www.brandonsun.com Open in urlscan Pro
2a04:fa87:fffd::c000:4221 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.brandonsun.com/
Effective URL:
https://www.brandonsun.com/
Submission: On September 22 via api (September 22nd 2022, 3:54:02 pm UTC) from US — Scanned from DE

Summary HTTP 156 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 40 IPs in 6 countries across 19 domains to perform 156 HTTP transactions. The main IP is 2a04:fa87:fffd::c000:4221, located in Ireland and belongs to AUTOMATTIC, US. The main domain is www.brandonsun.com.
TLS certificate: Issued by R3 on July 27th 2022. Valid for: 3 months.

This is the only time www.brandonsun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	2a04:fa87:fff... 2a04:fa87:fffd::c000:4221	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:400e:802::200a	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:10e... 2a02:26f0:10e:380::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:893::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.180.230 142.250.180.230	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	174.137.122.128 174.137.122.128	40495 (ASN-MARCHEX) (ASN-MARCHEX)
2	2a00:1450:400... 2a00:1450:400d:80c::2003	15169 (GOOGLE) (GOOGLE)
1	18.204.108.195 18.204.108.195	14618 (AMAZON-AES) (AMAZON-AES)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:402... 2a00:1450:4025:402::9b	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.89.81.207 54.89.81.207	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	205.200.191.140 205.200.191.140	7122 (MTS-ASN) (MTS-ASN)
4	147.75.85.120 147.75.85.120	54825 (PACKET) (PACKET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	147.75.83.64 147.75.83.64	54825 (PACKET) (PACKET)
22	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	50.17.180.6 50.17.180.6	() ()
1	205.200.191.105 205.200.191.105	() ()
10	2a00:1450:400... 2a00:1450:400d:806::2001	() ()
1	2a00:1450:400... 2a00:1450:400d:807::2002	() ()
156	40

33 2a04:fa87:fffd::c000:4221 (Ireland) 1 redirects

ASN2635 (AUTOMATTIC, US)

www.brandonsun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:10e:380::268b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80e::200e (Ireland)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:893::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net

10441863.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.122.128 (United States)

ASN40495 (ASN-MARCHEX, US)

rw1.marchex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.204.108.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-108-195.compute-1.amazonaws.com

winnipeg-free-press-snowplow-collector.localnewslab.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:402::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80d::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.89.81.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-81-207.compute-1.amazonaws.com

px.marchex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.200.191.140 (Winnipeg, Canada)

ASN7122 (MTS-ASN, CA)
PTR: 205-200-200-191-140.static.bellmts.net

account.brandonsun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 147.75.85.120 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

api.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.17.180.6 (None, )

ASN- ()

brandonsun-can.newsmemory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.200.191.105 (None, )

ASN- ()

passages.brandonsun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:806::2001 (None, )

ASN- ()

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2002 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	brandonsun.com 1 redirects www.brandonsun.com account.brandonsun.com passages.brandonsun.com	1 MB
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 142	360 KB
19	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 10441863.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net	222 KB
14	google.com 2 redirects translate.google.com — Cisco Umbrella Rank: 1187 news.google.com — Cisco Umbrella Rank: 5276 apis.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 75	119 KB
12	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 4864 scdn.cxense.com — Cisco Umbrella Rank: 11576 api.cxense.com — Cisco Umbrella Rank: 6864 p1cluster.cxense.com — Cisco Umbrella Rank: 7411 comcluster.cxense.com — Cisco Umbrella Rank: 4637 id.cxense.com — Cisco Umbrella Rank: 9015	121 KB
10	ampproject.org cdn.ampproject.org	217 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	109 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	564 B
4	google.de www.google.de — Cisco Umbrella Rank: 6352 adservice.google.de — Cisco Umbrella Rank: 9081	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 394 www.linkedin.com — Cisco Umbrella Rank: 623 px4.ads.linkedin.com — Cisco Umbrella Rank: 6198	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	198 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2989	20 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	245 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40 translate.googleapis.com — Cisco Umbrella Rank: 821	98 KB
3	marchex.io rw1.marchex.io — Cisco Umbrella Rank: 28889 px.marchex.io — Cisco Umbrella Rank: 16211	10 KB
1	googletagservices.com www.googletagservices.com	44 KB
1	newsmemory.com brandonsun-can.newsmemory.com	45 KB
1	localnewslab.io winnipeg-free-press-snowplow-collector.localnewslab.io	313 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 769	3 KB
156	19

	Domain	Requested by
33	www.brandonsun.com	1 redirects www.brandonsun.com
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.brandonsun.com 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
12	securepubads.g.doubleclick.net	www.brandonsun.com securepubads.g.doubleclick.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	www.google.com	2 redirects www.brandonsun.com tpc.googlesyndication.com 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
4	api.cxense.com	cdn.cxense.com
4	www.facebook.com	www.brandonsun.com
4	connect.facebook.net	www.brandonsun.com connect.facebook.net
4	www.googletagmanager.com	www.brandonsun.com www.googletagmanager.com
3	googleads.g.doubleclick.net	www.brandonsun.com 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
3	adservice.google.de	adservice.google.com securepubads.g.doubleclick.net
3	adservice.google.com	10441863.fls.doubleclick.net securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	news.google.com	www.brandonsun.com news.google.com
3	cdn.cxense.com	www.brandonsun.com cdn.cxense.com
2	061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	px.ads.linkedin.com	2 redirects
2	www.gstatic.com	www.brandonsun.com translate.googleapis.com
2	rw1.marchex.io	www.googletagmanager.com rw1.marchex.io
2	10441863.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	scdn.cxense.com	www.brandonsun.com
2	translate.googleapis.com	www.brandonsun.com
2	fonts.googleapis.com	www.brandonsun.com securepubads.g.doubleclick.net
1	www.googletagservices.com	061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
1	id.cxense.com	cdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	passages.brandonsun.com
1	brandonsun-can.newsmemory.com
1	p1cluster.cxense.com	cdn.cxense.com
1	region1.google-analytics.com	www.googletagmanager.com
1	account.brandonsun.com	www.brandonsun.com
1	px.marchex.io	www.brandonsun.com
1	www.google.de	www.brandonsun.com
1	px4.ads.linkedin.com	www.brandonsun.com
1	www.linkedin.com	1 redirects
1	winnipeg-free-press-snowplow-collector.localnewslab.io	www.brandonsun.com
1	snap.licdn.com	www.googletagmanager.com
1	apis.google.com	www.brandonsun.com
1	translate.google.com	www.brandonsun.com
156	42

This site contains links to these domains. Also see Links.

Domain
account.brandonsun.com
ee.brandonsun.com
fpnewsplatform.brandonsun.com
classifieds.brandonsun.com
passages.brandonsun.com
www.fpnewspapers.com
brandonsun.newspaperarchive.com
www.facebook.com
twitter.com
www.instagram.com
plus.google.com
t.co
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
brandonsun.com R3	`2022-07-27` - `2022-10-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-17` - `2023-04-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-02` - `2022-09-30`	3 months	crt.sh
*.marchex.io GeoTrust RSA CA 2018	`2022-06-21` - `2023-06-21`	a year	crt.sh
*.localnewslab.io Amazon	`2022-08-17` - `2023-09-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
winnipegfreepress.com GeoTrust RSA CA 2018	`2022-06-02` - `2023-07-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.newsmemory.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-31`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.brandonsun.com/
Frame ID: 3C2DA7AD42A5BC16593E8494F8B823AA
Requests: 98 HTTP requests in this frame

Frame: https://10441863.fls.doubleclick.net/activityi;dc_pre=CPmEjo3hqPoCFcpKkQUd0FwJ3Q;src=10441863;type=traff0;cat=lokno00;ord=5969768980055;gtm=2wg9j0;auiddc=588398652.1663862036;~oref=https%3A%2F%2Fwww.brandonsun.com%2F
Frame ID: 3740734AA7F15D4CD7D8756A1A96B69E
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 770B080302B6F696E9E325B92506D181
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPmEjo3hqPoCFcpKkQUd0FwJ3Q;src=10441863;type=traff0;cat=lokno00;ord=5969768980055;gtm=2wg9j0;auiddc=588398652.1663862036;~oref=https%3A%2F%2Fwww.brandonsun.com%2F
Frame ID: 4DC93CC95075E0FDEAD4D8716810DA83
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPmEjo3hqPoCFcpKkQUd0FwJ3Q;src=10441863;type=traff0;cat=lokno00;ord=5969768980055;gtm=2wg9j0;auiddc=588398652.1663862036;~oref=https%3A%2F%2Fwww.brandonsun.com%2F
Frame ID: 32BC784F760D1C3BD863DFF9A21A2192
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 01794057F839E401D72D5FD7482E81DF
Requests: 4 HTTP requests in this frame

