: nsession Value: eyJpdiI6IndWei9Jb2pJYTFhNkpGTjNORkN3Vnc9PSIsInZhbHVlIjoiVlBudnRybUZMaGp0VkRRS1JIbHdERmV4S3R0NzcwWWRzSUIvbFlZTVVPKzNPMS9qYzA1YkRlb0tqbm9UWDcrb2ozRVVpc1NMVnZPTUFuYXk4N09VSXlJUzdQN1VCdVFWKzlxTmMrai9DMlcrUXVQOTdpOWlpL0ozZjJUNnlRSUciLCJtYWMiOiIxMWVhMWM0OGQyNjI4OWUwOGYwMjUwNTgyNmQxNzUyMzQ3MjM3M2FhNWE1Y2Y0ZTYwNWRkMmYwYjAzN2IyN2FmIn0%3D
.doubleclick.net/	1970-01-19 12:51:52	Name: test_cookie Value: CheckForPermission
.donaldjtrump.com/	1970-01-19 13:35:03	Name: __cfduid Value: d97819c98db5e41560304c2a930fba2df1601511326
forms.donaldjtrump.com/	1970-01-19 12:51:58	Name: XSRF-TOKEN Value: eyJpdiI6IjBKczh4akFEQm8rMVI2K1FmOFRVWGc9PSIsInZhbHVlIjoiaEZCZDBWa3BXZVJZdHBLNzZVUlZrRWdGRlNWaU9sNVJZSU5qWWc0a1lMSzNsV0k3QWE0Z1phQlZVcTBLU1h0M3lJOEFCeEx3dlpCUk5uV01iWVJpR29SbXpoWFZyRXFZalgwZ3p4SWdpNlJDTktpaWQ1VjFFUlJQTWJodUF0TEYiLCJtYWMiOiIzMzEzZGE5YTlmNzVjYWExN2NmNDIxYWZlZmM4N2QzNjhhMzU2MDE3MDQ3MWEyM2NlOTNjYTI3ZDIzZDU2Njk5In0%3D
.donaldjtrump.com/	1970-01-19 15:01:27	Name: _fbp Value: fb.1.1601511327235.1745313435
.donaldjtrump.com/	1970-01-19 15:01:27	Name: _gcl_au Value: 1.1.1842108647.1601511327

