URL: http://trumptide.us/
Submission: On May 31 via manual from NZ

Summary

This website contacted 58 IPs in 7 countries across 47 domains to perform 89 HTTP transactions. The main IP is 45.79.199.138, located in Atlanta, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is trumptide.us.
This is the only time trumptide.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 45.79.199.138 63949 (LINODE-AP...)
1 2600:9000:219... 16509 (AMAZON-02)
2 4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f00... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f03... 32934 (FACEBOOK)
1 1 13.224.95.94 16509 (AMAZON-02)
1 13.224.95.8 16509 (AMAZON-02)
1 2a02:2d8:0:60... 9002 (RETN-AS)
1 194.1.147.91 210250 (WPX)
1 13.224.95.108 16509 (AMAZON-02)
1 151.101.113.184 54113 (FASTLY)
1 151.101.14.217 54113 (FASTLY)
1 2a03:2880:f00... 32934 (FACEBOOK)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.0.77.2 2635 (AUTOMATTIC)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f00... 32934 (FACEBOOK)
1 104.22.23.189 13335 (CLOUDFLAR...)
1 205.185.216.42 20446 (HIGHWINDS3)
1 2.16.187.17 20940 (AKAMAI-ASN1)
1 212.95.74.45 8839 (SDV-AS Sd...)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 2a03:90c0:999... 199524 (GCORE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 23.210.248.110 16625 (AKAMAI-AS)
1 151.101.13.164 54113 (FASTLY)
1 35.241.35.213 15169 (GOOGLE)
1 13.224.95.50 16509 (AMAZON-02)
1 23.8.12.20 20940 (AKAMAI-ASN1)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 151.139.128.11 20446 (HIGHWINDS3)
1 184.73.100.94 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.22.109.130 14618 (AMAZON-AES)
1 107.20.140.231 14618 (AMAZON-AES)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 151.101.36.84 54113 (FASTLY)
2 5 23.37.61.90 16625 (AKAMAI-AS)
2 7 34.253.133.202 16509 (AMAZON-02)
1 3 2.16.31.65 16625 (AKAMAI-AS)
1 104.16.88.26 13335 (CLOUDFLAR...)
1 2 34.253.109.165 16509 (AMAZON-02)
1 2 95.100.78.156 16625 (AKAMAI-AS)
1 208.100.17.186 32748 (STEADFAST)
1 2 23.45.237.36 20940 (AKAMAI-ASN1)
2 3 3.120.214.218 16509 (AMAZON-02)
2 34.250.145.255 16509 (AMAZON-02)
2 2 2.18.233.201 16625 (AKAMAI-AS)
1 50.19.53.33 14618 (AMAZON-AES)
1 67.202.110.34 32748 (STEADFAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
89 58
Apex Domain
Subdomains
Transfer
8 fbcdn.net
external-frt3-2.xx.fbcdn.net
scontent-nrt1-1.xx.fbcdn.net
scontent-dfw5-2.xx.fbcdn.net
scontent.fhen1-1.fna.fbcdn.net
scontent-yyz1-1.xx.fbcdn.net
scontent-cdg2-1.xx.fbcdn.net
scontent-amt2-1.xx.fbcdn.net
scontent-bru2-1.xx.fbcdn.net
229 KB
8 trumptide.us
trumptide.us
29 KB
7 ml314.com
ml314.com
9 KB
6 stackpathcdn.com
m9m6e2w5.stackpathcdn.com
99 KB
6 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
132 KB
5 owneriq.net
px.owneriq.net
6 KB
5 viglink.com
cdn.viglink.com
api.viglink.com
31 KB
4 leadstories.com
leadstories.com
12 KB
3 eyeota.net
ps.eyeota.net
2 KB
3 tynt.com
cdn.tynt.com
ic.tynt.com
de.tynt.com
5 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 shareaholic.com
analytics.shareaholic.com
partner.shareaholic.com
pixel.shareaholic.com
3 KB
3 doubleclick.net
googleads.g.doubleclick.net
2 mathtag.com
pixel.mathtag.com
1 KB
2 bluekai.com
stags.bluekai.com
tags.bluekai.com
855 B
2 bkrtx.com
tags.bkrtx.com
11 KB
2 crwdcntrl.net
sync.crwdcntrl.net
974 B
2 google-analytics.com
www.google-analytics.com
18 KB
2 bfmtv.com
www.bfmtv.com
img.bfmtv.com
123 KB
1 pinterest.com
api.pinterest.com
278 B
1 facebook.com
graph.facebook.com
549 B
1 googletagservices.com
www.googletagservices.com
27 KB
1 google.com
adservice.google.com
168 B
1 google.de
adservice.google.de
168 B
1 shareaholic.net
www.shareaholic.net
2 KB
1 telegraaf.nl
www.telegraaf.nl
54 KB
1 ffx.io
static.ffx.io
66 KB
1 quebecormedia.com
m1.quebecormedia.com
35 KB
1 pcdn.co
s31242.pcdn.co
598 KB
1 breitbart.com
media.breitbart.com
848 KB
1 nyt.com
static01.nyt.com
334 KB
1 foxnews.com
a57.foxnews.com
72 KB
1 rtbf.be
ds1.static.rtbf.be
49 KB
1 badische-zeitung.de
ais.badische-zeitung.de
24 KB
1 rt.com
cdni.rt.com
165 KB
1 lepoint.fr
www.lepoint.fr
19 KB
1 stern.de
image.stern.de
58 KB
1 townhall.com
media.townhall.com
47 KB
1 maldita.es
maldita.es
97 KB
1 wp.com
i0.wp.com
54 KB
1 ytimg.com
i.ytimg.com
18 KB
1 freenode.ro
mediastiriv1.freenode.ro
249 KB
1 insider.com
i.insider.com
66 KB
1 independent.co.uk
static.independent.co.uk
189 KB
1 arcpublishing.com
cloudfront-eu-central-1.images.arcpublishing.com
65 KB
1 theconservativeopinion.com
theconservativeopinion.com
588 KB
1 cloudfront.net
dsms0mj1bbhn4.cloudfront.net
4 KB
89 47
Domain Requested by
8 trumptide.us trumptide.us
7 ml314.com 2 redirects partner.shareaholic.com
ml314.com
trumptide.us
6 m9m6e2w5.stackpathcdn.com dsms0mj1bbhn4.cloudfront.net
m9m6e2w5.stackpathcdn.com
trumptide.us
5 px.owneriq.net 2 redirects partner.shareaholic.com
px.owneriq.net
trumptide.us
4 pagead2.googlesyndication.com trumptide.us
pagead2.googlesyndication.com
4 leadstories.com 2 redirects trumptide.us
3 ps.eyeota.net 2 redirects trumptide.us
3 sb.scorecardresearch.com 1 redirects partner.shareaholic.com
trumptide.us
3 cdn.viglink.com m9m6e2w5.stackpathcdn.com
trumptide.us
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 pixel.mathtag.com 2 redirects
2 api.viglink.com cdn.viglink.com
2 tags.bkrtx.com 1 redirects trumptide.us
2 sync.crwdcntrl.net 1 redirects trumptide.us
2 www.google-analytics.com trumptide.us
1 de.tynt.com cdn.tynt.com
1 pixel.shareaholic.com trumptide.us
1 tags.bluekai.com 1 redirects
1 stags.bluekai.com tags.bkrtx.com
1 ic.tynt.com trumptide.us
1 cdn.tynt.com partner.shareaholic.com
1 api.pinterest.com m9m6e2w5.stackpathcdn.com
1 graph.facebook.com m9m6e2w5.stackpathcdn.com
1 partner.shareaholic.com m9m6e2w5.stackpathcdn.com
1 analytics.shareaholic.com m9m6e2w5.stackpathcdn.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.shareaholic.net dsms0mj1bbhn4.cloudfront.net
1 www.telegraaf.nl trumptide.us
1 static.ffx.io trumptide.us
1 m1.quebecormedia.com trumptide.us
1 s31242.pcdn.co trumptide.us
1 media.breitbart.com trumptide.us
1 static01.nyt.com trumptide.us
1 a57.foxnews.com trumptide.us
1 ds1.static.rtbf.be trumptide.us
1 ais.badische-zeitung.de trumptide.us
1 cdni.rt.com trumptide.us
1 scontent-bru2-1.xx.fbcdn.net trumptide.us
1 www.lepoint.fr trumptide.us
1 image.stern.de trumptide.us
1 media.townhall.com trumptide.us
1 maldita.es trumptide.us
1 scontent-amt2-1.xx.fbcdn.net trumptide.us
1 scontent-cdg2-1.xx.fbcdn.net trumptide.us
1 i0.wp.com trumptide.us
1 i.ytimg.com trumptide.us
1 mediastiriv1.freenode.ro trumptide.us
1 scontent-yyz1-1.xx.fbcdn.net trumptide.us
1 i.insider.com trumptide.us
1 static.independent.co.uk trumptide.us
1 cloudfront-eu-central-1.images.arcpublishing.com trumptide.us
1 theconservativeopinion.com trumptide.us
1 scontent.fhen1-1.fna.fbcdn.net trumptide.us
1 img.bfmtv.com trumptide.us
1 www.bfmtv.com 1 redirects
1 scontent-dfw5-2.xx.fbcdn.net trumptide.us
1 scontent-nrt1-1.xx.fbcdn.net trumptide.us
1 external-frt3-2.xx.fbcdn.net trumptide.us
1 dsms0mj1bbhn4.cloudfront.net trumptide.us
89 62
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-01-30 -
2020-10-09
8 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-05-14 -
2020-08-05
3 months crt.sh
*.bfmtv.com
GlobalSign RSA OV SSL CA 2018
2020-02-07 -
2021-04-14
a year crt.sh
*.fhen1-1.fna.fbcdn.net
DigiCert SHA2 High Assurance Server CA
2020-04-25 -
2020-07-24
3 months crt.sh
theconservativeopinion.com
Let's Encrypt Authority X3
2020-04-20 -
2020-07-19
3 months crt.sh
*.images.arcpublishing.com
Amazon
2020-03-19 -
2021-04-19
a year crt.sh
t.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-04-30 -
2021-04-16
a year crt.sh
v2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-05-05 -
2021-04-22
a year crt.sh
edgestatic.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-02 -
2022-07-05
2 years crt.sh
*.townhall.com
Sectigo RSA Domain Validation Secure Server CA
2019-02-21 -
2021-02-20
2 years crt.sh
www.stage.stern.de
Let's Encrypt Authority X3
2020-05-07 -
2020-08-05
3 months crt.sh
*.lepoint.fr
Gandi Pro SSL CA 2
2018-09-25 -
2020-11-17
2 years crt.sh
*.rt.com
GeoTrust RSA CA 2018
2020-02-25 -
2021-05-26
a year crt.sh
r.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-04-29 -
2021-04-28
a year crt.sh
wildcard.foxnews.com
DigiCert Secure Site ECC CA-1
2020-04-14 -
2021-07-14
a year crt.sh
nytimes.com
Sectigo RSA Domain Validation Secure Server CA
2020-01-03 -
2022-04-06
2 years crt.sh
*.breitbart.com
COMODO RSA Domain Validation Secure Server CA
2018-06-28 -
2020-06-27
2 years crt.sh
pcdn.co
Amazon
2019-12-10 -
2021-01-10
a year crt.sh
secure.quebecormedia.com
DigiCert Secure Site ECC CA-1
2020-05-28 -
2020-09-19
4 months crt.sh
nine.com.au
COMODO RSA Organization Validation Secure Server CA
2020-02-27 -
2021-02-26
a year crt.sh
*.telegraaf.nl
Let's Encrypt Authority X3
2020-05-01 -
2020-07-30
3 months crt.sh
*.stackpathcdn.com
Go Daddy Secure Certificate Authority - G2
2019-06-27 -
2021-06-27
2 years crt.sh
*.shareaholic.net
Let's Encrypt Authority X3
2020-05-30 -
2020-08-28
3 months crt.sh
*.google.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh
shareaholic.com
Amazon
2019-07-31 -
2020-08-31
a year crt.sh
*.shareaholic.com
Let's Encrypt Authority X3
2020-05-30 -
2020-08-28
3 months crt.sh
ssl418259.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2020-05-19 -
2020-11-25
6 months crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA
2019-06-05 -
2020-07-22
a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018
2019-12-27 -
2021-03-27
a year crt.sh
*.ml314.com
Amazon
2020-02-17 -
2021-03-17
a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA
2019-12-16 -
2020-12-25
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2019-10-01 -
2021-09-30
2 years crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2019-06-13 -
2021-06-28
2 years crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA
2020-02-28 -
2021-05-29
a year crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1
2020-04-14 -
2021-04-10
a year crt.sh
*.eyeota.net
Let's Encrypt Authority X3
2020-04-10 -
2020-07-09
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh

This page contains 7 frames:

Primary Page: http://trumptide.us/
Frame ID: F0F63059AEAEC17F2F9D3D0136588F61
Requests: 84 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200526/r20190131/zrt_lookup.html
Frame ID: B44F1EAF5FF02E511FBB6B95CA45B319
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1659121210878204&output=html&h=280&slotname=8080637140&adk=2838554680&adf=2420991511&w=350&fwrn=4&fwrnh=100&lmt=1590922630&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=http%3A%2F%2Ftrumptide.us%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1590922630514&bpp=16&bdt=406&idt=293&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3215318211160&frm=20&pv=2&ga_vid=2131989890.1590922631&ga_sid=1590922631&ga_hid=631068188&ga_fc=0&iag=0&icsg=2219&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=776&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085&oid=3&pvsid=1132829244339067&pem=888&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=1&uci=a!1&fsb=1&xpc=t2Yy0nMtzl&p=http%3A//trumptide.us&dtd=314
Frame ID: 37A25A14361C3B84727909DCD9056C6C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1659121210878204&output=html&adk=1812271804&adf=3025194257&lmt=1590922630&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Ftrumptide.us%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1590922630580&bpp=2&bdt=472&idt=258&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&nras=1&correlator=3215318211160&frm=20&pv=1&ga_vid=2131989890.1590922631&ga_sid=1590922631&ga_hid=631068188&ga_fc=0&iag=0&icsg=34987&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085&oid=3&pvsid=1132829244339067&pem=888&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=1&uci=a!1&fsb=1&dtd=266
Frame ID: BD087564CF8208432529DC74EEE4E33A
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=text%2Fhtml
Frame ID: B66608B8E56CD7A26B0672F88986075E
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/41110?ret=html&phint=sh005%3D1111745&phint=sh005%3D1111845&phint=sh001%3D24815323&phint=sh001%3D13594596&phint=sh004%3D10813254&phint=sh004%3D10813255&phint=sh004%3D10813351&phint=sh005%3D1111762&phint=sh004%3D10813253&phint=sh005%3D1111741&phint=sh001%3D2897588&phint=sh001%3D10930641&phint=sh001%3D12644396&phint=sh005%3D6573862&phint=sh004%3D10813269&phint=sh005%3D1111739&phint=sh004%3D10813248&phint=sh005%3D1112464&phint=sh001%3D10930608&phint=sh005%3D1112465&phint=sh001%3D24816761&phint=sh004%3D10813284&phint=sh001%3D12644461&phint=sh004%3D8762415&phint=sh005%3D8854531&phint=__bk_t%3DTrumpTide%3A%20What%27s%20Rising%3F&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2Ftrumptide.us%2F&phint=__bk_v%3D3.1.5&limit=1&r=47824525
Frame ID: DAEFC1C3B7A6A57837A64E608467943E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: E8CFA6AC9B3C1DDD001A889EBF6ADC65
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

89
Requests

83 %
HTTPS

41 %
IPv6

47
Domains

62
Subdomains

58
IPs

7
Countries

4437 kB
Transfer

5066 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://leadstories.com/appstore.png HTTP 301
  • https://leadstories.com/appstore.png
Request Chain 3
  • http://leadstories.com/googleplay.png HTTP 301
  • https://leadstories.com/googleplay.png
Request Chain 9
  • https://www.bfmtv.com/i/0/0/f1e/f853b27811cd485cece9be35e6643.jpeg HTTP 301
  • https://img.bfmtv.com/i/0/0/f1e/f853b27811cd485cece9be35e6643.jpeg
Request Chain 45
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 46
  • http://www.google-analytics.com/r/collect?v=1&_v=j82&a=631068188&t=pageview&_s=1&dl=http%3A%2F%2Ftrumptide.us%2F&ul=en-us&de=UTF-8&dt=TrumpTide%3A%20What%27s%20Rising%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1565553503&gjid=970599554&cid=2131989890.1590922631&tid=UA-73660545-1&_gid=1467772960.1590922631&_r=1&z=1367482441 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=631068188&t=pageview&_s=1&dl=http%3A%2F%2Ftrumptide.us%2F&ul=en-us&de=UTF-8&dt=TrumpTide%3A%20What%27s%20Rising%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1565553503&gjid=970599554&cid=2131989890.1590922631&tid=UA-73660545-1&_gid=1467772960.1590922631&_r=1&z=1367482441
Request Chain 66
  • https://sync.crwdcntrl.net/map/c=9193/tp=SHLC/tpid=ccc2f79c-65ca-4bce-ab0a-5c521ac8e183 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=9193/tp=SHLC/tpid=ccc2f79c-65ca-4bce-ab0a-5c521ac8e183
Request Chain 67
  • http://tags.bkrtx.com/js/bk-coretag.js HTTP 302
  • https://tags.bkrtx.com/js/bk-coretag.js
Request Chain 69
  • https://px.owneriq.net/eps?pt=sholic&pid=1693&uid=Q6442090312092253042J&l=true HTTP 302
  • https://px.owneriq.net/noop?ct=text%2Fhtml
Request Chain 70
  • https://px.owneriq.net/j/?pt=sholic&t=d%7C%22Government%2520Services%22&s=inte HTTP 302
  • https://px.owneriq.net/noop?ct=application%2Fx-javascript
Request Chain 71
  • https://sb.scorecardresearch.com/b?c1=7&c2=19376307&c3=1&ns__t=1590922631685&ns_c=UTF-8&cv=3.5&c8=TrumpTide%3A%20What%27s%20Rising%3F&c7=http%3A%2F%2Ftrumptide.us%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=19376307&c3=1&ns__t=1590922631685&ns_c=UTF-8&cv=3.5&c8=TrumpTide%3A%20What%27s%20Rising%3F&c7=http%3A%2F%2Ftrumptide.us%2F&c9=&cs_ak_ss=1
Request Chain 75
  • https://tags.bluekai.com/site/20486?limit=0&id=3610659882418569304&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=3610659882418569304%26eid=50056 HTTP 302
  • https://ml314.com/csync.ashx?fp=IwAaBy9999Yml5BK&person_id=3610659882418569304&eid=50056
Request Chain 76
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2p4Vw88MsIUx3MTmcnVEQRZXz_yDJSTqIgAXClDJ844A&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil HTTP 302
  • https://ml314.com/csync.ashx?fp=2p4Vw88MsIUx3MTmcnVEQRZXz_yDJSTqIgAXClDJ844A&person_id=3610659882417520739&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil HTTP 302
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Request Chain 78
  • https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=3610659882417520739%26eid=50220 HTTP 302
  • https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=3610659882417520739%26eid=50220&mm_bnc&mm_bct&UUID=a8835ed3-8d88-4f00-950d-ad8749248492 HTTP 302
  • https://ml314.com/csync.ashx?fp=a8835ed3-8d88-4f00-950d-ad8749248492&person_id=3610659882417520739&eid=50220

89 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
trumptide.us/
41 KB
15 KB
Document
General
Full URL
http://trumptide.us/
Protocol
HTTP/1.1
Server
45.79.199.138 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1298-138.members.linode.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
1479627f3cf1279beced42cdb66c4e7cd71e6006626a1ae2c252478fc38810ae

Request headers

Host
trumptide.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:09 GMT
Server
Apache/2.4.25 (Debian)
Accept-Ranges
bytes
Vary
Accept-Encoding
X-Mod-Pagespeed
1.13.35.2-0
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Cache-Control
max-age=0, no-cache, s-maxage=10
Content-Length
14513
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
A.styles.css,qsfsdf=skmklljdf.pagespeed.cf.JebQENg8hb.css
trumptide.us/
4 KB
2 KB
Stylesheet
General
Full URL
http://trumptide.us/A.styles.css,qsfsdf=skmklljdf.pagespeed.cf.JebQENg8hb.css
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
HTTP/1.1
Server
45.79.199.138 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1298-138.members.linode.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
d3b1accd8f29d6717ad72233bfb7fb7da255a06ef81471e70476ba2c06cb2310

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:10 GMT
Content-Encoding
gzip
X-Original-Content-Length
5162
Server
Apache/2.4.25 (Debian)
Etag
W/"0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Last-Modified
Sun, 31 May 2020 10:57:10 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1083
Expires
Mon, 31 May 2021 10:57:10 GMT
shareaholic.js
dsms0mj1bbhn4.cloudfront.net/assets/pub/
9 KB
4 KB
Script
General
Full URL
http://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
HTTP/1.1
Server
2600:9000:2190:9e00:c:d51b:4400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c114ff10d62008ee27667861700b154bc2a1a745b8541a32baf08e5719c3c335

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:54:38 GMT
Content-Encoding
gzip
Age
157
X-Cache
Hit from cloudfront
X-Hello-Human
Join the fun! Apply at www.shareaholic.com/jobs
Content-Length
3668
Access-Control-Allow-Origin
*
Last-Modified
Fri, 29 May 2020 14:24:42 GMT
Server
nginx
Cache-Control
max-age=900, public
ETag
"efef2011aa9d1035e5157afd4a788040"
Content-Type
application/javascript; charset=UTF-8
Via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
M7U3IFQPB2ryw2DEF_3fUp6c030XeElcHbvu-l9khamdrVBZjsnA_w==
appstore.png
leadstories.com/
Redirect Chain
  • http://leadstories.com/appstore.png
  • https://leadstories.com/appstore.png
2 KB
2 KB
Image
General
Full URL
https://leadstories.com/appstore.png
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65a57a02a7b83d411aee0fb096b53fb04b7e4275953f469e1dacaec7c8fda477

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=3329
status
200
content-disposition
inline; filename="appstore.webp"
content-length
1766
cf-request-id
030bf9ecac00003244253ac200000001
last-modified
Fri, 27 May 2016 14:53:42 GMT
server
cloudflare
etag
"d01-533d4129ed9c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
cf-ray
59c02c277c473244-FRA
cf-bgj
imgq:85,h2pri

Redirect headers

Date
Sun, 31 May 2020 10:57:10 GMT
CF-Cache-Status
EXPIRED
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Location
https://leadstories.com/appstore.png
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
59c02c2678cbc2a9-FRA
cf-request-id
030bf9ec0b0000c2a9cb354200000001
googleplay.png
leadstories.com/
Redirect Chain
  • http://leadstories.com/googleplay.png
  • https://leadstories.com/googleplay.png
8 KB
9 KB
Image
General
Full URL
https://leadstories.com/googleplay.png
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a7f79138ffa3e4d12ec754173b24d5f2c69a7a6cd79a71273374eca04228729

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:11 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=11117
status
200
content-disposition
inline; filename="googleplay.webp"
content-length
8620
cf-request-id
030bf9edec00003244253c4200000001
last-modified
Fri, 27 May 2016 14:54:11 GMT
server
cloudflare
etag
"2b6d-533d414642310"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
cf-ray
59c02c297a0e3244-FRA
cf-bgj
imgq:85,h2pri

Redirect headers

Date
Sun, 31 May 2020 10:57:10 GMT
CF-Cache-Status
EXPIRED
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Location
https://leadstories.com/googleplay.png
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
59c02c2679d797de-FRA
cf-request-id
030bf9ec0b000097deac0a2200000001
Nx100xlogo.png.pagespeed.ic.0tR9PAs653.webp
trumptide.us/
7 KB
7 KB
Image
General
Full URL
http://trumptide.us/Nx100xlogo.png.pagespeed.ic.0tR9PAs653.webp
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
HTTP/1.1
Server
45.79.199.138 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1298-138.members.linode.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8efa4cbd46c5661b0b8dfcdf51c12cd1c7eedba1f7f751c314df86fead7d1c5b

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:10 GMT
X-Original-Content-Length
438058
Server
Apache/2.4.25 (Debian)
Etag
W/"0"
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Last-Modified
Sun, 03 May 2020 17:53:39 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Link
<http://trumptide.us/logo.png>; rel="canonical"
Content-Length
6670
Keep-Alive
timeout=5, max=100
Expires
Mon, 03 May 2021 17:53:39 GMT
safe_image.php
external-frt3-2.xx.fbcdn.net/
47 KB
47 KB
Image
General
Full URL
https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQDRMKacTBANqpKP&w=540&h=282&url=https%3A%2F%2Fi.guim.co.uk%2Fimg%2Fmedia%2F77a15b5d7658edd6022f726a13b7a883f9f80ff0%2F0_196_4294_2577%2Fmaster%2F4294.jpg%3Fwidth%3D1200%26height%3D630%26quality%3D85%26auto%3Dformat%26fit%3Dcrop%26overlay-align%3Dbottom%252Cleft%26overlay-width%3D100p%26overlay-base64%3DL2ltZy9zdGF0aWMvb3ZlcmxheXMvdGctb3BpbmlvbnMucG5n%26enable%3Dupscale%26s%3Dbf54045ba41769f185b2722c75d0dfa7&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&_nc_hash=AQCcdVeyt6iU8aer
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b24f444b9e8511ce60330701189e0623823a30e7050077214c94412bc5b21eb9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-content-type-options
nosniff
status
200
x-fb-config-version-olb-prod
833
alt-svc
h3-27=":443"; ma=3600
content-length
47671
x-xss-protection
0
x-fb-debug
6Hb7EWix6MV0SuVSnEir83kv5IQKQQg2unU72/6Eys3BRyAilFOVB+kMlonLe+Ah6w+CeW8MQ3TL6kUJ5zKgzg==
x-fb-trip-id
664085054
last-modified
Sun, 31 May 2020 05:31:15 GMT
x-fb-config-version-slb-prod_regional
833
x-frame-options
DENY
date
Sun, 31 May 2020 10:57:10 GMT, Sun, 31 May 2020 10:57:10 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
etag
"a30a68ee27fe9e7267e7cbe7ad01cf4d"
timing-allow-origin
*
expires
Mon, 01 Jun 2020 05:31:15 GMT
82339130_2788835731181846_835133129164324864_n.png
scontent-nrt1-1.xx.fbcdn.net/v/t1.0-1/
49 KB
50 KB
Image
General
Full URL
https://scontent-nrt1-1.xx.fbcdn.net/v/t1.0-1/82339130_2788835731181846_835133129164324864_n.png?_nc_cat=111&_nc_sid=dbb9e7&_nc_ohc=3v4pKBPO7nwAX8TcfY1&_nc_ht=scontent-nrt1-1.xx&oh=ae1b6f85b28aa4975c6df795ee70fde0&oe=5EF7E8EC
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55f573aee3ff02a4e042d3a558fde2ddb7eb929a7afd35ee1406c7631627052f