Frame: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4F79DB3026EC49EA52277B2EB50CE3A4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E5E415097860D125A212E12EBD8A531C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 49AEAECCAC92253BFC694C8FCDC68ED1
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: 45B8844DBF60EF6E1E2C3679B600AE87
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: 1CB6A697E90039348FE0C1624C305EED
Requests: 16 HTTP requests in this frame

Frame: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9683481C2F366E27B4ED5C7AC3CB5DD0
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/index.html
Frame ID: 674BC1053859E86E92A21714C44040DB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C719E7728C82B6A227D1B30345B5D0AA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Brandon Sun – Breaking News, Sports, Manitoba, Canada

Page URL History Show full URLs

http://www.brandonsun.com/ HTTP 301
https://www.brandonsun.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

156
Requests

99 %
HTTPS

74 %
IPv6

19
Domains

42
Subdomains

40
IPs

6
Countries

3238 kB
Transfer

7098 kB
Size

27
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://account.brandonsun.com/email-alerts
Title: Subscribe to Newsletters

Search URL Search Domain Scan URL

URL: https://account.brandonsun.com/home
Title: My Account

Search URL Search Domain Scan URL

URL: https://account.brandonsun.com/logout
Title: Log Out

Search URL Search Domain Scan URL

URL: https://account.brandonsun.com/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://account.brandonsun.com/register
Title: Create Account

Search URL Search Domain Scan URL

URL: https://ee.brandonsun.com/
Title: Brandon Sun

Search URL Search Domain Scan URL

URL: https://ee.brandonsun.com/?special=Westman+This+Week
Title: Westman This Week

Search URL Search Domain Scan URL

URL: https://ee.brandonsun.com/nie.php
Title: Newspapers In Education (NIE)

Search URL Search Domain Scan URL

URL: https://fpnewsplatform.brandonsun.com/email-alerts
Title: All Newsletters

Search URL Search Domain Scan URL

URL: http://classifieds.brandonsun.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://passages.brandonsun.com/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.fpnewspapers.com/
Title: FP Newspapers Inc.

Search URL Search Domain Scan URL

URL: https://brandonsun.newspaperarchive.com/
Title: Archives

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thebrandonsun/

Search URL Search Domain Scan URL

URL: https://twitter.com/thebrandonsun

Search URL Search Domain Scan URL

URL: https://www.instagram.com/brandonsunnews/

Search URL Search Domain Scan URL

URL: https://plus.google.com/106122525021213828845

Search URL Search Domain Scan URL

URL: https://t.co/dYTLBmbDGG

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ca/app/brandon-sun-news/id925774860?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.brandonsun.android.prod&hl=en

Search URL Search Domain Scan URL

URL: https://classifieds.brandonsun.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: http://classifieds.brandonsun.com/mb/announcements/search
Title: Announcements

Search URL Search Domain Scan URL

URL: http://classifieds.brandonsun.com/mb/automotive/search
Title: Automotive

Search URL Search Domain Scan URL

URL: http://classifieds.brandonsun.com/mb/jobs/search
Title: Jobs

Search URL Search Domain Scan URL

URL: http://classifieds.brandonsun.com/mb/garage-sales/search
Title: Garage Sales

Search URL Search Domain Scan URL

URL: http://classifieds.brandonsun.com/mb/merchandise/search
Title: Merchandise

Search URL Search Domain Scan URL

URL: http://classifieds.brandonsun.com/mb/pets/search
Title: Pets

Search URL Search Domain Scan URL

URL: http://classifieds.brandonsun.com/mb/homes/search
Title: Homes

Search URL Search Domain Scan URL

URL: http://classifieds.brandonsun.com/mb/services/search
Title: Services

Search URL Search Domain Scan URL

URL: http://classifieds.brandonsun.com/mb/auction-sales/search
Title: Auctions

Search URL Search Domain Scan URL

URL: http://classifieds.brandonsun.com/mb/legal-notices/search
Title: Legal Notices

Search URL Search Domain Scan URL

URL: http://classifieds.brandonsun.com/mb/tenders/search
Title: Tenders

Search URL Search Domain Scan URL

URL: http://passages.brandonsun.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.brandonsun.com/ HTTP 301
https://www.brandonsun.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://10441863.fls.doubleclick.net/activityi;src=10441863;type=traff0;cat=lokno00;ord=5969768980055;gtm=2wg9j0;auiddc=588398652.1663862036;~oref=https%3A%2F%2Fwww.brandonsun.com%2F HTTP 302
https://10441863.fls.doubleclick.net/activityi;dc_pre=CPmEjo3hqPoCFcpKkQUd0FwJ3Q;src=10441863;type=traff0;cat=lokno00;ord=5969768980055;gtm=2wg9j0;auiddc=588398652.1663862036;~oref=https%3A%2F%2Fwww.brandonsun.com%2F

Request Chain 41

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3300905&time=1663862036482&url=https%3A%2F%2Fwww.brandonsun.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3300905%26time%3D1663862036482%26url%3Dhttps%253A%252F%252Fwww.brandonsun.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3300905&time=1663862036482&url=https%3A%2F%2Fwww.brandonsun.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3300905&time=1663862036482&url=https%3A%2F%2Fwww.brandonsun.com%2F&liSync=true&e_ipv6=AQKBdfzqgM_SYgAAAYNl59vzerOZmPGUuK9nx6CQhfkWqZO-BACSGBQn9MBo4M2-b2G3DNZzOtZA

Request Chain 135

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 157

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

156 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.brandonsun.com/
Redirect Chain

http://www.brandonsun.com/
https://www.brandonsun.com/

125 KB
25 KB

595ms
554ms

Document
text/html

2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brandonsun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash: bbbf5262ab29470f60bf006242a25f578e6afa022bee7321e121869a5e9538a5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 15:53:55 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.brandonsun.com/wp-json/>; rel="https://api.w.org/"
server: nginx
vary: Accept-Encoding
x-cache: miss
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn1 0 2 9980
x-tec-api-origin: https://www.brandonsun.com
x-tec-api-root: https://www.brandonsun.com/wp-json/tribe/events/v1/
x-tec-api-version: v1

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 22 Sep 2022 15:53:54 GMT
Location: https://www.brandonsun.com/
Server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 29 KB
2 KB 98ms
34ms Stylesheet
text/css 2a00:1450:400e:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

677e13931343c9c296edbe034e6ce78a815ebfd4de447675838f2b833efb69ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 15:53:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 22 Sep 2022 15:53:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Sep 2022 15:53:55 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 96 KB
30 KB 186ms
57ms Script
application/x-javascript 2a02:26f0:10e:380::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e:380::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 909a3299e6fefc722df555e8729ecc1db6f40957b9add95e260743f53f6b1f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 15:53:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 14:09:51 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30797
Expires: Thu, 22 Sep 2022 16:53:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 293 KB
89 KB 95ms
48ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TK48WJ9

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd1192ac22f0d7b92241886d5df9d104c8e9483b1cb94cf6cdf3d5511d93bf3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90492
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 15:12:47 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Sep 2022 15:53:56 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 133ms
33ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 22 Sep 2022 16:25:03 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 76 KB
27 KB 201ms
67ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20abfd9e225d23fa624f890804071ee22c168bef6b7be9a8c573b95aeabf0930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 15:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 116ms
34ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1895630dd470cf7cec36822c5d6367191d530ee9979fc72f0bb96a79da4122c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27800
x-xss-protection: 0
server: sffe
etag: "1341 / 569 of 1000 / last-modified: 1663845016"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 22 Sep 2022 15:53:56 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 147 KB
46 KB 182ms
40ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab7227f2ae21f2daf452863dfa171d2f5c902bf6f12deecd773ef6cb6e06d710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46294
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 20:41:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 16:39:35 GMT

GET
H2 200 swg-gaa.js Show response
news.google.com/swg/js/v1/ 71 KB
18 KB 220ms
78ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-gaa.js

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949bd1510e0b754e029d90ee7808b58c30229e331e61f1af046f848c6c24047c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18227
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 20:41:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 15:58:04 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 91ms
34ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Thu, 22 Sep 2022 15:53:56 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "95a07626e083cec6"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Sep 2022 15:53:56 GMT

GET
H/1.1 200
OK cx.cce.js Show response
scdn.cxense.com/ 23 KB
6 KB 143ms
22ms Script
application/x-javascript 2a02:26f0:3500:893::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.cce.js
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:893::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 15:53:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 May 2022 19:29:56 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5964
Expires: Thu, 22 Sep 2022 16:53:55 GMT

GET
H/1.1 200
OK cx.js Show response
scdn.cxense.com/ 96 KB
30 KB 28ms
25ms Script
application/x-javascript 2a02:26f0:3500:893::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.js
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:893::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 909a3299e6fefc722df555e8729ecc1db6f40957b9add95e260743f53f6b1f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 15:53:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 14:09:51 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30797
Expires: Thu, 22 Sep 2022 16:53:56 GMT