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9448820.fls.doubleclick.net
assets.donaldjtrump.com
bit.ly
cdn.donaldjtrump.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
chunk-gce-us-east4-production.hwcdn.mux.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.donaldjtrump.com
insight.adsrvr.org
js.adsrvr.org
manifest-gce-us-east4-production.fastly.mux.com
s.yimg.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
stream.mux.com
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
forms.donaldjtrump.com
143.204.90.161
2001:4de0:ac19::1:b:3a
212.82.100.181
216.58.212.134
2606:4700::6810:7baf
2606:4700::6811:4f6b
2606:4700::6812:9444
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::2003
2a00:1450:4001:802::200a
2a00:1450:4001:809::2003
2a00:1450:4001:81a::2008
2a00:1450:4001:820::200e
2a00:1450:4001:821::200e
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
2a04:4e42:200::729
54.77.92.238
67.199.248.11
0032f218afbe1e3489c41e2e7596b151538ffcb4e422696b383ead9a4cdc7ef7
036617e26868534a9b01383f73331c4b43ec4e8f6a406a472a817a14a9c220cf
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0f65a8882e6e952ce81c391b70af18cf3e11e5519bf5f9b427ee653b08238550
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11dd53b57e0b8f32b7d503a329c6acd977abf2c718432b87e5ff17c288abbda1
17d5ced610338a94ada82c2045c799190c272326eb360986a80dc60d2e28aa27
1ea6cabc733f66c1460c2aba0348f87ff042231218ff4443f57d7a99eab1f77d
236b3ec2ea8910cf297d9454a71b12bc8630970f4019731197340c2897323fb8
23c76758d52dd3f6148776bada41987b4004a910254a2ce95f2c865a37d08b1e
25f270941bf21f5a5498409e35cd3b2cfaf7daffc86c0bc20af27ab253227451
2924a551f2a31b9f8fbc18f7477ed96b662f92d211af223b17f0c91fa4a10385
2d41185de500af732f0e710a4ba460bc6e6425c09feef565ec8228b18561e991
2d86149cf43726701fba788b516321f7366606e97acfe343dd33b225b807383f
3029cd453a24587be8bebdb485e3e328e4fc702937fd02fa6163c2640489ab88
3361cbf1496fdad3f3c7acbda0d5705df999b6c32d87f849a3006b66481957d8
337b8762f1e43ca5e298b71a3318e334662719ea0a63c45c1bc4ea35e9571d23
364bfcbd2c2eb80bea8d7bc435e7791de681966bb075baead08288599ff02620
388dcdf7308a69b0e8bf6ad917397c94951709c3fb126b06706a0fe83317402a
3dd4a0145c1bd15087ab656d78c54bc357fc15f79934e054f13b1d7f34e26269
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4ff7fb4a3bb565f34d7c187bb245a7d22765081708dd1c1d2d24b8fc8ecd40a4
5326c1edd5d0493e3e9dc6537a45160ede73f0439fa3a7f67783d6b1740d8946
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
626f58eb909514be1f92070f3618846ae6acd0e70b614334c153c8ac932c3460
62ac2aa7db84f68f30d156aaab7515b0e8643fb55f213400c8b445cb2185f4bf
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
644d8778382f1d288e43519b4e85fd6a6a7fc2c7837758b7ee443f26ad7b2275
65e09a635e928a48cb815b6c182b0b1758cfa957f0f4fb3542cd1e9695b741c1
6ce0de75b12e5fe2c6fcf411999364a8ccfb2a195a38b11e3488f732cd39c760
790df6e929bbe731ecee8ca639eca16a76d851fd33fc21cbc551c4c99eec967f
7a06a9d0c657f687e045d1b44b5023263a15fc4552b2cb5fbd48694c14d70b2c
7cdd21cf0f51415987953f0c916cc25cb58e91196846deac418e0e527302f5cc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8dbccf4fb1e24dceb5003f521980b052bc9d93d43f597dd9d07b6184f540cff7
92bd76d5c9bc5a1aeed34979598974efafeabfeb9b66cdde08e78b1d9728ed59
9439103ee3d530b317fdce9c402517520f51da498f17303571787e96df645188
9b08358598f139f21775b95d8b88185dbdde65daf859815acb91e6c9ccef5ca8
a270ec5c5f18922d8b60fabde322e157b3e91ab24129e67c9bf0186bfd4d01f2
a59ef088365940a2428bd9ff2f4af62bac74e020cde8483f231965a41ba4f004
aec2c42a28464509ab815d2140d2f0a43c47f5f2b6a9a782de7fa5ae47fc39b9
b3daf3ce786a15a8c0efecf6c1f1eb50e220fdae60d50e11f3311bb01e369dc0
b3ecd0aad052d58d2870679c3da3fbb59459e1a2c16147106e9a5148aca2de4a
b9344723b04fd03b7823982ecbfc4796a73b95a3df003f9450d5fae82f2c7dd2
bafd4b834a46f0b79b330af19a3445c50c3b2f68a05b2c4c4a260e53afe70a19
cab9446728fa7d8ff9639af1ceb7a35bd4fabe0c3cf916f4682f415c1070a0a1
cca136c1fcc27b54a1a06d728b61cf7862250539da1e7f7ce95c45b4e85a2573
ccb123269b3cd7b9313662fb96491cc59f2349c4acfefd0db9fe95aa95a47f30
d88b8dd36ae80715de723d3fefd79722d1a51a0ec88eb97924ba56cd829a8b74
de320e1684dcacc51fbf882833ccfc082ba582f45ee90601e582806fe9cdace4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aaabde7a3f49c4db1ca489cc4159f8647f23f48d756beb858a6f99ab223a9e
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a8041521720356135d162eb00e690c2e90bd94d62c7f16c0d455b6c073afc4
fa091c3a663f8e4ac8f0d1815232e53ca05b5c2b4b28b6123a8d6d758bf53323
fb29a034af6e4eb66f8a595d90aeaf52e4cff63dfac703ecbcfb52b570b97296
fb7bde3d0b62da68db6e909cf13968bba13990657f0f3e19e43eb76a1b12a684

forms.donaldjtrump.com Open in urlscan Pro 2606:4700::6812:9444 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

97 %HTTPS

77 %IPv6

18 Domains

24 Subdomains

22 IPs

8 Countries

37494 kBTransfer

38365 kBSize

10 Cookies

5 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

forms.donaldjtrump.com Open in urlscan Pro
2606:4700::6812:9444 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

97 %
HTTPS

77 %
IPv6

18
Domains

24
Subdomains

22
IPs

8
Countries

37494 kB
Transfer

38365 kB
Size

10
Cookies

68 HTTP transactions
0 data transactions