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum
2056911042
date
Sun, 31 May 2020 10:57:10 GMT, Sun, 31 May 2020 10:57:10 GMT
x-fb-config-version-elb-prod
833
status
200
x-fb-config-version-olb-prod
833
alt-svc
h3-27=":443"; ma=3600
content-length
50549
x-fb-trip-id
2050670934
last-modified
Fri, 17 Jan 2020 22:50:26 GMT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
e2sYhe5NaVHHtVoE_uJkBU46reVdWwy-EzXfd_3HsvPIUxHoUOSACyeGTy404ClXCKA9BHtVxIuyJrtbYo7f0A
x-needle-checksum
4114825993
timing-allow-origin
*
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
107 KB
39 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
HTTP/1.1
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3576ad6f8a7fcc99866414f654945e357a47b086966a39515b737b2540338030
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sun, 31 May 2020 10:57:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
4198287541972636029
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
39264
X-XSS-Protection
0
Expires
Sun, 31 May 2020 10:57:10 GMT
12310510_516494668532806_3376413687892675082_n.jpg
scontent-dfw5-2.xx.fbcdn.net/v/t1.0-1/
11 KB
11 KB
Image
General
Full URL
https://scontent-dfw5-2.xx.fbcdn.net/v/t1.0-1/12310510_516494668532806_3376413687892675082_n.jpg?_nc_cat=1&_nc_sid=dbb9e7&_nc_ohc=PUibVEkJuhUAX_x5-4m&_nc_ht=scontent-dfw5-2.xx&oh=52f30def3c440b0aa9b0e06d3ce5ad1d&oe=5EF7C73F
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f034:11a:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
714d7de1f0a2dec951d944af690510dc3a395d88533abbb8c8b6b73005edd64f

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum
655817490
date
Sun, 31 May 2020 10:57:10 GMT, Sun, 31 May 2020 10:57:10 GMT
x-fb-trip-id
1425083115
last-modified
Tue, 08 Dec 2015 19:02:42 GMT
status
200
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
x-needle-checksum
3204556657
x-fb-config-version-olb-prod
832
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=3600
content-length
11281
f853b27811cd485cece9be35e6643.jpeg
img.bfmtv.com/i/0/0/f1e/
Redirect Chain
  • https://www.bfmtv.com/i/0/0/f1e/f853b27811cd485cece9be35e6643.jpeg
  • https://img.bfmtv.com/i/0/0/f1e/f853b27811cd485cece9be35e6643.jpeg
122 KB
122 KB
Image
General
Full URL
https://img.bfmtv.com/i/0/0/f1e/f853b27811cd485cece9be35e6643.jpeg
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.8 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-8.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
c40fc8c8931402d8cc86e1dcc29cfd7319f22a6ad04b7d70ea6dd80d39acc173

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sun, 31 May 2020 07:41:38 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
server
nginx
age
11732
status
200
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
YWaVloYYh0-iJ0U95NQkKD3M-mr4ieo3mhxuCPbLV6jjK2_-1lKJyg==
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Sun, 31 May 2020 10:56:23 GMT
via
1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
server
nginx
age
47
status
301
location
https://img.bfmtv.com/i/0/0/f1e/f853b27811cd485cece9be35e6643.jpeg
x-cache
Hit from cloudfront
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
ZRH50-C1
content-length
178
x-amz-cf-id
6sRoBxiL4Avx6PDC-8VYJJUnTuWysE1PITdEzFstCfECBxDRx6THBA==
13335886_601976839969236_8317055755539369996_n.jpg
scontent.fhen1-1.fna.fbcdn.net/v/t1.0-1/c3.0.328.328a/
16 KB
17 KB
Image
General
Full URL
https://scontent.fhen1-1.fna.fbcdn.net/v/t1.0-1/c3.0.328.328a/13335886_601976839969236_8317055755539369996_n.jpg?_nc_cat=103&_nc_sid=dbb9e7&_nc_ohc=ptQEHexcyg0AX9U_ZTV&_nc_ht=scontent.fhen1-1.fna&oh=43ed189b16248a27d67ff11bad7e22c2&oe=5EF84622
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2d8:0:6005:face:b00c:0:a7 St Petersburg, Russian Federation, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
/
Resource Hash
b1ebf5624e75a296ab92ec241f3dfba56d95382fe2516ca4352c4f0ea40419be

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum
2393881189
date
Sun, 31 May 2020 10:57:10 GMT
x-fb-config-version-elb-prod
833
last-modified
Wed, 01 Jun 2016 09:58:18 GMT
status
200
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
content-length
16784
x-needle-checksum
449998667
x-fb-config-version-olb-prod
833
timing-allow-origin
*
x-fb-config-version-flb-prod
ff2c7e6c59be4d98b644c73f378ae9d5
deBlasio-Trump.png
theconservativeopinion.com/wp-content/uploads/2020/05/
587 KB
588 KB
Image
General
Full URL
https://theconservativeopinion.com/wp-content/uploads/2020/05/deBlasio-Trump.png
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.1.147.91 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
Software
WPX CLOUD/AMS01 /
Resource Hash
e9a689f5014b2f2619004b4559f1d5ccdc7e50eb2d309124b388b1d0d6193ac8

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
age
0
x-edge-location
WPX CLOUD/AMS01
x-cache
MISS
status
200
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
600885
last-modified
Sun, 31 May 2020 09:57:46 GMT
server
WPX CLOUD/AMS01
etag
"92b35-5ed37f9a-4c519f0208cb1621;;;"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=5184000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 30 Jul 2020 10:57:10 GMT
PLBT7MG7Z5BWGTW7BQT2OOYBDI.jpg
cloudfront-eu-central-1.images.arcpublishing.com/leparisien/
65 KB
65 KB
Image
General
Full URL
https://cloudfront-eu-central-1.images.arcpublishing.com/leparisien/PLBT7MG7Z5BWGTW7BQT2OOYBDI.jpg
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-108.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7aee21ba359179e0f3deb120113a9ca720f29dd5985452bc9275c1585bd8458

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:15:11 GMT
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
last-modified
Sun, 31 May 2020 10:15:08 GMT
server
AmazonS3
age
2520
etag
"d36053e9f74cbd488c9398f1c747661c"
x-cache
Hit from cloudfront
x-amz-version-id
doAtvRKcdSIWkaSxQil5HDXje4OGgn_W
status
200
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
66620
x-amz-cf-id
5lEHs1r1v_A4bcA7xkd0Zj5ZCrgpQD_66xdFiI3FZ9EP9lSmfNQe-A==
john-cusack.jpg
static.independent.co.uk/s3fs-public/thumbnails/image/2019/06/18/10/
189 KB
189 KB
Image
General
Full URL
https://static.independent.co.uk/s3fs-public/thumbnails/image/2019/06/18/10/john-cusack.jpg
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.184 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0c66074cea3b6a06b63bd4976f312c52d7e2722b6206b04d3158c77395d8abb

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
via
1.1 varnish, 1.1 varnish
age
325397
x-cache
HIT, HIT
fastly-io-info
ifsz=193361 idim=1653x1240 ifmt=jpeg ofsz=193361 odim=1653x1240 ofmt=jpeg
status
200
fastly-stats
io=1
content-length
193361
x-amz-id-2
dg6cx/xT8JxqM3hurd3MCJ6OPxRaPlQwjm3RGVLqSiQs92Wgvv5pmqFKeAdWHCmi2JShmAvNkFQ=
fastly-io-warning
Failed to shrink image
x-served-by
cache-lcy19220-LCY, cache-hhn4051-HHN
server
AmazonS3
x-timer
S1590922630.247579,VS0,VE1
etag
"jQtMfD+Nln8ux/3uHbO1UGGAVRxMehKtu/dDDO80BtI"
x-amz-request-id
141D2617CF6DB971
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 1
5ed37205f0f4190a430c7ed3
i.insider.com/
66 KB
66 KB
Image
General
Full URL
https://i.insider.com/5ed37205f0f4190a430c7ed3?width=1200&format=jpeg
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc1c61235e80ec8e416374c9a6b58c20579b890aba86d77ac6174395c5728815

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
via
1.1 varnish, 1.1 varnish
x-amz-meta-x-description
White+House+clashes
age
7040
accept-ranges
bytes
x-amz-meta-x-image-width
2000
fastly-io-info
ifsz=453065 idim=2000x1000 ifmt=jpeg ofsz=67408 odim=1200x600 ofmt=webp
status
200
x-cache
HIT, MISS
fastly-stats
io=1
x-amz-request-id
7745363178C8C5F0
x-amz-id-2
i9Y5j9PL3KMsrAMMRaA7R7zrdtusvc9/bIyMksXXSCHwZhupxF/DVFnMi2NF6QTQF+dGyS5XAig=
x-served-by
cache-bwi5132-BWI, cache-fra19125-FRA
x-amz-meta-x-source
JOSE+LUIS+MAGANA%2FAFP+via+Getty+Images
x-amz-meta-x-image-height
1000
server
AmazonS3
x-timer
S1590922630.482239,VS0,VE93
etag
"wra3T0tgjO9fGN8kblDSditw5kuu9fEwoSXG4i4fNfc"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=604800
content-length
67408
x-cache-hits
1, 0
67741560_3270797606280994_285088410006192128_n.jpg
scontent-yyz1-1.xx.fbcdn.net/v/t1.0-1/
18 KB
18 KB
Image
General
Full URL
https://scontent-yyz1-1.xx.fbcdn.net/v/t1.0-1/67741560_3270797606280994_285088410006192128_n.jpg?_nc_cat=1&_nc_sid=dbb9e7&_nc_ohc=gd6Cnj7AwA8AX8lNwqj&_nc_ht=scontent-yyz1-1.xx&oh=23ea17e16c121cb867ef97ece1e0aeae&oe=5EF9BF3F
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
62b77cbfc2319062b6625c0e40ec100ce0f222158243cead15d94e67efa66081

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum
2252573753
date
Sun, 31 May 2020 10:57:10 GMT, Sun, 31 May 2020 10:57:10 GMT
x-fb-trip-id
19638678
last-modified
Thu, 08 Aug 2019 06:17:18 GMT
status
200
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
x-needle-checksum
1231021851
x-fb-config-version-olb-prod
826
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=3600
content-length
18603
media-158986105787544300.jpg
mediastiriv1.freenode.ro/image/202005/w800/
249 KB
249 KB
Image
General
Full URL
https://mediastiriv1.freenode.ro/image/202005/w800/media-158986105787544300.jpg
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:3878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4284fae93a0ed01f16fb17e4c115916d1ac5763bf75c1d3d0b5965965da3f42

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
cf-cache-status
HIT
last-modified
Tue, 19 May 2020 03:29:51 GMT
server
cloudflare
age
1050865
status
200
etag
W/"5ec352af-3e245"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
59c02c283ecf1f55-FRA
cf-request-id
030bf9ed2200001f5570328200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
mqdefault.jpg
i.ytimg.com/vi/xXf3uwsjGf8/
18 KB
18 KB
Image
General
Full URL
https://i.ytimg.com/vi/xXf3uwsjGf8/mqdefault.jpg
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c149e6370919321d3e6b7c321b31da7206f863ae9e7de6155f3609c7231ae63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"1590917401"
content-type
image/jpeg
status
200
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18744
x-xss-protection
0
expires
Sun, 31 May 2020 11:02:10 GMT
PRC_153124476_1590916213.jpg
i0.wp.com/metro.co.uk/wp-content/uploads/2020/05/
53 KB
54 KB
Image
General
Full URL
https://i0.wp.com/metro.co.uk/wp-content/uploads/2020/05/PRC_153124476_1590916213.jpg?quality=90&strip=all&w=1200&h=630&crop=1&zoom=1&ssl=1
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
7c21195a0fa765f1ee20bf5488e69d3b32a58a2265670e2f69f3113f85b22193
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
MISS fra 6
date
Sun, 31 May 2020 10:57:10 GMT
x-content-type-options
nosniff
x-bytes-saved
27476
last-modified
Sun, 31 May 2020 09:14:42 GMT
server
nginx
etag
"576d62fd9cbf073f"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<https://metro.co.uk/wp-content/uploads/2020/05/PRC_153124476_1590916213.jpg>; rel="canonical"
content-length
54606
expires
Tue, 31 May 2022 21:14:42 GMT
72740070_2632680613633683_8259765569599832064_n.jpg
scontent-cdg2-1.xx.fbcdn.net/v/t1.0-1/s720x720/
48 KB
48 KB
Image
General
Full URL
https://scontent-cdg2-1.xx.fbcdn.net/v/t1.0-1/s720x720/72740070_2632680613633683_8259765569599832064_n.jpg?_nc_cat=100&_nc_sid=dbb9e7&_nc_ohc=r0iuO31VUtsAX8lmJ9P&_nc_ht=scontent-cdg2-1.xx&_nc_tp=7&oh=3619e3cf336f678aa13fb18ba2e0b46b&oe=5EFAFC1B
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01f:6:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ab6eb2deca3ca6902b547d6af566051d77816ea3257c38517b07c7d82d670087

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum
888755
date
Sun, 31 May 2020 10:57:10 GMT, Sun, 31 May 2020 10:57:10 GMT
x-fb-trip-id
1512268381
last-modified
Sat, 19 Oct 2019 15:43:13 GMT
status
200
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
x-needle-checksum
50373472
x-fb-config-version-olb-prod
833
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=3600
content-length
48857
64424339_10156312814376770_465273119980912640_n.jpg
scontent-amt2-1.xx.fbcdn.net/v/t1.0-1/p720x720/
24 KB
24 KB
Image
General
Full URL
https://scontent-amt2-1.xx.fbcdn.net/v/t1.0-1/p720x720/64424339_10156312814376770_465273119980912640_n.jpg?_nc_cat=1&_nc_sid=dbb9e7&_nc_oc=AQkawj4Y-jYXYNHgJOfThppuwx-uksWyiFekfXjdPteW8s4VgHeivgSIRxEs_Y8HRkw&_nc_ht=scontent-amt2-1.xx&_nc_tp=6&oh=6726d535399f5fabf63fd4991e875660&oe=5EF9F061
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9ffcaa2d8dc7e7604e39d1c3b50a2c8016982d09827dad7ad30081f41b0b0de0