GET
H2 200 style.min.css
www.brandonsun.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 39ms
38ms Stylesheet
text/css 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brandonsun.com/wp-includes/css/dist/block-library/style.min.css?m=1662729144g
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:55 GMT
x-rq: hhn1 0 2 9980
last-modified: Fri, 09 Sep 2022 13:12:24 GMT
server: nginx
age: 1131812
etag: W/"631b3bb8-15b64"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 11683
expires: Fri, 22 Sep 2023 15:53:55 GMT

GET
H2 200 /
www.brandonsun.com/_static/ 179 KB
41 KB 21ms
20ms Stylesheet
text/css 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brandonsun.com/_static/??-eJyVz9sKwjAMBuAXMg1zW9EL8VnaLt0KPWFap29vmQgieuFVQvLzkeCawaRYKBbMvs4uMno3L0WnG+QllcSry4SKmQpj5gG53D0xTmRV9UUY5h2+Kca7ViBUeHn2sq2mBmu0rVcrcQoE11F0oxhEcPFfZrvqArrGyTfoIHrRfXXKQqFdazO4aEArJthGzzd+xTXHz9g5nDop+17ux6N8ACLmcgc=
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b986f57e570c3dd6d9592e8acc2d01da4f29b4e741633f51bfe576413443c74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:55 GMT
x-rq: hhn1 0 2 9980
last-modified: Fri, 16 Sep 2022 21:09:56 GMT
server: nginx
age: 496410
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 41444

GET
H2 200 / Show response
www.brandonsun.com/_static/ 661 KB
178 KB 20ms
19ms Script
application/javascript 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brandonsun.com/_static/??-eJydkNEOgjAMRX/IbUwM8mL8lsEGlmxldgyCX+8wGH0xEZI2fWjvyb0Vk2d1j4PBQdQW0mAuMm9jCxhEQ6+VFhYqodXcBTZKLjN+5g6Qd+Eg/tc3gK0hT4DDccGUvNhBuSnU1lSKkpVT8rHVyUf/FgHWNmoTRJfqHg3N6/gm/zxiDlpSg9loY2q88n5jdtdrQwgP2vG3MIE3xKq4xGdjyXMuV8zVXWRR5FnqXHZPn1LClA==
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6fedaf1a942de578d924c177b5db3c9c1d67092d92435402ab5b059b7c75a9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:55 GMT
x-rq: hhn1 0 2 9980
last-modified: Tue, 13 Sep 2022 10:52:11 GMT
server: nginx
age: 496410
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 181860

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
42 KB 174ms
170ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11192669-2

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6fbc53f83779ce2b45751df2c0a299f14ac5dfe0d1407a85ec1404c0bd3de7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43326
x-xss-protection: 0
expires: Thu, 22 Sep 2022 15:53:56 GMT

GET
H2 200 b.png
www.brandonsun.com/wp-content/themes/fp-inc-base-theme/images/weather/icons-png/ 3 KB
3 KB 24ms
21ms Image
image/png 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/themes/fp-inc-base-theme/images/weather/icons-png/b.png
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 13689523a09825f3186a135d2234306e7a5e1a294b176745b3c9c8417b59a73b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:56 GMT
x-rq: hhn1 0 2 9980
last-modified: Tue, 16 Aug 2022 15:49:24 GMT
server: nginx
age: 2948546
etag: W/"62fbbc84-bac"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 3011
expires: Fri, 22 Sep 2023 15:53:56 GMT

GET
H2 200 brandon-sun-logo.svg
www.brandonsun.com/wp-content/themes/bsn-theme/assets/images/ 5 KB
2 KB 156ms
153ms Image
image/svg+xml 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/themes/bsn-theme/assets/images/brandon-sun-logo.svg
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 19262038e4822652211892db8897ccb20a77e5c5d6eea854f501f3a3e6510658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:56 GMT
content-encoding: gzip
x-rq: hhn1 0 2 9980
last-modified: Mon, 12 Sep 2022 11:36:48 GMT
server: nginx
age: 0
etag: W/"631f19d0-140c"
vary: X-Mobile-Class
x-cache: miss
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2088
expires: Fri, 22 Sep 2023 15:53:56 GMT

GET
H2 200 scripts.js Show response
www.brandonsun.com/wp-content/plugins/lightbox-photoswipe/assets/ps4/ 90 KB
23 KB 20ms
19ms Script
application/javascript 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brandonsun.com/wp-content/plugins/lightbox-photoswipe/assets/ps4/scripts.js?m=1662982607g
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a9934b98dff0f90f68a3d07944cd938528ea277225fee38fd63db1db3dae5dd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:55 GMT
x-rq: hhn1 0 2 9980
last-modified: Mon, 12 Sep 2022 11:36:47 GMT
server: nginx
age: 675041
etag: W/"631f19cf-16911"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 23019
expires: Fri, 22 Sep 2023 15:53:55 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.CtpTUw5WfUc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpIQttSar4i43RQ4MpHsToHI2ugww/ 262 KB
92 KB 38ms
36ms Script
text/javascript 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.CtpTUw5WfUc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpIQttSar4i43RQ4MpHsToHI2ugww/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.CtpTUw5WfUc.O/d=1/rs=AN8SPfpIQttSar4i43RQ4MpHsToHI2ugww/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7761301af9d3858f4e0b3036539b390a92754acc4b09f4ff8d52f43f5bb1802a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93858
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 21:14:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 17:34:30 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.brandonsun.com/wp-includes/js/ 18 KB
5 KB 24ms
21ms Script
application/javascript 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brandonsun.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:56 GMT
x-rq: hhn1 0 2 9980
last-modified: Tue, 30 Aug 2022 19:06:15 GMT
server: nginx
age: 1954095
etag: W/"630e5fa7-48b9"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 5004
expires: Fri, 22 Sep 2023 15:53:56 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 75ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.brandonsun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 248612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 18:50:24 GMT

GET
H2 200 fa-solid-900.woff2
www.brandonsun.com/wp-content/client-mu-plugins/frontend/webfonts/ 76 KB
77 KB 156ms
154ms Font
font/woff2 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brandonsun.com/wp-content/client-mu-plugins/frontend/webfonts/fa-solid-900.woff2
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/_static/??-eJyVz9sKwjAMBuAXMg1zW9EL8VnaLt0KPWFap29vmQgieuFVQvLzkeCawaRYKBbMvs4uMno3L0WnG+QllcSry4SKmQpj5gG53D0xTmRV9UUY5h2+Kca7ViBUeHn2sq2mBmu0rVcrcQoE11F0oxhEcPFfZrvqArrGyTfoIHrRfXXKQqFdazO4aEArJthGzzd+xTXHz9g5nDop+17ux6N8ACLmcgc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://www.brandonsun.com/_static/??-eJyVz9sKwjAMBuAXMg1zW9EL8VnaLt0KPWFap29vmQgieuFVQvLzkeCawaRYKBbMvs4uMno3L0WnG+QllcSry4SKmQpj5gG53D0xTmRV9UUY5h2+Kca7ViBUeHn2sq2mBmu0rVcrcQoE11F0oxhEcPFfZrvqArrGyTfoIHrRfXXKQqFdazO4aEArJthGzzd+xTXHz9g5nDop+17ux6N8ACLmcgc=
Origin: https://www.brandonsun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:56 GMT
content-encoding: gzip
x-rq: hhn1 0 2 9980
last-modified: Mon, 12 Sep 2022 11:36:47 GMT
server: nginx
age: 0
etag: W/"631f19cf-131bc"
vary: X-Mobile-Class
x-cache: miss
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
expires: Fri, 22 Sep 2023 15:53:56 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 16 KB
16 KB 97ms
55ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.brandonsun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 22:27:45 GMT
x-content-type-options: nosniff
age: 149171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16324
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 22:27:45 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 15 KB
15 KB 76ms
49ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.brandonsun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 14:20:51 GMT
x-content-type-options: nosniff
age: 178385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14964
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:20:51 GMT

GET
H2 200 fa-brands-400.woff2
www.brandonsun.com/wp-content/client-mu-plugins/frontend/webfonts/ 75 KB
75 KB 154ms
154ms Font
font/woff2 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brandonsun.com/wp-content/client-mu-plugins/frontend/webfonts/fa-brands-400.woff2
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/_static/??-eJyVz9sKwjAMBuAXMg1zW9EL8VnaLt0KPWFap29vmQgieuFVQvLzkeCawaRYKBbMvs4uMno3L0WnG+QllcSry4SKmQpj5gG53D0xTmRV9UUY5h2+Kca7ViBUeHn2sq2mBmu0rVcrcQoE11F0oxhEcPFfZrvqArrGyTfoIHrRfXXKQqFdazO4aEArJthGzzd+xTXHz9g5nDop+17ux6N8ACLmcgc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer: https://www.brandonsun.com/_static/??-eJyVz9sKwjAMBuAXMg1zW9EL8VnaLt0KPWFap29vmQgieuFVQvLzkeCawaRYKBbMvs4uMno3L0WnG+QllcSry4SKmQpj5gG53D0xTmRV9UUY5h2+Kca7ViBUeHn2sq2mBmu0rVcrcQoE11F0oxhEcPFfZrvqArrGyTfoIHrRfXXKQqFdazO4aEArJthGzzd+xTXHz9g5nDop+17ux6N8ACLmcgc=
Origin: https://www.brandonsun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:56 GMT
content-encoding: gzip
x-rq: hhn1 0 2 9980
last-modified: Mon, 12 Sep 2022 11:36:47 GMT
server: nginx
age: 0
etag: W/"631f19cf-12bc0"
vary: X-Mobile-Class
x-cache: miss
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
expires: Fri, 22 Sep 2023 15:53:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 77ms
21ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK48WJ9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 3116
date: Thu, 22 Sep 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Thu, 22 Sep 2022 17:02:00 GMT

GET
H3

200

activityi;dc_pre=CPmEjo3hqPoCFcpKkQUd0FwJ3Q;src=10441863;type=traff0;cat=lokno00;ord=5969768980055;gtm=2wg9j0;auiddc=588398652.1663862036;~oref=https%3A%2F%2Fwww.brandonsun.com%2F Show response
10441863.fls.doubleclick.net/ Frame 3740
Redirect Chain

https://10441863.fls.doubleclick.net/activityi;src=10441863;type=traff0;cat=lokno00;ord=5969768980055;gtm=2wg9j0;auiddc=588398652.1663862036;~oref=https%3A%2F%2Fwww.brandonsun.com%2F?
https://10441863.fls.doubleclick.net/activityi;dc_pre=CPmEjo3hqPoCFcpKkQUd0FwJ3Q;src=10441863;type=traff0;cat=lokno00;ord=5969768980055;gtm=2wg9j0;auiddc=588398652.1663862036;~oref=https%3A%2F%2Fww...

484 B
411 B

145ms
71ms

Document
text/html

142.250.180.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10441863.fls.doubleclick.net/activityi;dc_pre=CPmEjo3hqPoCFcpKkQUd0FwJ3Q;src=10441863;type=traff0;cat=lokno00;ord=5969768980055;gtm=2wg9j0;auiddc=588398652.1663862036;~oref=https%3A%2F%2Fwww.brandonsun.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK48WJ9

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f6.1e100.net

Software

cafe /

Resource Hash

032152e99df08b015acce6e4ff26b2154e7bfa72b84d8aae36ba4a5b354986a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.brandonsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 15:53:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 15:53:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10441863.fls.doubleclick.net/activityi;dc_pre=CPmEjo3hqPoCFcpKkQUd0FwJ3Q;src=10441863;type=traff0;cat=lokno00;ord=5969768980055;gtm=2wg9j0;auiddc=588398652.1663862036;~oref=https%3A%2F%2Fwww.brandonsun.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 100ms
22ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK48WJ9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:56 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=81931
accept-ranges: bytes
content-length: 3063

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 109ms
31ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: Y9aWSbuUHoepNuUg5dPgzL4qY4AQrrPd5Y1UOjQOc0vYhBL4WPnwYLpwoqfis0tWUrXAYSFGKrSraKOoDJXMyw==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 22 Sep 2022 15:53:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 128ms
50ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ced8d11334b82ec805e91f4b7b0fed7e5df30a40ef9c9aff2341803309b1e09e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: aFOy/axn1lq9+7mHOXFn8Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: Wvt9sUX5Ypz9VRIx1qHvHxaIYURo+FW5/qRKOGUBEZVhHslyzTXt/r1yG8bui/oOfwBSi8FvWKsPzMZ0xo2l5g==
x-fb-trip-id: 720026100
x-fb-content-md5: 74880e4cb06d83a1e3030c7c780b0a19
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 22 Sep 2022 15:53:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "32c45e927995d608d8a28dce577365d3"
timing-allow-origin: *
expires: Thu, 22 Sep 2022 16:07:25 GMT

GET
H/1.1 200
OK number-changer.js Show response
rw1.marchex.io/euinc/ 35 KB
9 KB 337ms
114ms Script
text/javascript 174.137.122.128
ASN-MARCHEX

General

Check archive.org

Show headers Download Go to

Full URL: https://rw1.marchex.io/euinc/number-changer.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK48WJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.137.122.128 , United States, ASN40495 (ASN-MARCHEX, US),
Reverse DNS
Software: Apache /
Resource Hash: fba2e28dab7e9f0135909704885960e762725fa8e62af67e4fdd2929fb1e91a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 15:53:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=165

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 82ms
34ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11192669-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK48WJ9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ceeb477542ab15a768699d54a2e503f165a8ddd439bebb1748d09c8b8b0f509e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42259
x-xss-protection: 0
expires: Thu, 22 Sep 2022 15:53:56 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
73 KB 100ms
52ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GM37S7T1YK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK48WJ9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba8e79dbb6ab04727ee364e8cd503159011a2d5bbc4c0877d8c8e2364d94b29c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74626
x-xss-protection: 0
expires: Thu, 22 Sep 2022 15:53:56 GMT

GET
DATA 200
OK truncated Show response
/ Frame 770B 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
1 KB 138ms
35ms Image
image/png 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:49:01 GMT
x-content-type-options: nosniff
age: 295
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 22 Sep 2023 15:49:01 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 123ms
36ms Image
image/png 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:46:20 GMT
x-content-type-options: nosniff
age: 456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 22 Sep 2023 15:46:20 GMT

GET
H3 200 pubads_impl_2022092101.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
128 KB 64ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09af6caefeb671f4527e8bf54659bb482eea031fe6899bafc12f149bb14155d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103889
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131360
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 08:34:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Sep 2023 11:02:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 116 B
123 B 72ms
29ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.brandonsun.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ef28f858db88cc8f297ae07038c10cc3544b07bf4973563537a9b327667571a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 15:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
expires: Thu, 22 Sep 2022 15:53:56 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 106ms
35ms Stylesheet
text/css 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:15:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 16:05:32 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 69ms
26ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1562185543&t=pageview&_s=1&dl=https%3A%2F%2Fwww.brandonsun.com%2F&ul=en-us&de=UTF-8&dt=Brandon%20Sun%20%E2%80%93%20Breaking%20News%2C%20Sports%2C%20Manitoba%2C%20Canada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1857068263&gjid=1407371968&cid=373764274.1663862036&tid=UA-126530131-1&_gid=1087379273.1663862036&_r=1&gtm=2wg9j0TK48WJ9&z=1602295902

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.brandonsun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 15:53:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.brandonsun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v1 Show response
winnipeg-free-press-snowplow-collector.localnewslab.io/com.google.analytics/ 2 B
313 B 348ms
110ms XHR
text/plain 18.204.108.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://winnipeg-free-press-snowplow-collector.localnewslab.io/com.google.analytics/v1
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.108.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-108-195.compute-1.amazonaws.com
Software: akka-http/10.1.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.brandonsun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: https://www.brandonsun.com
date: Thu, 22 Sep 2022 15:53:56 GMT
access-control-allow-credentials: true
server: akka-http/10.1.10
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3300905&time=1663862036482&url=https%3A%2F%2Fwww.brandonsun.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3300905%26time%3D1663862036482%26url%3Dhttps%253A%252F%252Fwww.brandonsun.com%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3300905&time=1663862036482&url=https%3A%2F%2Fwww.brandonsun.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3300905&time=1663862036482&url=https%3A%2F%2Fwww.brandonsun.com%2F&liSync=true&e_ipv6=AQKBdfzqgM_SYgAAAYNl59vzerOZmPGUuK9nx6CQhfkWqZO-BACSGBQn9MB...