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum
973947385
date
Sun, 31 May 2020 10:57:10 GMT, Sun, 31 May 2020 10:57:10 GMT
x-fb-trip-id
664085054
last-modified
Wed, 19 Jun 2019 21:38:06 GMT
status
200
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
x-needle-checksum
1743766791
x-fb-config-version-olb-prod
833
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=3600
content-length
24221
portada-time-trump.jpg
maldita.es/app/uploads/2020/05/
96 KB
97 KB
Image
General
Full URL
https://maldita.es/app/uploads/2020/05/portada-time-trump.jpg
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.23.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fc393e24e4ad6057eebee1951e5e6717ebd166ae945df10678f3eef58aa35e4

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
cf-cache-status
HIT
age
54036
cf-polished
origFmt=jpeg, origSize=118606
status
200
content-disposition
inline; filename="portada-time-trump.webp"
content-type
image/webp
content-length
98348
cf-request-id
030bf9edea00000b5b781a1200000001
last-modified
Sat, 30 May 2020 17:01:34 GMT
server
cloudflare
etag
"5ed2916e-1cf4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-varnish
7103745
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
x-cache-varnish
uncached
accept-ranges
bytes
cf-ray
59c02c297b680b5b-AMS
cf-bgj
imgq:100,h2pri
788fd5cd-2894-466d-b8d2-2a3a4b5e7628-1200x630.jpg
media.townhall.com/townhall/reu/o/2020/111/
46 KB
47 KB
Image
General
Full URL
https://media.townhall.com/townhall/reu/o/2020/111/788fd5cd-2894-466d-b8d2-2a3a4b5e7628-1200x630.jpg
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
nginx/1.10.3 (Ubuntu) / ASP.NET
Resource Hash
0196b08359dbf277474371503f3d3c1bc3b3f10e9a8f1b8cc1779d81d02feae5

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:11 GMT
etag
"12b1df82b524d61:0"
last-modified
Thu, 07 May 2020 21:21:45 GMT
server
nginx/1.10.3 (Ubuntu)
x-img
irsze
x-powered-by
ASP.NET
x-hw
1590922630.dop032.pa1.t,1590922630.cds034.pa1.hn,1590922631.cds008.pa1.p
content-type
image/jpeg
status
200
cache-tag-rr
img
cache-control
max-age=604800
accept-ranges
bytes
content-length
47391
x-served-by
thmedia2
donald-trump-usa.jpg
image.stern.de/9283394/16x9-1200-675/213ae53e5a67982b12a0749b3f7931f1/uv/
57 KB
58 KB
Image
General
Full URL
https://image.stern.de/9283394/16x9-1200-675/213ae53e5a67982b12a0749b3f7931f1/uv/donald-trump-usa.jpg
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.17 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-187-17.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8a1144012417be93244cf9ea14919a1ec5c780007024a87afc40f281fe34a2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cache-origin-object-info
cmstr-prod-01 HIT ttl=15551958.070 grace=120.000 age=41.930
date
Sun, 31 May 2020 10:57:10 GMT
x-content-type-options
nosniff
x-backend
cm9_image/cae26
status
200
x-cache-origin-request-date
Sun, 31 May 2020 09:07:00 GMT
content-length
58725
x-xss-protection
1; mode=block
x-varnish
529764344 528252077
xkey
spc9283394
server
Apache
x-cache-hit
HIT
etag
"7ada054d36a0a3b8d1033c36de3255f8"
x-frame-options
DENY
x-remaining-max-age
15551958
content-language
de-DE
access-control-allow-origin
*
x-cache-backend
cmstr_prod_03_frontend/varnish-cmstr-prod-01
x-edge-cache-tag
spc9283394
cache-control
public, max-age=15545459
accept-ranges
bytes
content-type
image/jpeg;charset=UTF-8
x-cache-origin-request-trace
xid=529764344, restarts=0
20404640lpw-20404678-article-g7-jpg_7142519_540x282.jpg
www.lepoint.fr/images/2020/05/31/
19 KB
19 KB
Image
General
Full URL
https://www.lepoint.fr/images/2020/05/31/20404640lpw-20404678-article-g7-jpg_7142519_540x282.jpg
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.95.74.45 , France, ASN8839 (SDV-AS SdV Plurimedia, FR),
Reverse DNS
lepoint-rvp-https-vip.sdv.fr
Software
nginx /
Resource Hash
23ceaedd69756e02b1f260bc8d22ad177b9f35df34b202b59a3a2b5a0f6fe59e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
x-backend
web12
x-cache
HIT 1
status
200
x-age
260
content-length
18992
x-xss-protection
1; mode=block
last-modified
Sun, 31 May 2020 09:35:03 GMT
server
nginx
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
x-varnish
577121771 577442854
x-varnish-bereq-url
/images/2020/05/31/20404640lpw-20404678-article-g7-jpg_7142519_540x282.jpg
accept-ranges
bytes
content-type
image/jpeg
x-server-identity
lepoint-rvp4.sdv.fr
expires
Sun, 31 May 2020 10:57:50 GMT
67337160_1074229919436436_5768735918613594112_n.png
scontent-bru2-1.xx.fbcdn.net/v/t1.0-1/
13 KB
13 KB
Image
General
Full URL
https://scontent-bru2-1.xx.fbcdn.net/v/t1.0-1/67337160_1074229919436436_5768735918613594112_n.png?_nc_cat=1&_nc_sid=dbb9e7&_nc_ohc=uOkuaKxBa20AX9tjlsA&_nc_ht=scontent-bru2-1.xx&oh=469a9f487194175d603e2b2cca97cbaf&oe=5EF771F8
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f021:b:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9db5ab502578667746d4e069360773b579f18dc24a347817c55df450b00d7ce3

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum
3058036097
date
Sun, 31 May 2020 10:57:10 GMT, Sun, 31 May 2020 10:57:10 GMT
x-fb-trip-id
664085054
last-modified
Fri, 26 Jul 2019 14:41:33 GMT
status
200
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
x-needle-checksum
855942036
x-fb-config-version-olb-prod
826
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=3600
content-length
13301
5ed12894b480cc399c143695.JPG
cdni.rt.com/deutsch/images/2020.05/article/
165 KB
165 KB
Image
General
Full URL
https://cdni.rt.com/deutsch/images/2020.05/article/5ed12894b480cc399c143695.JPG
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
3e8b631694236bcddc305b401a8a7e99f371ac867edaa76f89172b4ea3332199

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Sun, 31 May 2020 10:57:10 GMT
last-modified
Fri, 29 May 2020 15:21:56 GMT
server
nginx
etag
"5ed12894-293e4"
x-cached-since
2020-05-31T09:49:20+00:00
content-type
image/jpeg
status
200
cache-control
max-age=31536001
cache
HIT
accept-ranges
bytes
content-length
168932
expires
Mon, 31 May 2021 10:57:11 GMT
185974758-w-800-f-2_1-e-2_1-q-75.jpg
ais.badische-zeitung.de/piece/0b/15/bf/e6/
23 KB
24 KB
Image
General
Full URL
https://ais.badische-zeitung.de/piece/0b/15/bf/e6/185974758-w-800-f-2_1-e-2_1-q-75.jpg
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2493 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a6ca454449774f9961919085c5d3d8b64073dec812b0c4fc3607bd692af2c65

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
cf-cache-status
MISS
x-cacheable
YES:Cache-Control=max-age
x-cache
MISS@bz-prod1-cache201.dmz.freinet.de
status
200
x-cache-hits
0
content-length
23505
cf-request-id
030bf9eda400000eaf011ed200000001
x-ais-rule
1 - Found in local cache root
last-modified
Fri, 29 May 2020 16:34:13 GMT
server
cloudflare
etag
"5ed13985-5bd1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
59c02c290a650eaf-FRA
x-stage
prod1
expires
Sun, 31 May 2020 11:57:10 GMT
6bec957ab92ba458774761533d5d7c19-1590913707.jpg
ds1.static.rtbf.be/article/image/1248x702/3/a/6/
61 KB
49 KB
Image
General
Full URL
https://ds1.static.rtbf.be/article/image/1248x702/3/a/6/6bec957ab92ba458774761533d5d7c19-1590913707.jpg
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::319 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) / Express
Resource Hash
0c65fa3c1b4d51b887aa7ef10c789e555982b526f942febd788dc8082f47af03

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
content-encoding
gzip
x-cacheable
YES
x-backend
rtbf001
x-fastly-ttl
43200.000
age
8616
x-powered-by
Express
x-cache
MISS, HIT, HIT
status
200
content-length
49652
via
1.1 varnish-v4, 1.1 varnish, 1.1 varnish
x-served-by
cache-fra19145-FRA, cache-hhn4075-HHN
x-ttl
900.000
server
nginx/1.10.0 (Ubuntu)
x-timer
S1590922631.525735,VS0,VE1
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
x-cache-hits
1, 1
image.jpg
a57.foxnews.com/cf-images.us-east-1.prod.boltdns.net/v1/static/694940094001/6ded6644-3da6-4215-acff-34a9424efe27/f216c150-260f-4203-9699-81af6e702ebb/1280x720/match/1024/512/
72 KB
72 KB
Image
General
Full URL
https://a57.foxnews.com/cf-images.us-east-1.prod.boltdns.net/v1/static/694940094001/6ded6644-3da6-4215-acff-34a9424efe27/f216c150-260f-4203-9699-81af6e702ebb/1280x720/match/1024/512/image.jpg?ve=1&tl=1
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.110 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-110.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
7179ff47dd69b41f226a792f855bd0a04d74bbc4e6f4f56448787af40a62935f
Security Headers
Name Value
Strict-Transport-Security max-age=7884000 ; preload

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
x-image-server-store-time
1590918087
content-type
image/jpeg
x-image-server-cpu-estimate
103
status
200
x-image-server-response
request-7827242-13744947-990c11b
server-timing
cdn-cache; desc=HIT, edge; dur=50
content-length
73402
x-image-server-product
AIC
last-modified
Sun, 31 May 2020 09:41:27 GMT
server
Akamai Image Server
x-image-server-cpu-real
140
etag
"d7a41613ef10e9369f7c8432295feaa8"
strict-transport-security
max-age=7884000 ; preload
x-im-result-width
1024
x-im-original-width
1024
cache-control
max-age=2587444
timing-allow-origin
*
x-image-server-original-size
76350
31blackvoters1-videoSixteenByNineJumbo1600.jpg
static01.nyt.com/images/2020/05/31/us/politics/31blackvoters1/
334 KB
334 KB
Image
General
Full URL
https://static01.nyt.com/images/2020/05/31/us/politics/31blackvoters1/31blackvoters1-videoSixteenByNineJumbo1600.jpg
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6b60c7dda4aa9134ce1660079ee0a2484bb3d2bae50c40f69a215285e64a1fc3

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
via
1.1 varnish, 1.1 varnish
age
6965
x-guploader-uploadid
AAANsUnNKThLX7g0novgHWgkSdIEr1golVrqaMIYHrQeZicxE2XP_WuaTK-9PMpEwDCsOsUgRL46fh6hApHdJtvo5PU
x-cache
HIT, MISS
x-goog-storage-class
MULTI_REGIONAL
status
200
content-length
341636
x-served-by
cache-bwi5143-BWI, cache-fra19175-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
last-modified
Sun, 31 May 2020 09:00:20 GMT
server
UploadServer
x-timer
S1590922631.635631,VS0,VE196
etag
"1f72d90df02cf85222f627e5f0990410"
vary
Origin
x-goog-hash
crc32c=TpVKAQ==, md5=H3LZDfAs+FIi9ifl8JkEEA==
content-type
image/jpeg
access-control-allow-origin
*
expires
Sun, 31 May 2020 09:01:05 GMT
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
x-cache-hits
1, 0
EU-UN-WHO.png
media.breitbart.com/media/2020/05/
847 KB
848 KB
Image
General
Full URL
https://media.breitbart.com/media/2020/05/EU-UN-WHO.png
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.35.213 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.35.241.35.bc.googleusercontent.com
Software
shield /
Resource Hash
f6c723b3ba8c0dfd8b765487d6cd35cff96b8c54726230b6f5d7ad503688932c

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
via
1.1 google, 1.1 google
last-modified
Sun, 31 May 2020 08:14:17 GMT
server
shield
etag
"5ed36759-d3c80"
content-type
image/png
status
200
cache-control
max-age=31556926
x-shield-request-id
be29e6446fbe7a2fd0cde1421a0520e5
accept-ranges
bytes
alt-svc
clear, clear
content-length
867456
1-3.png
s31242.pcdn.co/wp-content/uploads/2020/05/
596 KB
598 KB
Image
General
Full URL
https://s31242.pcdn.co/wp-content/uploads/2020/05/1-3.png
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.50 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-50.zrh50.r.cloudfront.net
Software
cloudflare /
Resource Hash
86576d4ce14d5b36cfd37e5f30259e50f13b392de90b09a51402eceda93f57ad