0
265 B

463ms
146ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3300905&time=1663862036482&url=https%3A%2F%2Fwww.brandonsun.com%2F&liSync=true&e_ipv6=AQKBdfzqgM_SYgAAAYNl59vzerOZmPGUuK9nx6CQhfkWqZO-BACSGBQn9MBo4M2-b2G3DNZzOtZA
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:57 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 6A862D3291844E54BD7ED336502687D8 Ref B: FRAEDGE1514 Ref C: 2022-09-22T15:53:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXpRhG5wvcDxWlOZ1FdFw==
x-li-fabric: prod-lva1

Redirect headers

date: Thu, 22 Sep 2022 15:53:56 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 217AF3B3DC614B0FB6CC321C61168530 Ref B: FRAEDGE1520 Ref C: 2022-09-22T15:53:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3300905&time=1663862036482&url=https%3A%2F%2Fwww.brandonsun.com%2F&liSync=true&e_ipv6=AQKBdfzqgM_SYgAAAYNl59vzerOZmPGUuK9nx6CQhfkWqZO-BACSGBQn9MBo4M2-b2G3DNZzOtZA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXpRhGy52oni+xW61Z/3A==

GET
H3 200 524625568278206 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 188ms
154ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/524625568278206?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f684d375467f4aed2c439eacdb1267f58db9b264562e26a21baa9840ccd331f9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: YOmQbLrU6iRmo/DUlUwhhP/eKZdoXoghMxpCdmzz5Bz7KoUcXSDiI3+ltIVh6FoofRAnzSlncM3S+fc/EtIdkw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 22 Sep 2022 15:53:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 313 KB
85 KB 67ms
32ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f8bf9fa805ed8cfdd182a4b8458ef5fa

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4780fa361d2e9770f718d7aa293679c4eac0ac675561b92a6ee1a035c2bef86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.brandonsun.com/
Origin: https://www.brandonsun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: oB2appsPY/Ob1x/G/S71zQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87334
x-fb-rlafr: 0
x-fb-debug: xtbluE3kLlopXYn7gx82BZNMj1XfLXheSxC8UzjgjzZJsJtYl8dIGlnykxLTiQEWKRoz4Jr5FziztPS5ba6Jng==
x-fb-content-md5: 27ec5495f2aa09bcb48ca1934c572f79
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 22 Sep 2022 15:53:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "1fa4ba5ab8385bf5a766c1b490c1bdb5"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 22 Sep 2023 13:38:56 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 99ms
30ms XHR
text/plain 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-126530131-1&cid=373764274.1663862036&jid=1857068263&gjid=1407371968&_gid=1087379273.1663862036&_u=YEBAAEAAAAAAAC~&z=1317882087

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.brandonsun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 22 Sep 2022 15:53:56 GMT
content-type: text/plain
access-control-allow-origin: https://www.brandonsun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getnumdata.js Show response
rw1.marchex.io/euinc/ 249 B
508 B 110ms
110ms Script
text/javascript 174.137.122.128
ASN-MARCHEX

General

Check archive.org

Show headers Download Go to

Full URL: https://rw1.marchex.io/euinc/getnumdata.js?var=_vsrkpd.d;acc=fwABAV8M0955zACy;cky=rkpd_fwABAV8M0955zACy;ign=1;url=https%3A%2F%2Fwww.brandonsun.com%2F;
Requested by: Host: rw1.marchex.io
URL: https://rw1.marchex.io/euinc/number-changer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.137.122.128 , United States, ASN40495 (ASN-MARCHEX, US),
Reverse DNS
Software: Apache /
Resource Hash: 8b82448e5551693ea90c222fc2eb8df69f5cbb2f03e75587d1f206e3b35adc03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 15:53:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
P3P: CP="NOI COR NID TAI OUR BUS STA"
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: text/javascript
Keep-Alive: timeout=1, max=147

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 163ms
71ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-126530131-1&cid=373764274.1663862036&jid=1857068263&_u=YEBAAEAAAAAAAC~&z=1378379166

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 15:53:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 111ms
60ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-126530131-1&cid=373764274.1663862036&jid=1857068263&_u=YEBAAEAAAAAAAC~&z=1378379166

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 15:53:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPmEjo3hqPoCFcpKkQUd0FwJ3Q;src=10441863;type=traff0;cat=lokno00;ord=5969768980055;gtm=2wg9j0;auiddc=588398652.1663862036;~oref=https%3A%2F%2Fwww.brandonsun.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 4DC9 483 B
855 B 163ms
72ms Document
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPmEjo3hqPoCFcpKkQUd0FwJ3Q;src=10441863;type=traff0;cat=lokno00;ord=5969768980055;gtm=2wg9j0;auiddc=588398652.1663862036;~oref=https%3A%2F%2Fwww.brandonsun.com%2F

Requested by

Host: 10441863.fls.doubleclick.net
URL: https://10441863.fls.doubleclick.net/activityi;dc_pre=CPmEjo3hqPoCFcpKkQUd0FwJ3Q;src=10441863;type=traff0;cat=lokno00;ord=5969768980055;gtm=2wg9j0;auiddc=588398652.1663862036;~oref=https%3A%2F%2Fwww.brandonsun.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f983200278f88b03d335641f3f6cf7559de7f7610154a970a6e126ccfac8004c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10441863.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 15:53:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 67ms
22ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=129054303830226&ev=fb_page_view&dl=https%3A%2F%2Fwww.brandonsun.com%2F&rl=&if=false&ts=1663862036714&sw=1600&sh=1200&at=

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 22 Sep 2022 15:53:56 GMT

GET
H2 200 pixel.gif
px.marchex.io/ 43 B
381 B 355ms
108ms Image
image/gif 54.89.81.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.marchex.io/pixel.gif?c=1663862036736
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.89.81.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-81-207.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:57 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "2b-5c6109ac86f97"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: image/gif
content-length: 43

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 43ms
21ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=524625568278206&ev=PageView&dl=https%3A%2F%2Fwww.brandonsun.com%2F&rl=&if=false&ts=1663862036835&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1663862036833.1380588991&it=1663862036491&coo=false&rqm=GET

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 22 Sep 2022 15:53:56 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 42ms
21ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=524625568278206&ev=user-not-loggedin&dl=https%3A%2F%2Fwww.brandonsun.com%2F&rl=&if=false&ts=1663862036837&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1663862036833.1380588991&it=1663862036491&coo=false&rqm=GET

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 22 Sep 2022 15:53:56 GMT

GET
H2 200 dc_pre=CPmEjo3hqPoCFcpKkQUd0FwJ3Q;src=10441863;type=traff0;cat=lokno00;ord=5969768980055;gtm=2wg9j0;auiddc=588398652.1663862036;~oref=https%3A%2F%2Fwww.brandonsun.com%2F Show response
adservice.google.de/ddm/fls/i/ Frame 32BC 194 B
870 B 109ms
59ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CPmEjo3hqPoCFcpKkQUd0FwJ3Q;src=10441863;type=traff0;cat=lokno00;ord=5969768980055;gtm=2wg9j0;auiddc=588398652.1663862036;~oref=https%3A%2F%2Fwww.brandonsun.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPmEjo3hqPoCFcpKkQUd0FwJ3Q;src=10441863;type=traff0;cat=lokno00;ord=5969768980055;gtm=2wg9j0;auiddc=588398652.1663862036;~oref=https%3A%2F%2Fwww.brandonsun.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 15:53:56 GMT
expires: Thu, 22 Sep 2022 15:53:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK identify Show response
account.brandonsun.com/api/v2/auth/ 118 B
999 B 865ms
307ms XHR
application/json 205.200.191.140
MTS-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://account.brandonsun.com/api/v2/auth/identify

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/_static/??-eJydkNEOgjAMRX/IbUwM8mL8lsEGlmxldgyCX+8wGH0xEZI2fWjvyb0Vk2d1j4PBQdQW0mAuMm9jCxhEQ6+VFhYqodXcBTZKLjN+5g6Qd+Eg/tc3gK0hT4DDccGUvNhBuSnU1lSKkpVT8rHVyUf/FgHWNmoTRJfqHg3N6/gm/zxiDlpSg9loY2q88n5jdtdrQwgP2vG3MIE3xKq4xGdjyXMuV8zVXWRR5FnqXHZPn1LClA==

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.200.191.140 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),

Reverse DNS

205-200-200-191-140.static.bellmts.net

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.25 / PHP/7.4.25

Resource Hash

560c836d7a468b5a03d13f71367dca6889af2e39a50acb730702e166e3f4add3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.brandonsun.com;
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	Allow-From https://brandonsun.com/

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.brandonsun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 22 Sep 2022 15:53:58 GMT
Strict-Transport-Security: max-age=63072000;
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.4.25
Connection: Keep-Alive
Content-Length: 118
Referrer-Policy
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.25
X-Frame-Options: Allow-From https://brandonsun.com/
Content-Security-Policy: frame-ancestors 'self' https://*.brandonsun.com;
X-RateLimit-Remaining: 59
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.brandonsun.com
Cache-Control: max-age=0, no-store
Access-Control-Allow-Credentials: true
X-RateLimit-Limit: 60
Keep-Alive: timeout=5, max=100

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 21ms
20ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=524625568278206&ev=Microdata&dl=https%3A%2F%2Fwww.brandonsun.com%2F&rl=&if=false&ts=1663862038339&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Brandon%20Sun%20%E2%80%93%20Breaking%20News%2C%20Sports%2C%20Manitoba%2C%20Canada%22%2C%22meta%3Adescription%22%3A%22Breaking%20News%2C%20Sports%2C%20Manitoba%2C%20Canada%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1663862036833.1380588991&it=1663862036491&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 22 Sep 2022 15:53:58 GMT