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 08:59:56 GMT
via
1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
cf-cache-status
MISS
age
7034
x-cache
Hit from cloudfront
status
200
content-type
image/png
content-length
610771
cf-request-id
030b8e97d3000032480b1dd200000001
x-gateway-cache-status
HIT
x-gateway-request-id
ea9e0beb2f48a314d6166ff669a29896
last-modified
Sun, 31 May 2020 08:52:04 GMT
server
cloudflare
etag
"5ed37034-951d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-gateway-skip-cache
0
x-gateway-cache-key
1590768384.839||https|www.pinknews.co.uk||/wp-content/uploads/2020/05/1-3.png
cache-control
max-age=2592000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
cf-ray
59bf806c8eba3248-FRA
x-amz-cf-id
xWtiv0FXEuf4j99SWZfdV9BVyxuXvD-njmFJHVHZZtOzQHUCeR9CVQ==
expires
Tue, 30 Jun 2020 08:52:15 GMT
62841806_31117397398122-9708-4b62-9d51-4bc99bc783a4_ORIGINAL.jpg
m1.quebecormedia.com/emp/emp/
35 KB
35 KB
Image
General
Full URL
https://m1.quebecormedia.com/emp/emp/62841806_31117397398122-9708-4b62-9d51-4bc99bc783a4_ORIGINAL.jpg?impolicy=crop-resize&x=0&y=88&w=2000&h=825&width=1200
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.8.12.20 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-12-20.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
572d99fbc8728f1de946e76de571afb628f1d3a34fe14b8e991482e2cae20612

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
last-modified
Sun, 31 May 2020 00:25:20 GMT
server
Akamai Image Manager
etag
"c144ff0a053ab07d10c9dd9937f735d2"
status
200
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=11
content-length
35432
expires
Tue, 30 Jun 2020 00:26:36 GMT
95504f863e2e36e71c5992bef8c9b34fcc0af1ea
static.ffx.io/images/$zoom_0.2253%2C$multiply_0.7554%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_110/t_crop_custom/q_86%2Cf_auto/
66 KB
66 KB
Image
General
Full URL
https://static.ffx.io/images/$zoom_0.2253%2C$multiply_0.7554%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_110/t_crop_custom/q_86%2Cf_auto/95504f863e2e36e71c5992bef8c9b34fcc0af1ea
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
33c8416b0714310973b7cc9959c9204089ad473930435a0002b528da10420a8a

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
229691221251408423946839706422145435055,275218888381338567770988147356604968889,5f5f4219172da4ec8104790896b11172
status
200
content-disposition
inline; filename="95504f863e2e36e71c5992bef8c9b34fcc0af1ea.webp"
content-length
67200
x-cld-skey
229691221251408423946839706422145435055 275218888381338567770988147356604968889 5f5f4219172da4ec8104790896b11172
x-cache
MISS, MISS
last-modified
Sun, 31 May 2020 08:28:06 GMT
server
cloudinary
x-timer
S1590922631.696196,VS0,VE138
etag
"4d04c17d636bcf087aef104b8deb2911"
x-served-by
cache-hhn4062-HHN, cache-hhn4076-HHN
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0
ddffead2-a320-11ea-91c8-02d1dbdc35d1.jpg
www.telegraaf.nl/images/1200x630/filters:format(jpeg):quality(80)/cdn-kiosk-api.telegraaf.nl/
53 KB
54 KB
Image
General
Full URL
https://www.telegraaf.nl/images/1200x630/filters:format(jpeg):quality(80)/cdn-kiosk-api.telegraaf.nl/ddffead2-a320-11ea-91c8-02d1dbdc35d1.jpg
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d95fde5b57f29c4e0b3f8e0761ffc0fa2e7ed111083581880359cf730a519bef

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
cf-cache-status
HIT
server
cloudflare
age
5387
etag
"240ec400b5e5c3db4ee79d53ab281ee1367a40bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=31536000,public
accept-ranges
bytes
cf-ray
59c02c29f98ad6c5-FRA
content-length
54330
cf-request-id
030bf9ee390000d6c52f146200000001
expires
Mon, 31 May 2021 09:26:55 GMT
main.js
m9m6e2w5.stackpathcdn.com/v2/b025c8e5/
140 KB
40 KB
Script
General
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/b025c8e5/main.js
Requested by
Host: dsms0mj1bbhn4.cloudfront.net
URL: http://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
96ebc0d601b4e6dc00db4e5e799df226cb1e5f1c77e32258deaa42f7e51a379d

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
content-encoding
gzip
last-modified
Fri, 29 May 2020 14:24:39 GMT
server
nginx
x-amz-request-id
C78C0318833AAA1E
etag
"8fa40d828f0c3de303c539c2b13b647d"
x-hw
1590922630.cds019.pa1.hn,1590922630.cds030.pa1.c
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
access-control-allow-origin
*
content-length
40845
x-amz-id-2
oYQsQ8DvzySXSvxssrCXmHeNLq6tk7UkXH6oTBOx8WLZCxq8mXyHdd4pflRV83/t5bF5hWba2YQ=
29e916a98054b410a1a02f1c1db98c54.json
www.shareaholic.net/config/
3 KB
2 KB
XHR
General
Full URL
https://www.shareaholic.net/config/29e916a98054b410a1a02f1c1db98c54.json
Requested by
Host: dsms0mj1bbhn4.cloudfront.net
URL: http://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.73.100.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-100-94.compute-1.amazonaws.com
Software
nginx /
Resource Hash
67f87a66ecdd20f402319f75ac9bf689f4c204f06e6cb65410bc08f3b831558c

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-client-geo-country
CH,Switzerland
date
Sat, 30 May 2020 16:01:32 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-origin
*
status
200
access-control-allow-methods
GET, HEAD
content-length
1196
server
nginx
x-client-geo-region
ZH,Zurich
x-client-geo-metrocode
etag
W/"67f87a66ecdd20f402319f75ac9bf689"
access-control-max-age
2000
x-client-geo-city
Zurich
x-varnish
681620067 656910485
via
1.1 varnish (Varnish/6.0)
access-control-expose-headers
Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control
max-age=3, public, must-revalidate
x-client-geo-zip
8010
accept-ranges
bytes
content-type
application/json
access-control-allow-headers
*
x-client-geo-latlong
47.392500,8.454600
script.js.pagespeed.jm.UIaeacWI8P.js
trumptide.us/
3 KB
2 KB
Script
General
Full URL
http://trumptide.us/script.js.pagespeed.jm.UIaeacWI8P.js
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
HTTP/1.1
Server
45.79.199.138 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1298-138.members.linode.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
540c0f907caef2904002b52fbda537e4c1e5ef66e530569774a8e6666b302eb0

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:10 GMT
Content-Encoding
gzip
X-Original-Content-Length
4498
Server
Apache/2.4.25 (Debian)
Etag
W/"0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Last-Modified
Sun, 31 May 2020 05:46:10 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1095
Expires
Mon, 31 May 2021 05:46:10 GMT
truncated
/
449 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d41360e1cd16b52dd39c0aa923a2276004ef7b5127bc8b79463a8f4f596ffc3e

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/
109 B
168 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=trumptide.us
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 May 2020 10:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
168 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=trumptide.us
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 May 2020 10:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/
218 KB
82 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f78ab01c230d1137acf6ddd944b8c74ca55fc21f93495c875a21428e4d2c0408
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
83908
x-xss-protection
0
server
cafe
etag
18422230976395592926
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 May 2020 10:57:10 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200526/r20190131/ Frame B44F
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200526/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200526/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://trumptide.us/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://trumptide.us/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 26 May 2020 23:49:31 GMT
expires
Tue, 09 Jun 2020 23:49:31 GMT
content-type
text/html; charset=UTF-8
etag
17826495148367054107
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4284
x-xss-protection
0
cache-control
public, max-age=1209600
age
385659
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
hashes.json
trumptide.us/
1 KB
1 KB
XHR
General
Full URL
http://trumptide.us/hashes.json
Requested by
Host: trumptide.us
URL: http://trumptide.us/script.js.pagespeed.jm.UIaeacWI8P.js
Protocol
HTTP/1.1
Server
45.79.199.138 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1298-138.members.linode.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
1cb38e1efedd2bb3cba4dcbacefcbb70e971ac226e4e1522e5da21dfa33f7706

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:10 GMT
Last-Modified
Sun, 31 May 2020 10:57:02 GMT
Server
Apache/2.4.25 (Debian)
ETag
"41b-5a6ef89c8d235"
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
s-maxage=10
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1051
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
51
date
Sun, 31 May 2020 10:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Sun, 31 May 2020 12:56:19 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j82&a=631068188&t=pageview&_s=1&dl=http%3A%2F%2Ftrumptide.us%2F&ul=en-us&de=UTF-8&dt=TrumpTide%3A%20What%27s%20Rising%3F&sd=24-bit&sr=1600x1200&vp=1...
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=631068188&t=pageview&_s=1&dl=http%3A%2F%2Ftrumptide.us%2F&ul=en-us&de=UTF-8&dt=TrumpTide%3A%20What%27s%20Rising%3F&sd=24-bit&sr=1600x1200&vp=...
35 B
98 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=631068188&t=pageview&_s=1&dl=http%3A%2F%2Ftrumptide.us%2F&ul=en-us&de=UTF-8&dt=TrumpTide%3A%20What%27s%20Rising%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1565553503&gjid=970599554&cid=2131989890.1590922631&tid=UA-73660545-1&_gid=1467772960.1590922631&_r=1&z=1367482441
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 May 2020 10:57:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=631068188&t=pageview&_s=1&dl=http%3A%2F%2Ftrumptide.us%2F&ul=en-us&de=UTF-8&dt=TrumpTide%3A%20What%27s%20Rising%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1565553503&gjid=970599554&cid=2131989890.1590922631&tid=UA-73660545-1&_gid=1467772960.1590922631&_r=1&z=1367482441
Non-Authoritative-Reason
HSTS
ads
googleads.g.doubleclick.net/pagead/ Frame 37A2
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1659121210878204&output=html&h=280&slotname=8080637140&adk=2838554680&adf=2420991511&w=350&fwrn=4&fwrnh=100&lmt=1590922630&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=http%3A%2F%2Ftrumptide.us%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1590922630514&bpp=16&bdt=406&idt=293&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3215318211160&frm=20&pv=2&ga_vid=2131989890.1590922631&ga_sid=1590922631&ga_hid=631068188&ga_fc=0&iag=0&icsg=2219&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=776&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085&oid=3&pvsid=1132829244339067&pem=888&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=1&uci=a!1&fsb=1&xpc=t2Yy0nMtzl&p=http%3A//trumptide.us&dtd=314
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1659121210878204&output=html&h=280&slotname=8080637140&adk=2838554680&adf=2420991511&w=350&fwrn=4&fwrnh=100&lmt=1590922630&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=350x280&url=http%3A%2F%2Ftrumptide.us%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1590922630514&bpp=16&bdt=406&idt=293&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3215318211160&frm=20&pv=2&ga_vid=2131989890.1590922631&ga_sid=1590922631&ga_hid=631068188&ga_fc=0&iag=0&icsg=2219&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=776&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085&oid=3&pvsid=1132829244339067&pem=888&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=1&uci=a!1&fsb=1&xpc=t2Yy0nMtzl&p=http%3A//trumptide.us&dtd=314
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://trumptide.us/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://trumptide.us/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 31 May 2020 10:57:11 GMT
server
cafe
content-length
18975
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 31-May-2020 11:12:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sun, 31 May 2020 10:57:11 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26ab1f3d53089825fd05700e5518ee60a7ff1290d07fbb4ad5b07b4ac4953685
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1590752365362815"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27673
x-xss-protection
0
expires
Sun, 31 May 2020 10:57:10 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BD08
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1659121210878204&output=html&adk=1812271804&adf=3025194257&lmt=1590922630&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Ftrumptide.us%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1590922630580&bpp=2&bdt=472&idt=258&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&nras=1&correlator=3215318211160&frm=20&pv=1&ga_vid=2131989890.1590922631&ga_sid=1590922631&ga_hid=631068188&ga_fc=0&iag=0&icsg=34987&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085&oid=3&pvsid=1132829244339067&pem=888&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=1&uci=a!1&fsb=1&dtd=266
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1659121210878204&output=html&adk=1812271804&adf=3025194257&lmt=1590922630&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Ftrumptide.us%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1590922630580&bpp=2&bdt=472&idt=258&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&nras=1&correlator=3215318211160&frm=20&pv=1&ga_vid=2131989890.1590922631&ga_sid=1590922631&ga_hid=631068188&ga_fc=0&iag=0&icsg=34987&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085&oid=3&pvsid=1132829244339067&pem=888&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=1&uci=a!1&fsb=1&dtd=266
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://trumptide.us/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://trumptide.us/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 31 May 2020 10:57:10 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 31-May-2020 11:12:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sun, 31 May 2020 10:57:10 GMT
cache-control
private
e
analytics.shareaholic.com/
43 B
634 B
Other
General
Full URL
https://analytics.shareaholic.com/e
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/b025c8e5/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.109.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-109-130.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Content-Security-Policy referrer always

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 31 May 2020 10:57:11 GMT
status
200
vary
Origin
p3p
CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
access-control-allow-origin
http://trumptide.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
referer-policy
unsafe-url
content-security-policy
referrer always
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
sharebuttons.js
m9m6e2w5.stackpathcdn.com/v2/b025c8e5/
147 KB
33 KB
Script
General
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/b025c8e5/sharebuttons.js
Requested by
Host: dsms0mj1bbhn4.cloudfront.net
URL: http://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
8302955ad6463a2d3d4478a5fcb443b5a53f8f4404cc56f81ba539d09f9bb599

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:11 GMT
content-encoding
gzip
last-modified
Fri, 29 May 2020 14:24:40 GMT
server
nginx
x-amz-request-id
D95731C1C96FDECD
etag
"4defde7403153f579d31ab300fd57c6c"
x-hw
1590922631.cds019.pa1.hn,1590922631.cds013.pa1.c
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
access-control-allow-origin
*
content-length
33290
x-amz-id-2
c6KLrzZExqQ1xCOZ6FvUHj3hIbueS4udEX4WuUZyaSdr4tz5AEQmCkDGycf3X5PM5gXW7ETq/lE=
affiliatelinks.js
m9m6e2w5.stackpathcdn.com/v2/b025c8e5/
993 B
787 B
Script
General
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/b025c8e5/affiliatelinks.js
Requested by
Host: dsms0mj1bbhn4.cloudfront.net
URL: http://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
3a4ec4443d19777bf148ab1d7fd098cec7810d1cdad35cdc28efebcf11850900

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:11 GMT
content-encoding
gzip
last-modified
Fri, 29 May 2020 14:24:39 GMT
server
nginx
x-amz-request-id
B06FD90480BABAF4
etag
"3e5dfa41b6a5dddc8353340b4033f755"
x-hw
1590922631.cds019.pa1.hn,1590922631.cds029.pa1.c
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
access-control-allow-origin
*
content-length
584
x-amz-id-2
u8m/dZNH6IJizM47UEKFA5FbJ79sapVf4VKuMcbkAGlYdZlk6NnIQcJmXz78YLytXlQMEszoiOs=
adminbadgei.js
m9m6e2w5.stackpathcdn.com/v2/b025c8e5/
18 KB
4 KB
Script
General
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/b025c8e5/adminbadgei.js
Requested by
Host: dsms0mj1bbhn4.cloudfront.net
URL: http://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
4c763a3d51fe1f613300e87a1e386580c28928bed881c451c62ca97ebe0cdc9f

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:11 GMT
content-encoding
gzip
last-modified
Fri, 29 May 2020 14:24:39 GMT
server
nginx
x-amz-request-id
2895B0CFAFEC9E80
etag
"1705c8d6691f11b435d596b96af5e437"
x-hw
1590922631.cds019.pa1.hn,1590922631.cds030.pa1.c
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
access-control-allow-origin
*
content-length
3841
x-amz-id-2
/hpHcvmpefjFX7Y3XgNkLTF4FWo2NKmenxhP0a8ETtHVbnUA9Iwvewxu3rNfgjOLgHfxjPj+f3M=
partners.js
partner.shareaholic.com/
4 KB
3 KB
Script
General
Full URL
https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Ftrumptide.us%2F&canonical=http%3A%2F%2Ftrumptide.us&cl=undefined&id_sync=ccc2f79c-65ca-4bce-ab0a-5c521ac8e183&minify=1&pvs=1&site=29e916a98054b410a1a02f1c1db98c54
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/b025c8e5/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.140.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-140-231.compute-1.amazonaws.com
Software
/
Resource Hash
195ff4dc6e126ae9031d0baf63404602aa841f3a5c80221fddc7f40eb876c565

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 May 2020 10:57:11 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
p3p
CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript;charset=utf-8
content-length
1204
expires
Thu, 01 Jan 1970 00:00:00 GMT
shareaholic-icons.woff
m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/
20 KB
21 KB
Font
General
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/shareaholic-icons.woff
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/b025c8e5/sharebuttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://trumptide.us/
Origin
http://trumptide.us

Response headers

date
Sun, 31 May 2020 10:57:11 GMT
content-encoding
gzip
x-amz-request-id
706C442F8A4E857B
status
200
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
content-length
20572
x-amz-id-2
tUBDro6zM1wSlQQLedPjwH+CLPzc8XR22yv0sWvMnxjIgJgc4ecmlynDxnDaNT8xuSkbgge/GLQ=
last-modified
Fri, 29 May 2020 14:24:40 GMT
server
nginx
etag
"0e26e8e2b7a79ff2a9e9fe9ef5382e6d"
access-control-max-age
2000
x-hw
1590922631.cds019.pa1.hn,1590922631.cds041.pa1.c
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
ETag, Access-Control-Allow-Origin
cache-control
max-age=31536000, public
accept-ranges
bytes
vglnk.js
cdn.viglink.com/api/
79 KB
28 KB
Script
General
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/b025c8e5/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
568a502aa767d3c49d8d68d6a7f5a88e2ed15bff9a64be1161d7b5fa3a698c2a

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2124203
cf-ray
59c02c2db821646d-FRA
status
200
content-length
27910
x-amz-id-2
gPU9dqMsYdA/iRe28bp6oqh7yEkHXLIfgVveEMU21yaz4FFozdzuiVOzGrZdCXbqEq7iyBBT9IY=
last-modified
Wed, 06 May 2020 20:52:12 GMT
server
cloudflare
etag
"9256e55574004d03413b6e92d0dec1d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
53FFB5C678F2DBE9
cache-control
public, max-age=1800
cf-request-id
030bf9f0910000646d8d11d200000001
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 31 May 2020 11:27:11 GMT
logo.svg
m9m6e2w5.stackpathcdn.com/v2/images_0ecbeeff/badge/
743 B
576 B
Image
General
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/images_0ecbeeff/badge/logo.svg
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
90fadc153cb3202eb4e63fa7f561f19d28ba6b66e1a91a57813c66c3032d54d9

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:11 GMT
content-encoding
gzip
last-modified
Fri, 29 May 2020 14:24:40 GMT
server
nginx
x-amz-request-id
D052B1066E705A67
etag
"83eda2388bc041d5d753201754724793"
x-hw
1590922631.cds019.pa1.hn,1590922631.cds024.pa1.c
content-type
image/svg+xml
status
200
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
access-control-allow-origin
*
content-length
360
x-amz-id-2
DboQtc/Q8qVYc+iJ691JNTGIZhXnqj679oQCFbRJ2xy35H/16Cy4JUJlGxQJ+lvUo1EaAcKR+2g=
pixel.gif
cdn.viglink.com/images/
43 B
757 B
Image
General
Full URL
http://cdn.viglink.com/images/pixel.gif?ch=1&rn=4.861029731694454
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
HTTP/1.1
Server
2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:11 GMT
CF-Cache-Status
HIT
Age
10
CF-RAY
59c02c2e188505c4-FRA
Connection
keep-alive
Content-Length
43
x-amz-id-2
xTh87DVpxz172YvqbwXeZDUt+fLYZR6fz00ozDg/KADaSJA/mgyIjZjZY0n4gAere/7jGzLriok=
Last-Modified
Tue, 10 Feb 2015 03:29:39 GMT
Server
cloudflare
ETag
"221d8352905f2c38b3cb2bd191d630b0"
Vary
Accept-Encoding
x-amz-request-id
0C13AF182562D257
Cache-Control
max-age=15, must-revalidate
cf-request-id
030bf9f0cc000005c46d05e200000001
Accept-Ranges
bytes
Content-Type
image/gif
pixel.gif
cdn.viglink.com/images/
43 B
757 B
Image
General
Full URL
http://cdn.viglink.com/images/pixel.gif?ch=2&rn=4.861029731694454
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
HTTP/1.1
Server
2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:11 GMT
CF-Cache-Status
HIT
Age
10
CF-RAY
59c02c2e0ed26353-FRA
Connection
keep-alive
Content-Length
43
x-amz-id-2
xTh87DVpxz172YvqbwXeZDUt+fLYZR6fz00ozDg/KADaSJA/mgyIjZjZY0n4gAere/7jGzLriok=
Last-Modified
Tue, 10 Feb 2015 03:29:39 GMT
Server
cloudflare
ETag
"221d8352905f2c38b3cb2bd191d630b0"
Vary
Accept-Encoding
x-amz-request-id
0C13AF182562D257
Cache-Control
max-age=15, must-revalidate
cf-request-id
030bf9f0c900006353b1989200000001
Accept-Ranges
bytes
Content-Type
image/gif
/
graph.facebook.com/
143 B
549 B
Fetch
General
Full URL
https://graph.facebook.com/?fields=og_object%7Bengagement%7Bcount%7D%7D&id=http%3A%2F%2Ftrumptide.us%2F
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/b025c8e5/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4f6f5ee74e06c788b9bc548e5715fe5dd8e408cbced243572fc93c44ddf448e2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
etag
"b8c5b715690e1f04020f5e3de068d259e366b9a1"
status
200
x-fb-rev
1002186449
alt-svc
h3-27=":443"; ma=3600
content-length
143
pragma
no-cache
x-fb-debug
HLxiNyq9+6nj5/nI8HcYd/t7LUCy/F+GUmaDSdO8wwEHkGW6sq1HhcdVsnbKzyS9H3r78YW5X83x90tCPYqd6A==
x-fb-trace-id
C+OxPp5gR/y
date
Sun, 31 May 2020 10:57:11 GMT, Sun, 31 May 2020 10:57:11 GMT
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
Aeo8kz9JWPhpuhAvoRpSRL2
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v3.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
count.json
api.pinterest.com/v1/urls/
52 B
278 B
Script
General
Full URL
https://api.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Ftrumptide.us%2F&callback=JSONP_3858
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/b025c8e5/sharebuttons.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cdf4af284fe22a43f93078385232edef872123d22fc2e357b202511f7268edc9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:11 GMT
x-content-type-options
nosniff
x-cdn
fastly
age
0
status
200
content-type
application/javascript
access-control-allow-origin
*
cache-control
private
x-envoy-upstream-service-time
2
x-pinterest-rid
8955448032533741
content-length
52
expires
Sun, 31 May 2020 11:12:11 GMT
sholic.js
px.owneriq.net/stas/s/
16 KB
5 KB
Script
General
Full URL
https://px.owneriq.net/stas/s/sholic.js
Requested by
Host: partner.shareaholic.com
URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Ftrumptide.us%2F&canonical=http%3A%2F%2Ftrumptide.us&cl=undefined&id_sync=ccc2f79c-65ca-4bce-ab0a-5c521ac8e183&minify=1&pvs=1&site=29e916a98054b410a1a02f1c1db98c54
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.61.90 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-61-90.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2d444243c4617347df1c965e43c057c4b87c025e746c2af9a02d5663d3c3f1fe

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Mar 2017 01:23:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Content-Length
4924
Expires
Mon, 01 Jun 2020 08:50:37 GMT
taglw.aspx
ml314.com/
11 KB
5 KB
Script
General
Full URL
https://ml314.com/taglw.aspx?314
Requested by
Host: partner.shareaholic.com
URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Ftrumptide.us%2F&canonical=http%3A%2F%2Ftrumptide.us&cl=undefined&id_sync=ccc2f79c-65ca-4bce-ab0a-5c521ac8e183&minify=1&pvs=1&site=29e916a98054b410a1a02f1c1db98c54
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.133.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-133-202.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dbc6f8482e109c50a08070e9c7abfa0812ad9ee2f25d2170dbaf9f6ae388d9d8

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:11 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 May 2020 11:27:38 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=1826
Connection
keep-alive
Content-Length
4999
Expires
Sun, 31 May 2020 11:27:38 GMT
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: partner.shareaholic.com
URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Ftrumptide.us%2F&canonical=http%3A%2F%2Ftrumptide.us&cl=undefined&id_sync=ccc2f79c-65ca-4bce-ab0a-5c521ac8e183&minify=1&pvs=1&site=29e916a98054b410a1a02f1c1db98c54
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-31-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Mon, 01 Jun 2020 10:57:11 GMT
afsh.js
cdn.tynt.com/
11 KB
4 KB
Script
General
Full URL
https://cdn.tynt.com/afsh.js
Requested by
Host: partner.shareaholic.com
URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Ftrumptide.us%2F&canonical=http%3A%2F%2Ftrumptide.us&cl=undefined&id_sync=ccc2f79c-65ca-4bce-ab0a-5c521ac8e183&minify=1&pvs=1&site=29e916a98054b410a1a02f1c1db98c54
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f4974b69bd1660a87a8790626954283add7124ffa54347055484f283368d60c

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:11 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 18 May 2020 19:31:45 GMT
server
cloudflare
age
55500
etag
W/"5ec2e2a1-2ad7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=259200
cf-ray
59c02c2f98d6cc42-ZRH
cf-request-id
030bf9f1bd0000cc421f015200000001
expires
Wed, 03 Jun 2020 10:57:11 GMT
tpid=ccc2f79c-65ca-4bce-ab0a-5c521ac8e183
sync.crwdcntrl.net/map/ct=y/c=9193/tp=SHLC/
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9193/tp=SHLC/tpid=ccc2f79c-65ca-4bce-ab0a-5c521ac8e183
  • https://sync.crwdcntrl.net/map/ct=y/c=9193/tp=SHLC/tpid=ccc2f79c-65ca-4bce-ab0a-5c521ac8e183
49 B
710 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/ct=y/c=9193/tp=SHLC/tpid=ccc2f79c-65ca-4bce-ab0a-5c521ac8e183
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 May 2020 10:57:11 GMT
status
200
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.41
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 31 May 2020 10:57:11 GMT
status
302
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/map/ct=y/c=9193/tp=SHLC/tpid=ccc2f79c-65ca-4bce-ab0a-5c521ac8e183
cache-control
no-cache
x-server
10.45.27.49
content-length
0
expires
0
bk-coretag.js
tags.bkrtx.com/js/
Redirect Chain
  • http://tags.bkrtx.com/js/bk-coretag.js
  • https://tags.bkrtx.com/js/bk-coretag.js
30 KB
11 KB
Script
General
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.78.156 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-78-156.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
d406a6cab9bdacdbb630437c932d1c38fa7ebbfedccb57b90952610e8b2b2130
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 26 May 2020 20:03:16 GMT
Server
nginx/1.15.8
ETag
W/"5ecd7604-784f"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Date
Sun, 31 May 2020 10:57:11 GMT
Connection
keep-alive
Content-Length
10652
Expires
Sun, 07 Jun 2020 10:57:11 GMT