GET
H/1.1 200
OK segment Show response
api.cxense.com/profile/user/ 62 B
678 B 100ms
32ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/profile/user/segment?callback=cXJsonpCB1&persisted=38d5e37a13985ceec570aaaacd3a7c2f5defc36d&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22l8d8hvlaw8g1fris%22%2C%22type%22%3A%22cx%22%7D%5D%7D

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

ca11b298f778bc9674f60d265c6b71dfcc42723d64cef1ecb6c7056c3088c6e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 15:53:59 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 62
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK data Show response
api.cxense.com/public/widget/ 36 KB
16 KB 120ms
67ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.brandonsun.com%2F%22%7D%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22l8d8hvlaw8g1fris%22%7D%2C%22likes%22%3A%7B%22categories%22%3A%5B%22local%22%5D%7D%7D%2C%22widgetId%22%3A%22157f1a635b525297e4637fc00affa6e3165219a6%22%2C%22prnd%22%3A%22l8d8hvlatvb8t5gr%22%7D&media=javascript&sid=null&widgetId=157f1a635b525297e4637fc00affa6e3165219a6&resizeToContentSize=true&useSecureUrls=true&usi=l8d8hvlaw8g1fris&rnd=1359252231&prnd=l8d8hvlatvb8t5gr&tzo=0&callback=cXJsonpCB2

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

44af7f9eeb2ed35dff44441284f7b6384df3bc8b9da4c965c83f6eb25efdb502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 15:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 15823
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
28ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1562185543&t=pageview&_s=1&dl=https%3A%2F%2Fwww.brandonsun.com%2F&ul=en-us&de=UTF-8&dt=Brandon%20Sun%20%E2%80%93%20Breaking%20News%2C%20Sports%2C%20Manitoba%2C%20Canada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=903788354&gjid=1427201610&cid=373764274.1663862036&tid=UA-11192669-2&_gid=1087379273.1663862036&_r=1&gtm=2ou9l0&cd2=not-logged-in&z=255949299

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.brandonsun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 15:53:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.brandonsun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 84ms
32ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GM37S7T1YK&gtm=2oe9j0&_p=1562185543&cid=373764274.1663862036&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1663862039&sct=1&seg=0&dl=https%3A%2F%2Fwww.brandonsun.com%2F&dt=Brandon%20Sun%20%E2%80%93%20Breaking%20News%2C%20Sports%2C%20Manitoba%2C%20Canada&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GM37S7T1YK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 15:53:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.brandonsun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 obits Show response
www.brandonsun.com/wp-json/api/v1/widget-data/ 139 B
404 B 264ms
264ms XHR
application/json 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brandonsun.com/wp-json/api/v1/widget-data/obits?_=1663862036064

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0cb5ce5347b4125baea247f68db921003243d39e82b44edd25740df0a33cc105

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.brandonsun.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: miss
vary: Accept-Encoding, Origin
x-rq: hhn1 0 2 9980
server: nginx
allow: GET
content-type: application/json; charset=UTF-8
link: <https://www.brandonsun.com/wp-json/>; rel="https://api.w.org/"
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 0179 684 B
749 B 58ms
57ms Document
text/html 2a02:26f0:10e:380::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e:380::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer: https://www.brandonsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 379
Content-Type: text/html
Date: Thu, 22 Sep 2022 15:53:59 GMT
Expires: Sun, 02 Oct 2022 15:53:59 GMT
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H/1.1 200
OK data Show response
api.cxense.com/public/widget/ 342 B
959 B 59ms
32ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22testgroup%22%3A%2212%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22userState%22%2C%22value%22%3A%22anon%22%7D%2C%7B%22key%22%3A%22subscription%22%2C%22value%22%3A%22not-logged-in%22%7D%2C%7B%22key%22%3A%22ver%22%2C%22value%22%3A%222.47%22%7D%2C%7B%22key%22%3A%22testGroup%22%2C%22value%22%3A%2212%22%7D%2C%7B%22key%22%3A%22loadDelay%22%2C%22value%22%3A%223.1%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2212%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.brandonsun.com%2F%22%7D%2C%22widgetId%22%3A%22e4ea3c606b0df5db461caf8e75840f0bf806cce6%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22l8d8hvlaw8g1fris%22%7D%7D%2C%22prnd%22%3A%22l8d8hvlatvb8t5gr%22%7D&media=javascript&sid=9222360305937373874&widgetId=e4ea3c606b0df5db461caf8e75840f0bf806cce6&resizeToContentSize=true&useSecureUrls=true&usi=l8d8hvlaw8g1fris&rnd=1202039023&prnd=l8d8hvlatvb8t5gr&tzo=0&callback=cXJsonpCB3

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

24149e300ec2e8b28fe2367203e7fcf8a8e5e8cbb31306f4028e9996d0347171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 15:53:59 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 342
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK data Show response
api.cxense.com/public/widget/ 7 KB
3 KB 176ms
136ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22testgroup%22%3A%2212%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22userState%22%2C%22value%22%3A%22anon%22%7D%2C%7B%22key%22%3A%22subscription%22%2C%22value%22%3A%22not-logged-in%22%7D%2C%7B%22key%22%3A%22ver%22%2C%22value%22%3A%222.47%22%7D%2C%7B%22key%22%3A%22testGroup%22%2C%22value%22%3A%2212%22%7D%2C%7B%22key%22%3A%22loadDelay%22%2C%22value%22%3A%223.1%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2212%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.brandonsun.com%2F%22%7D%2C%22widgetId%22%3A%2287d55267e9832b8285b355d1ca93f19f003b6f93%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22l8d8hvlaw8g1fris%22%7D%7D%2C%22prnd%22%3A%22l8d8hvlatvb8t5gr%22%7D&media=javascript&sid=9222360305937373874&widgetId=87d55267e9832b8285b355d1ca93f19f003b6f93&resizeToContentSize=true&useSecureUrls=true&usi=l8d8hvlaw8g1fris&rnd=1622072282&prnd=l8d8hvlatvb8t5gr&tzo=0&callback=cXJsonpCB4

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

7fec54d4695af54a1bf77f1d2fc74c48bc31c78950d74115d839b42073340645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 15:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 2314
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 129ms
57ms Script
application/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.brandonsun.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 15:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 126ms
55ms Script
application/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.brandonsun.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 15:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 550 B
320 B 61ms
60ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=338640791035688&correlator=1332451229303626&eid=31068501%2C31069762%2C31069793&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fif&iu_parts=3823844%2Cbrandonsun.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=180x40&ifi=1&adks=3759655058&sfv=1-0-38&fsapi=false&prev_scp=loc%3DweatherSlideOut%26pos%3D1%26page%3Dindex%26ut%3Dnot-logged-in%26ck%3Dindex%2Cweather-sunny-with-cloudy-periods%2Cweather-cloudy-with-clear-breaks%2Cweather_30_hotter%26imp%3Dindex%26pr%3Dnews&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1663862039268&lmt=1663862039&dlt=1663862035615&idt=970&adxs=-424&adys=89&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.brandonsun.com%2F&frm=20&vis=1&psz=400x-1&msz=180x-1&fws=516&ohw=400&ga_vid=373764274.1663862036&ga_sid=1663862039&ga_hid=1562185543&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8789ae314dfc6c71321276a2623e08d231e60fee4c3bc7ff58e7c790060d65ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.brandonsun.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
11 KB 799ms
798ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=338640791035688&correlator=3632722487525625&eid=31068501%2C31069762%2C31069793&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fif&iu_parts=3823844%2Cbrandonsun.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=2&adks=2693653942&sfv=1-0-38&fsapi=false&prev_scp=loc%3Dtop%26pos%3D1%26page%3Dindex%26ut%3Dnot-logged-in%26ck%3Dindex%2Cweather-sunny-with-cloudy-periods%2Cweather-cloudy-with-clear-breaks%2Cweather_30_hotter%26imp%3Dindex%26pr%3Dnews&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1663862039281&lmt=1663862039&dlt=1663862035615&idt=970&adxs=316&adys=143&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.brandonsun.com%2F&frm=20&vis=1&psz=1000x16&msz=968x0&fws=0&ohw=0&ga_vid=373764274.1663862036&ga_sid=1663862039&ga_hid=1562185543&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56e9800723b5c2fb95866eb7993606d4d44df9484c39f2ce874d414a5e2ed8a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10935
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.brandonsun.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 406 B
243 B 61ms
60ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=338640791035688&correlator=4189359108274894&eid=31068501%2C31069762%2C31069793&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fif&iu_parts=3823844%2Cbrandonsun.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=4x4&ifi=3&adks=3500686986&sfv=1-0-38&fsapi=false&prev_scp=loc%3Dtop%26pos%3D1%26page%3Dindex%26ut%3Dnot-logged-in%26ck%3Dindex%2Cweather-sunny-with-cloudy-periods%2Cweather-cloudy-with-clear-breaks%2Cweather_30_hotter%26imp%3Dindex%26pr%3Dnews&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1663862039284&lmt=1663862039&dlt=1663862035615&idt=970&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.brandonsun.com%2F&frm=20&vis=1&psz=4x0&msz=4x0&fws=0&ohw=0&ga_vid=373764274.1663862036&ga_sid=1663862039&ga_hid=1562185543&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a6206da89e988ebe74c2bfe239bfa4df4ca1923d4aa4bca3ea12c79381820be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 212
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.brandonsun.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 179ms
81ms XHR
application/json 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cab116ba8f2f04044075c6d490ced9a83758dc3fb6e629e28de2df8485900e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 15:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11147
x-xss-protection: 0

GET
H2 200 container.html Show response
061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4F79 6 KB
4 KB 156ms
27ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.brandonsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 15:53:59 GMT
expires: Fri, 22 Sep 2023 15:53:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 89ms
31ms XHR
text/plain 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-11192669-2&cid=373764274.1663862036&jid=903788354&gjid=1427201610&_gid=1087379273.1663862036&_u=aEDAAUABAAAAAC~&z=2000292655

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.brandonsun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 22 Sep 2022 15:53:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.brandonsun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 0179 96 KB
30 KB 63ms
62ms Script
application/x-javascript 2a02:26f0:10e:380::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e:380::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 909a3299e6fefc722df555e8729ecc1db6f40957b9add95e260743f53f6b1f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 15:53:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 14:09:51 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30797
Expires: Thu, 22 Sep 2022 16:53:59 GMT

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 0179 45 B
633 B 181ms
26ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 805767f2d75126098559944a5da371c704f3547938324341892e671a5e5952af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
last-modified: Tue, 22 Mar 2022 15:53:59 GMT
server: Jetty(9.4.28.v20200408)
etag: vn9zz9eur6wfd7r368dq8zj3
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: private, proxy-revalidate
content-type: text/javascript;charset=utf-8
content-length: 45
expires: Fri, 22 Sep 2023 15:53:59 GMT

GET
H2 200 759077_web1_220922-ValleyViewLawsuit1.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 49 KB
49 KB 20ms
19ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/759077_web1_220922-ValleyViewLawsuit1.jpg?w=1024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 284343aec658afd1294bd247af0446dd8fe2f16e09e8658df8594517e81ff01a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 32 443
last-modified: Thu, 22 Sep 2022 08:37:31 GMT
server: nginx
etag: "c339884aa2836c89"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 50242
expires: Fri, 22 Sep 2023 08:37:31 GMT

GET
H2 200 b.png
www.brandonsun.com/wp-content/themes/fp-inc-base-theme/images/weather/icons-png/ 3 KB
3 KB 23ms
23ms Image
image/png 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/themes/fp-inc-base-theme/images/weather/icons-png/b.png
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/_static/??-eJydkNEOgjAMRX/IbUwM8mL8lsEGlmxldgyCX+8wGH0xEZI2fWjvyb0Vk2d1j4PBQdQW0mAuMm9jCxhEQ6+VFhYqodXcBTZKLjN+5g6Qd+Eg/tc3gK0hT4DDccGUvNhBuSnU1lSKkpVT8rHVyUf/FgHWNmoTRJfqHg3N6/gm/zxiDlpSg9loY2q88n5jdtdrQwgP2vG3MIE3xKq4xGdjyXMuV8zVXWRR5FnqXHZPn1LClA==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 13689523a09825f3186a135d2234306e7a5e1a294b176745b3c9c8417b59a73b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 0 2 9980
last-modified: Tue, 16 Aug 2022 15:49:24 GMT
server: nginx
age: 2948549
etag: W/"62fbbc84-bac"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 3011
expires: Fri, 22 Sep 2023 15:53:59 GMT

GET
H2 200 s.png
www.brandonsun.com/wp-content/themes/fp-inc-base-theme/images/weather/icons-png/ 3 KB
3 KB 22ms
21ms Image
image/png 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/themes/fp-inc-base-theme/images/weather/icons-png/s.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e51c34133d034c6e711296d7f94369af2dbf385978319a0b95fe96cd8d281fa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 0 2 9980
last-modified: Tue, 16 Aug 2022 15:49:24 GMT
server: nginx
age: 2779745
etag: W/"62fbbc84-c60"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 3191
expires: Fri, 22 Sep 2023 15:53:59 GMT

GET
H2 200 bn.png
www.brandonsun.com/wp-content/themes/fp-inc-base-theme/images/weather/icons-png/ 3 KB
3 KB 23ms
22ms Image
image/png 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/themes/fp-inc-base-theme/images/weather/icons-png/bn.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a760a48f78d2aba788df01bac73d8e08cdb471b2cefbb3ed4f4173bdbe02a159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 0 2 9980
last-modified: Tue, 16 Aug 2022 15:49:24 GMT
server: nginx
age: 2745847
etag: W/"62fbbc84-a76"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 2701
expires: Fri, 22 Sep 2023 15:53:59 GMT

GET
H2 200 200110-Dynacare-00009.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 84 KB
84 KB 23ms
23ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/200110-Dynacare-00009.jpg?w=1000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5db403fc7efefd78b0e8f6eafa8961114f4bd161a200c5242b44f98adb768fda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 200 443
last-modified: Thu, 22 Sep 2022 08:02:15 GMT
server: nginx
etag: "5235b7b9d384c9f4"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 86002
expires: Fri, 22 Sep 2023 08:02:15 GMT

GET
H2 200 220922-A1-MAIN-ART.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 298 KB
299 KB 23ms
19ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/220922-A1-MAIN-ART.jpg?w=1024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c83cb23419566ea076a477b55a25aaf9f32e028a94868fd6e50a7e261b778af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 198 443
last-modified: Thu, 22 Sep 2022 08:05:13 GMT
server: nginx
etag: "3a7a71b0b85d3605"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 305318
expires: Fri, 22 Sep 2023 08:05:13 GMT

GET
H2 200 757381_web1_220922-BUSINESS-FAIR-01.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 36 KB
36 KB 34ms
29ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/757381_web1_220922-BUSINESS-FAIR-01.jpg?w=1024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 37cf7be1a4b89aca4d24d454ba3afd1645bac6c0cbae5cafb4b6f3c77d46e9b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 144 443
last-modified: Thu, 22 Sep 2022 08:02:15 GMT
server: nginx
etag: "3721777c3c1c4d98"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 36676
expires: Fri, 22 Sep 2023 08:02:15 GMT

GET
H2 200 725782_web1_220906_Marshall_Ring_04.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 10 KB
10 KB 26ms
22ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/725782_web1_220906_Marshall_Ring_04.jpg?w=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: b607820ac27acb9517adee329d8ac90d0a16bd29d11d807474a5c20d6f7811ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 140 443
last-modified: Sat, 10 Sep 2022 08:03:25 GMT
server: nginx
etag: "349b4e5f2f3c9184"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10496
expires: Sun, 10 Sep 2023 08:03:25 GMT

GET
H2 200 688735_web1_ROSS.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/08/ 9 KB
9 KB 26ms
22ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/08/688735_web1_ROSS.jpg?w=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 29a5c2097f99c6f83d0a6eb315a968fd08a277eae13ec278cc9e23842c18c887

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 84 443
last-modified: Sat, 27 Aug 2022 17:04:14 GMT
server: nginx
etag: "d6a71c8e92ae46a7"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8982
expires: Sun, 27 Aug 2023 17:04:14 GMT

GET
H2 200 650106_web1_ross-column.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/08/ 11 KB
12 KB 26ms
23ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/08/650106_web1_ross-column.jpg?w=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d2cfcfb36926883c4ff291aa2b34fe7a75af4af506a82060b3f627cb1d4e694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 142 443
last-modified: Sat, 13 Aug 2022 16:11:39 GMT
server: nginx
etag: "1a66b81ff884d449"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11736
expires: Sun, 13 Aug 2023 16:11:39 GMT

GET
H2 200 758823_web1_220922-BRUCE-01.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 27 KB
27 KB 21ms
20ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/758823_web1_220922-BRUCE-01.jpg?w=1024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8bb8831c6581beb8c1f67f5228ff7db343c0cfa95493cc982d875d0ce0b2779c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 27 443
last-modified: Thu, 22 Sep 2022 08:02:15 GMT
server: nginx
etag: "aa7948e14c8ff0df"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27932
expires: Fri, 22 Sep 2023 08:02:15 GMT

GET
H2 200 738168_web1_220922-WTW-KIN-CLUB-VP.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 37 KB
37 KB 28ms
24ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/738168_web1_220922-WTW-KIN-CLUB-VP.jpg?w=1024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 68ae355fc417b8d724185157351eead6ccb59c52910329a07bf4ba0c5502f1fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 139 443
last-modified: Thu, 22 Sep 2022 07:06:22 GMT
server: nginx
etag: "f6cf98a9d038a35a"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 37712
expires: Fri, 22 Sep 2023 07:06:22 GMT