Redirect headers

Date
Sun, 31 May 2020 10:57:11 GMT
Server
AkamaiGHost
Cache-Control
max-age=604800
Location
https://tags.bkrtx.com/js/bk-coretag.js
X-N
S
Connection
keep-alive
Content-Length
0
Expires
Sun, 07 Jun 2020 10:57:11 GMT
p
ic.tynt.com/b/
35 B
523 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=sh!sh&lm=0&ts=1590922631637&dn=AFSH&iso=0&img=http%3A%2F%2Ftrumptide.us%2Ftrumptide.png&t=TrumpTide%3A%20What%27s%20Rising%3F&cu=http%3A%2F%2Ftrumptide.us
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 10:57:12 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
etag
"4bc8846c-23"
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
status
200
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-type
image/gif
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
noop
px.owneriq.net/ Frame B666
Redirect Chain
  • https://px.owneriq.net/eps?pt=sholic&pid=1693&uid=Q6442090312092253042J&l=true
  • https://px.owneriq.net/noop?ct=text%2Fhtml
0
0
Document
General
Full URL
https://px.owneriq.net/noop?ct=text%2Fhtml
Requested by
Host: px.owneriq.net
URL: https://px.owneriq.net/stas/s/sholic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.61.90 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-61-90.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
px.owneriq.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://trumptide.us/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
0
Content-Type
text/html
Date
Sun, 31 May 2020 10:57:11 GMT
Connection
keep-alive

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://px.owneriq.net/noop?ct=text%2Fhtml
Date
Sun, 31 May 2020 10:57:11 GMT
Connection
keep-alive
noop
px.owneriq.net/
Redirect Chain
  • https://px.owneriq.net/j/?pt=sholic&t=d%7C%22Government%2520Services%22&s=inte
  • https://px.owneriq.net/noop?ct=application%2Fx-javascript
0
302 B
Script
General
Full URL
https://px.owneriq.net/noop?ct=application%2Fx-javascript
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.61.90 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-61-90.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:11 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
application/x-javascript

Redirect headers

Location
https://px.owneriq.net/noop?ct=application%2Fx-javascript
Date
Sun, 31 May 2020 10:57:11 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=19376307&c3=1&ns__t=1590922631685&ns_c=UTF-8&cv=3.5&c8=TrumpTide%3A%20What%27s%20Rising%3F&c7=http%3A%2F%2Ftrumptide.us%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=19376307&c3=1&ns__t=1590922631685&ns_c=UTF-8&cv=3.5&c8=TrumpTide%3A%20What%27s%20Rising%3F&c7=http%3A%2F%2Ftrumptide.us%2F&c9=&cs_ak_ss=1
0
528 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=19376307&c3=1&ns__t=1590922631685&ns_c=UTF-8&cv=3.5&c8=TrumpTide%3A%20What%27s%20Rising%3F&c7=http%3A%2F%2Ftrumptide.us%2F&c9=&cs_ak_ss=1
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-31-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 May 2020 10:57:11 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=19376307&c3=1&ns__t=1590922631685&ns_c=UTF-8&cv=3.5&c8=TrumpTide%3A%20What%27s%20Rising%3F&c7=http%3A%2F%2Ftrumptide.us%2F&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Sun, 31 May 2020 10:57:11 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
41110
stags.bluekai.com/site/ Frame DAEF
0
0
Document
General
Full URL
https://stags.bluekai.com/site/41110?ret=html&phint=sh005%3D1111745&phint=sh005%3D1111845&phint=sh001%3D24815323&phint=sh001%3D13594596&phint=sh004%3D10813254&phint=sh004%3D10813255&phint=sh004%3D10813351&phint=sh005%3D1111762&phint=sh004%3D10813253&phint=sh005%3D1111741&phint=sh001%3D2897588&phint=sh001%3D10930641&phint=sh001%3D12644396&phint=sh005%3D6573862&phint=sh004%3D10813269&phint=sh005%3D1111739&phint=sh004%3D10813248&phint=sh005%3D1112464&phint=sh001%3D10930608&phint=sh005%3D1112465&phint=sh001%3D24816761&phint=sh004%3D10813284&phint=sh001%3D12644461&phint=sh004%3D8762415&phint=sh005%3D8854531&phint=__bk_t%3DTrumpTide%3A%20What%27s%20Rising%3F&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2Ftrumptide.us%2F&phint=__bk_v%3D3.1.5&limit=1&r=47824525
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.237.36 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-237-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
stags.bluekai.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://trumptide.us/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://trumptide.us/

Response headers

Content-Type
text/html
Content-Length
71
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server
deb
Date
Sun, 31 May 2020 10:57:12 GMT
Connection
keep-alive
X-N
S
utsync.ashx
ml314.com/
323 B
1 KB
Script
General
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=51840&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=http%3A%2F%2Ftrumptide.us%2F&pv=1590922631780_tuo1cfl20&bl=en-us&cb=384805&return=&ht=&d=&dc=&si=1590922631780_tuo1cfl20&cid=&s=1600x1200&rp=&nc=1
Requested by
Host: ml314.com
URL: https://ml314.com/taglw.aspx?314
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.133.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-133-202.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
74f2a541d027a987f80c53701fe9af9a0dccffb8cc5c3579f8fdc991c5341d55

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 May 2020 10:57:10 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
340
Expires
0
utsync.ashx
ml314.com/
438 B
1 KB
Script
General
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=51840&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=http%3A%2F%2Ftrumptide.us%2F&pv=1590922631782_jqcjswnsc&bl=en-us&cb=5838603&return=https%3A%2F%2Fpixel.shareaholic.com%2Frsync.gif%3Fp%3D24%26u%3D%5BPersonID%5D%26s%3Dccc2f79c-65ca-4bce-ab0a-5c521ac8e183&ht=&d=&dc=&si=1590922631780_tuo1cfl20&cid=&s=1600x1200&rp=&nc=1
Requested by
Host: ml314.com
URL: https://ml314.com/taglw.aspx?314
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.133.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-133-202.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f039a581a263dcb90afab8c3e3a5683681a8566d4e4595f3903fa154cbb6561f

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 May 2020 10:57:11 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
388
Expires
0
csync.ashx
ml314.com/
Redirect Chain
  • https://tags.bluekai.com/site/20486?limit=0&id=3610659882418569304&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=3610659882418569304%26eid=50056
  • https://ml314.com/csync.ashx?fp=IwAaBy9999Yml5BK&person_id=3610659882418569304&eid=50056
43 B
312 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=IwAaBy9999Yml5BK&person_id=3610659882418569304&eid=50056
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.133.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-133-202.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:11 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Mon, 01 Jun 2020 06:57:12 GMT

Redirect headers

Location
https://ml314.com/csync.ashx?fp=IwAaBy9999Yml5BK&person_id=3610659882418569304&eid=50056
Date
Sun, 31 May 2020 10:57:12 GMT
Connection
keep-alive
Content-Length
0
BK-Server
deb
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2p4Vw88MsIUx3MTmcnVEQRZXz_yDJSTqIgAXClDJ844A&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil
  • https://ml314.com/csync.ashx?fp=2p4Vw88MsIUx3MTmcnVEQRZXz_yDJSTqIgAXClDJ844A&person_id=3610659882417520739&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:12 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Sun, 31 May 2020 10:57:11 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Location
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Cache-Control
private
Connection
keep-alive
Content-Length
168
Expires
Mon, 01 Jun 2020 06:57:12 GMT
ping
api.viglink.com/api/
234 B
912 B
XHR
General
Full URL
http://api.viglink.com/api/ping
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Server
34.250.145.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-145-255.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
1430feff983d276bd762e2fca82d99069eb30bc0c91394b505d1443cd5157b22

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 31 May 2020 10:57:11 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
http://trumptide.us
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
234
Expires
Thu, 01 Jan 1970 00:00:00 GMT
csync.ashx
ml314.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=3610659882417520739%26eid=50220
  • https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=3610659882417520739%26eid=50220&mm_bnc&mm_bct&UUID=a8835ed3-8d88-4f00-950d-ad8749248492
  • https://ml314.com/csync.ashx?fp=a8835ed3-8d88-4f00-950d-ad8749248492&person_id=3610659882417520739&eid=50220
43 B
312 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=a8835ed3-8d88-4f00-950d-ad8749248492&person_id=3610659882417520739&eid=50220
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.133.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-133-202.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:12 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Mon, 01 Jun 2020 06:57:12 GMT

Redirect headers

Date
Sun, 31 May 2020 10:57:12 GMT
Server
MT3 2529 ae113af master cdg-pixel-x8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ml314.com/csync.ashx?fp=a8835ed3-8d88-4f00-950d-ad8749248492&person_id=3610659882417520739&eid=50220
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Sun, 31 May 2020 10:59:19 GMT
rsync.gif
pixel.shareaholic.com/
43 B
249 B
Image
General
Full URL
https://pixel.shareaholic.com/rsync.gif?p=24&u=3610659882417520739&s=ccc2f79c-65ca-4bce-ab0a-5c521ac8e183
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.53.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-53-33.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 May 2020 10:57:12 GMT
p3p
CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
v2
de.tynt.com/deb/
4 B
258 B
Script
General
Full URL
https://de.tynt.com/deb/v2?id=sh!sh&dn=AFSH&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afsh.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-110.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 31 May 2020 10:57:12 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Sat, 26 Jul 1997 05:00:00 GMT
domains
api.viglink.com/api/
169 B
613 B
XHR
General
Full URL
http://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Server
34.250.145.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-145-255.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
ce49259fa02138a7d7e9df1812059e71d72b91209c8245eed37f9ba0a36adcbb

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 31 May 2020 10:57:11 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
http://trumptide.us
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
169
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200526&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c5153af48c6830f9c3bb159927c795969b5a20a0110f6acd06054d0c60e24c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 May 2020 10:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5748
x-xss-protection
0
mod_pagespeed_beacon
trumptide.us/
0
187 B
XHR
General
Full URL
http://trumptide.us/mod_pagespeed_beacon?url=http%3A%2F%2Ftrumptide.us%2F
Requested by
Host: trumptide.us
URL: http://trumptide.us/
Protocol
HTTP/1.1
Server
45.79.199.138 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1298-138.members.linode.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sun, 31 May 2020 10:57:12 GMT
Cache-Control
max-age=0, no-cache
Server
Apache/2.4.25 (Debian)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
sodar2.js
tpc.googlesyndication.com/sodar/
14 KB
6 KB
Script
General
Full URL
http://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1582746470043195"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=3000
Accept-Ranges
bytes
Content-Length
5456
X-XSS-Protection
0
Expires
Sun, 31 May 2020 10:57:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame E8CF
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://trumptide.us/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://trumptide.us/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Sun, 31 May 2020 10:38:20 GMT
expires
Mon, 31 May 2021 10:38:20 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1132
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
55 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200526&jk=1132829244339067&bg=!IiGlITlY8Uu2QXZtt2ICAAAARFIAAAAOmQFzCwVxXy1ZZlm13nTBD7nbhl7vF1SmH0wbDiA2khwhf7gxj6dvptXpdyIWpVTlQaR7EKnp1_vOnfxWS-0_pXb7EljTgHMIqQLzWhTteIeNLR6i4YuuuTMX-dI_O8NVdQEx3CKmAAlD-XXcer37407J1nBAj8LDV6uYc1TCH4a2F2oV8kdJce2jhjNnyOxlKSvLZY9iUvgBL0lvnXuMfjymqXDOcYfGsdjHjf1IqGLuB11TBZza7T5e6pnppWnSYa3ej5tDDyQecLvD9Fk192DGLsQ9l_AubXAonDo8sca5MwbQrYPNd0Rr33jJqbBaIE9GUWDcqWgLFY3cvLILambP_USkRqPPTsbXGk-kxkdfXCfK22BJCm0S4NKjFWPDSJS-c1gKAgtW1KvhjaznB1VfScXLZc94RxFcfC_5K1kQ7h55ASmBxyZBe9Z7h26bLVBYD1dzKWxr3CML0ZeMG5JlUrxiqmaXKHHR4XB2Dm0tSpZ3TIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 May 2020 10:57:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hashes.json
trumptide.us/
1 KB
1 KB
XHR
General
Full URL
http://trumptide.us/hashes.json
Requested by
Host: trumptide.us
URL: http://trumptide.us/script.js.pagespeed.jm.UIaeacWI8P.js
Protocol
HTTP/1.1
Server
45.79.199.138 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1298-138.members.linode.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
1cb38e1efedd2bb3cba4dcbacefcbb70e971ac226e4e1522e5da21dfa33f7706

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:20 GMT
Last-Modified
Sun, 31 May 2020 10:57:02 GMT
Server
Apache/2.4.25 (Debian)
ETag
"41b-5a6ef89c8d235"
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1051
hashes.json
trumptide.us/
1 KB
1 KB
XHR
General
Full URL
http://trumptide.us/hashes.json
Requested by
Host: trumptide.us
URL: http://trumptide.us/script.js.pagespeed.jm.UIaeacWI8P.js
Protocol
HTTP/1.1
Server
45.79.199.138 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1298-138.members.linode.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
1cb38e1efedd2bb3cba4dcbacefcbb70e971ac226e4e1522e5da21dfa33f7706

Request headers

Referer
http://trumptide.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 10:57:30 GMT
Last-Modified
Sun, 31 May 2020 10:57:02 GMT
Server
Apache/2.4.25 (Debian)
ETag
"41b-5a6ef89c8d235"
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1051

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| shrJsonp function| Shareaholic object| pagespeed object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars object| hashes function| setCookie function| getCookie undefined| oldhashes undefined| hash number| firstload number| countdowncount undefined| thedata string| originaltitle function| updatebreaking function| fiximages function| countdown string| GoogleAnalyticsObject function| ga boolean| publisherConfigLoaded object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| __shrTracker function| vglnk boolean| __v5k function| vl_cB function| vl_disable function| vglnk_15909226313606 function| JSONP_3858 object| _oiqq object| _ml object| _comscore object| Tynt object| _33Across function| __cmp function| __uspapi function| oiq_send_logging_error function| oiq_addPageMfg function| oiq_addPageBrand function| oiq_addPageDT function| oiq_addPageCat function| oiq_addPageProduct function| oiq_addPageSource function| oiq_addPageLifecycle function| oiq_addUserId function| oiq_addCustomKVP function| oiq_pushDCT function| oiq_ddPush function| oiq_is function| oiq_iifr function| oiq_sha256 function| oiq_md5 function| oiq_doTag boolean| _oiq_fps_js undefined| oiq_key object| t function| f function| oiq_getRefererImgURL function| oiq_parseURL function| oiq_findQueryArgument object| OIQLogging function| oiq_ii function| oiq_log_event object| oiq_pt string| oiq_uid number| _oiqSC object| oiq_pDT object| oiq_pSource function| udm_ object| ns_p object| COMSCORE object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut undefined| vglnk_15909226318617 undefined| vglnk_15909226320359 object| GoogleGcLKhOms object| google_image_requests

9 Cookies

Domain/Path Name / Value
.bluekai.com/ Name: bkdc
Value: phx
.doubleclick.net/ Name: DSID
Value: NO_DATA
.trumptide.us/ Name: _gat
Value: 1
.bluekai.com/ Name: bku
Value: Ok999/iB6NfI3xDl
.doubleclick.net/ Name: IDE
Value: AHWqTUk-OcQYyWqdfhXp1nRfVyQwn6kk1G9EGAql1PRw_R6JxBev7AUi9aGXrJa2
.trumptide.us/ Name: _gid
Value: GA1.2.1467772960.1590922631
.trumptide.us/ Name: _ga
Value: GA1.2.2131989890.1590922631
.bluekai.com/ Name: bkpa
Value: KJh+pWLvyM9x9BentYTfA2IxYAWxWzHNN6cuu9BBspJjbml+9PydK1YoHjYGnPlVkaBptv4jvHJ/jgHVSZWBMxoNUImz3k+Svlys0vLuKQCfCLe4nxyFUMb5rgInmd7g66dET2jJvgc0FF7dTIchW/BGb9Kh60zV
trumptide.us/ Name: hashes
Value: {"467ac7fe894eb3b0448ec232b1c95c8f":1,"9e3d23fff98027c1451a3dfcfefe9557":1,"0c5400caf99de42a5a45974fb27a5ed1":1,"f8e7c85f59a3b0feedc6765376ac0f33":1,"f9b0d0352ceb199ae720670fdb438190":1,"ce4b85f753b15d515de1be8ef6daa7c3":1,"821c1a8a7a9fa025c78e3b911221c720":1,"ac1cab495b963d32cba28505992a8419":1,"9cbfe98dfcd086baf738d47bb096f098":1,"54d34f99a70ae4b9d018f142ba4a00d6":1,"90f97bd71486d91aa601c6f2ad480530":1,"31256313dc28ca1f18743baea01fd912":1,"8a1c53d87226ec44c05abfebf997e2d6":1,"2be7c93c0d75ab6c6861de4323796962":1,"85c1a122620894200ff2d4dcb6546264":1,"0081d3b49a9424079f29a47c12a081a9":1,"23c88fae274dae3ffe77a7643bbd7766":1,"533e755731c747ef054d92d9308cf9e6":1,"c2fd07b380807990fc96a2a8c231bf6d":1,"020fd51fffa0c7349491def98d2ef75e":1,"f3f4e48060e830e9e017b5ee15982e61":1,"08309e0c8801a718db2bd30e1a361f9c":1,"9bbfb1e9d1a6b1f5289d9d2312b1bb14":1,"ac7a82e60a379d3d0577c1541e344e64":1,"e05098ac130fd9ed13cbc0c2a7a183b6":1,"074ad6cb83d6108c07db5a0bfd5addb7":1,"572dfae733bfb937954dae91b010e174":1,"605515db4723e351cf920f91f75b812d":1,"ecd0f6680e520ce37a338d2efc7a5d1b":1,"b828eee536903fa4de819bcd3736929b":1}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a57.foxnews.com
adservice.google.com
adservice.google.de
ais.badische-zeitung.de
analytics.shareaholic.com
api.pinterest.com
api.viglink.com
cdn.tynt.com
cdn.viglink.com
cdni.rt.com
cloudfront-eu-central-1.images.arcpublishing.com
de.tynt.com
ds1.static.rtbf.be
dsms0mj1bbhn4.cloudfront.net
external-frt3-2.xx.fbcdn.net
googleads.g.doubleclick.net
graph.facebook.com
i.insider.com
i.ytimg.com
i0.wp.com
ic.tynt.com
image.stern.de
img.bfmtv.com
leadstories.com
m1.quebecormedia.com
m9m6e2w5.stackpathcdn.com
maldita.es
media.breitbart.com
media.townhall.com
mediastiriv1.freenode.ro
ml314.com
pagead2.googlesyndication.com
partner.shareaholic.com
pixel.mathtag.com
pixel.shareaholic.com
ps.eyeota.net
px.owneriq.net
s31242.pcdn.co
sb.scorecardresearch.com
scontent-amt2-1.xx.fbcdn.net
scontent-bru2-1.xx.fbcdn.net
scontent-cdg2-1.xx.fbcdn.net
scontent-dfw5-2.xx.fbcdn.net
scontent-nrt1-1.xx.fbcdn.net
scontent-yyz1-1.xx.fbcdn.net
scontent.fhen1-1.fna.fbcdn.net
stags.bluekai.com
static.ffx.io
static.independent.co.uk
static01.nyt.com
sync.crwdcntrl.net
tags.bkrtx.com
tags.bluekai.com
theconservativeopinion.com
tpc.googlesyndication.com
trumptide.us
www.bfmtv.com
www.google-analytics.com
www.googletagservices.com
www.lepoint.fr
www.shareaholic.net
www.telegraaf.nl
104.16.88.26
104.22.23.189
107.20.140.231
13.224.95.108
13.224.95.50
13.224.95.8
13.224.95.94
151.101.113.184
151.101.13.164
151.101.14.217
151.101.36.84
151.139.128.11
184.73.100.94
192.0.77.2
194.1.147.91
2.16.187.17
2.16.31.65
2.18.233.201
205.185.216.42
208.100.17.186
212.95.74.45
23.210.248.110
23.37.61.90
23.45.237.36
23.8.12.20
2600:9000:2190:9e00:c:d51b:4400:21
2606:4700:10::6816:1db1
2606:4700:10::6816:2493
2606:4700:3032::6812:3878
2606:4700::6810:a40d
2606:4700::6812:15f5
2a00:1450:4001:802::2002
2a00:1450:4001:809::2001
2a00:1450:4001:815::2001
2a00:1450:4001:816::2002
2a00:1450:4001:81b::200e
2a00:1450:4001:81d::2016
2a02:2d8:0:6005:face:b00c:0:a7
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f00e:13:face:b00c:0:3
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f01f:6:face:b00c:0:3
2a03:2880:f021:b:face:b00c:0:3
2a03:2880:f034:11a:face:b00c:0:3
2a03:90c0:9997::9997
2a04:4e42:1b::319
2a04:4e42:1b::645
3.120.214.218
34.250.145.255
34.253.109.165
34.253.133.202
35.241.35.213
45.79.199.138
50.19.53.33
52.22.109.130
67.202.110.34
95.100.78.156
0196b08359dbf277474371503f3d3c1bc3b3f10e9a8f1b8cc1779d81d02feae5
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0c65fa3c1b4d51b887aa7ef10c789e555982b526f942febd788dc8082f47af03
1430feff983d276bd762e2fca82d99069eb30bc0c91394b505d1443cd5157b22
1479627f3cf1279beced42cdb66c4e7cd71e6006626a1ae2c252478fc38810ae
195ff4dc6e126ae9031d0baf63404602aa841f3a5c80221fddc7f40eb876c565
1a7f79138ffa3e4d12ec754173b24d5f2c69a7a6cd79a71273374eca04228729
1cb38e1efedd2bb3cba4dcbacefcbb70e971ac226e4e1522e5da21dfa33f7706
21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c
23ceaedd69756e02b1f260bc8d22ad177b9f35df34b202b59a3a2b5a0f6fe59e
26ab1f3d53089825fd05700e5518ee60a7ff1290d07fbb4ad5b07b4ac4953685
2a6ca454449774f9961919085c5d3d8b64073dec812b0c4fc3607bd692af2c65
2d444243c4617347df1c965e43c057c4b87c025e746c2af9a02d5663d3c3f1fe
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fc393e24e4ad6057eebee1951e5e6717ebd166ae945df10678f3eef58aa35e4
33c8416b0714310973b7cc9959c9204089ad473930435a0002b528da10420a8a
3576ad6f8a7fcc99866414f654945e357a47b086966a39515b737b2540338030
3a4ec4443d19777bf148ab1d7fd098cec7810d1cdad35cdc28efebcf11850900
3c5153af48c6830f9c3bb159927c795969b5a20a0110f6acd06054d0c60e24c7
3e8b631694236bcddc305b401a8a7e99f371ac867edaa76f89172b4ea3332199
4c763a3d51fe1f613300e87a1e386580c28928bed881c451c62ca97ebe0cdc9f
4f6f5ee74e06c788b9bc548e5715fe5dd8e408cbced243572fc93c44ddf448e2
540c0f907caef2904002b52fbda537e4c1e5ef66e530569774a8e6666b302eb0
55f573aee3ff02a4e042d3a558fde2ddb7eb929a7afd35ee1406c7631627052f
568a502aa767d3c49d8d68d6a7f5a88e2ed15bff9a64be1161d7b5fa3a698c2a
572d99fbc8728f1de946e76de571afb628f1d3a34fe14b8e991482e2cae20612
62b77cbfc2319062b6625c0e40ec100ce0f222158243cead15d94e67efa66081
65a57a02a7b83d411aee0fb096b53fb04b7e4275953f469e1dacaec7c8fda477
67f87a66ecdd20f402319f75ac9bf689f4c204f06e6cb65410bc08f3b831558c
6b60c7dda4aa9134ce1660079ee0a2484bb3d2bae50c40f69a215285e64a1fc3
714d7de1f0a2dec951d944af690510dc3a395d88533abbb8c8b6b73005edd64f
7179ff47dd69b41f226a792f855bd0a04d74bbc4e6f4f56448787af40a62935f
74f2a541d027a987f80c53701fe9af9a0dccffb8cc5c3579f8fdc991c5341d55
7c21195a0fa765f1ee20bf5488e69d3b32a58a2265670e2f69f3113f85b22193
8302955ad6463a2d3d4478a5fcb443b5a53f8f4404cc56f81ba539d09f9bb599
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86576d4ce14d5b36cfd37e5f30259e50f13b392de90b09a51402eceda93f57ad
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8efa4cbd46c5661b0b8dfcdf51c12cd1c7eedba1f7f751c314df86fead7d1c5b
90fadc153cb3202eb4e63fa7f561f19d28ba6b66e1a91a57813c66c3032d54d9
96ebc0d601b4e6dc00db4e5e799df226cb1e5f1c77e32258deaa42f7e51a379d
9c149e6370919321d3e6b7c321b31da7206f863ae9e7de6155f3609c7231ae63
9db5ab502578667746d4e069360773b579f18dc24a347817c55df450b00d7ce3
9f4974b69bd1660a87a8790626954283add7124ffa54347055484f283368d60c
9ffcaa2d8dc7e7604e39d1c3b50a2c8016982d09827dad7ad30081f41b0b0de0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
ab6eb2deca3ca6902b547d6af566051d77816ea3257c38517b07c7d82d670087
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ebf5624e75a296ab92ec241f3dfba56d95382fe2516ca4352c4f0ea40419be
b24f444b9e8511ce60330701189e0623823a30e7050077214c94412bc5b21eb9
bc1c61235e80ec8e416374c9a6b58c20579b890aba86d77ac6174395c5728815
c114ff10d62008ee27667861700b154bc2a1a745b8541a32baf08e5719c3c335
c40fc8c8931402d8cc86e1dcc29cfd7319f22a6ad04b7d70ea6dd80d39acc173
c4284fae93a0ed01f16fb17e4c115916d1ac5763bf75c1d3d0b5965965da3f42
c7aee21ba359179e0f3deb120113a9ca720f29dd5985452bc9275c1585bd8458
c8a1144012417be93244cf9ea14919a1ec5c780007024a87afc40f281fe34a2a
cdf4af284fe22a43f93078385232edef872123d22fc2e357b202511f7268edc9
ce49259fa02138a7d7e9df1812059e71d72b91209c8245eed37f9ba0a36adcbb
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d3b1accd8f29d6717ad72233bfb7fb7da255a06ef81471e70476ba2c06cb2310
d406a6cab9bdacdbb630437c932d1c38fa7ebbfedccb57b90952610e8b2b2130
d41360e1cd16b52dd39c0aa923a2276004ef7b5127bc8b79463a8f4f596ffc3e
d95fde5b57f29c4e0b3f8e0761ffc0fa2e7ed111083581880359cf730a519bef
dbc6f8482e109c50a08070e9c7abfa0812ad9ee2f25d2170dbaf9f6ae388d9d8
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9a689f5014b2f2619004b4559f1d5ccdc7e50eb2d309124b388b1d0d6193ac8
f039a581a263dcb90afab8c3e3a5683681a8566d4e4595f3903fa154cbb6561f
f0c66074cea3b6a06b63bd4976f312c52d7e2722b6206b04d3158c77395d8abb
f6c723b3ba8c0dfd8b765487d6cd35cff96b8c54726230b6f5d7ad503688932c
f78ab01c230d1137acf6ddd944b8c74ca55fc21f93495c875a21428e4d2c0408