GET
H2 200 759364_web1_220922-Springer2.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 160 KB
160 KB 23ms
22ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/759364_web1_220922-Springer2.jpg?w=768
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 427bd164f1d180c21db4306335580eccaf230b1a43de384806c1679b3ce5f45a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 198 443
last-modified: Thu, 22 Sep 2022 02:32:41 GMT
server: nginx
etag: "c99f7657b24b352e"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 163554
expires: Fri, 22 Sep 2023 02:32:41 GMT

GET
H2 200 VACCINE-PATENTS.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 143 KB
143 KB 20ms
20ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/VACCINE-PATENTS.jpg?w=1024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d6e0a2d755b97ec66b97b670029b22e47dded9bf49ed1c5e7534d72829cff65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 142 443
last-modified: Thu, 22 Sep 2022 02:32:41 GMT
server: nginx
etag: "a45ac0421405c093"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 146048
expires: Fri, 22 Sep 2023 02:32:41 GMT

GET
H2 200 20220922100932-632c71f20e4c200aa593a532jpeg.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 12 KB
12 KB 23ms
22ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/20220922100932-632c71f20e4c200aa593a532jpeg.jpg?w=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ec58488f1f40376e8df7a5bdf4513f958520f98ede4164579c8efde5f805112

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 28 443
last-modified: Thu, 22 Sep 2022 15:33:59 GMT
server: nginx
etag: "244096a241936c54"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12040
expires: Fri, 22 Sep 2023 15:33:59 GMT

GET
H2 200 2022092200094-632bdf531c586f35eb9c4b51jpeg.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 12 KB
12 KB 24ms
23ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/2022092200094-632bdf531c586f35eb9c4b51jpeg.jpg?w=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3076520925d63c7f1f184c88ad47d810199b2f5193f3e376d30f97de558732ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 200 443
last-modified: Thu, 22 Sep 2022 15:01:43 GMT
server: nginx
etag: "9edc35f8a0112524"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12232
expires: Fri, 22 Sep 2023 15:01:43 GMT

GET
H2 200 20220914110944-6321f74a0e4c200aa590e3c6jpeg.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 29 KB
29 KB 24ms
23ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/20220914110944-6321f74a0e4c200aa590e3c6jpeg.jpg?w=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9f93115d5bf9a94f9e7778c421b22eb9f10efd821619544bcb6e2a75e6d4b6e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 139 443
last-modified: Thu, 22 Sep 2022 15:01:43 GMT
server: nginx
etag: "6458a664cd3b20fe"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 29532
expires: Fri, 22 Sep 2023 15:01:43 GMT

GET
H2 200 2022092203090-632c08df0e4c200aa5938f86jpeg.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 21 KB
21 KB 24ms
23ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/2022092203090-632c08df0e4c200aa5938f86jpeg.jpg?w=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f045290c6228f2ba7c08b856d68342569b6c22ef7f824c0738e18e0b5a204f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 144 443
last-modified: Thu, 22 Sep 2022 14:31:15 GMT
server: nginx
etag: "61d88e826321e909"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 21708
expires: Fri, 22 Sep 2023 14:31:15 GMT

GET
H2 200 20220921230936-632bd8d81c586f35eb9c496ajpeg.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 5 KB
5 KB 24ms
24ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/20220921230936-632bd8d81c586f35eb9c496ajpeg.jpg?w=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a9e595e2bfee423d0982b62afc76bc39f00ed0f807c44c7428c903ea39493dcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 140 443
last-modified: Thu, 22 Sep 2022 06:04:35 GMT
server: nginx
etag: "b85a189f288fd581"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5302
expires: Fri, 22 Sep 2023 06:04:35 GMT

GET
H2 200 20220922000924-632be4231c586f35eb9c4bf9jpeg.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 19 KB
19 KB 25ms
24ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/20220922000924-632be4231c586f35eb9c4bf9jpeg.jpg?w=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1dee3cf5211d106175a562cda1598b436250c37bae180215207eec3f183c47d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
x-rq: hhn1 109 83 443
last-modified: Thu, 22 Sep 2022 07:34:47 GMT
server: nginx
etag: "41d972d60a7ddffa"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19152
expires: Fri, 22 Sep 2023 07:34:47 GMT

GET
H2 200 obits Show response
www.brandonsun.com/wp-json/api/v1/widget-data/ 139 B
267 B 27ms
27ms XHR
application/json 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.brandonsun.com/wp-json/api/v1/widget-data/obits?_=1663862036065

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0cb5ce5347b4125baea247f68db921003243d39e82b44edd25740df0a33cc105

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.brandonsun.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: hit
vary: Accept-Encoding, Origin
content-length: 119
x-rq: hhn1 0 2 9980
server: nginx
allow: GET
content-type: application/json; charset=UTF-8
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex
link: <https://www.brandonsun.com/wp-json/>; rel="https://api.w.org/"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 93ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 15:53:59 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 76ms
73ms Script
application/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.brandonsun.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 15:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 61ms
58ms Script
application/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.brandonsun.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 15:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
12 KB 616ms
615ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=338640791035688&correlator=637140195822254&eid=31068501%2C31069762%2C31069793&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fif&iu_parts=3823844%2Cbrandonsun.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&adks=3141699680&sfv=1-0-38&fsapi=false&prev_scp=loc%3Dtop%26pos%3D1%26page%3Dindex%26ut%3Dnot-logged-in%26ck%3Dindex%2Cweather-sunny-with-cloudy-periods%2Cweather-cloudy-with-clear-breaks%2Cweather_30_hotter%26imp%3Dindex%26pr%3Dnews&eri=1&sc=1&cookie=ID%3D0ac9297ede690f41%3AT%3D1663862039%3AS%3DALNI_MYnv7woIp13kVi3mZ-LSb_rZWINwg&abxe=1&dt=1663862039641&lmt=1663862039&dlt=1663862035615&idt=970&adxs=973&adys=376&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.brandonsun.com%2F&frm=20&vis=1&psz=310x301&msz=310x136&fws=4&ohw=312&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=373764274.1663862036&ga_sid=1663862039&ga_hid=1562185543&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ea382b1f2269145da3f9033fcc39375731464a863f68ab3eb38c39567b24a1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12037
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.brandonsun.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 303 B
152 B 81ms
81ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=338640791035688&correlator=3416550061846128&eid=31068501%2C31069762%2C31069793&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fif&iu_parts=3823844%2Cbrandonsun.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=180x40&ifi=5&adks=2929382816&sfv=1-0-38&fsapi=false&prev_scp=loc%3DweatherBigBoxTile%26pos%3D2%26page%3Dindex%26ut%3Dnot-logged-in%26ck%3Dindex%2Cweather-sunny-with-cloudy-periods%2Cweather-cloudy-with-clear-breaks%2Cweather_30_hotter%26imp%3Dindex%26pr%3Dnews&eri=1&sc=1&cookie=ID%3D0ac9297ede690f41%3AT%3D1663862039%3AS%3DALNI_MYnv7woIp13kVi3mZ-LSb_rZWINwg&abxe=1&dt=1663862039647&lmt=1663862039&dlt=1663862035615&idt=970&adxs=1103&adys=644&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.brandonsun.com%2F&frm=20&vis=1&psz=310x115&msz=180x0&fws=132&ohw=312&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=373764274.1663862036&ga_sid=1663862039&ga_hid=1562185543&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de10edc05ad6a2f6df0ffd1687d74a0aac347306cdd269a16aea7f34a5703da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.brandonsun.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getprima.php
brandonsun-can.newsmemory.com/ 45 KB
45 KB 638ms
219ms Image
image/png 50.17.180.6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brandonsun-can.newsmemory.com/getprima.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.17.180.6 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: a7e247c8678afb014bffae5badf7a63e9ae61ae33562e558fdf042a18300af85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 15:54:00 GMT
Cache-Control: max-age=900,s-maxage=900
Expires: Thu, 22 Sep 2022 16:09:00 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK brandonsun-logo.svg
passages.brandonsun.com/images/ 7 KB
7 KB 894ms
143ms Image
image/svg+xml 205.200.191.105

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://passages.brandonsun.com/images/brandonsun-logo.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.200.191.105 -, , ASN (),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.3.25 /

Resource Hash

aeeca56c3fe0516248ed4a3ff1da8130ae3fd2d560cfa6ef967ef7404b56b2b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 15:54:00 GMT
Last-Modified: Tue, 06 Oct 2020 15:17:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.3.25
ETag: "1bd3-5b1021892ca33"
Strict-Transport-Security: max-age=63072000;
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7123
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 0179 43 B
469 B 83ms
29ms Image
image/gif 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.2&typ=pgv&rnd=l8d8hvlatvb8t5gr&sid=9222360305937373874&loc=https%3A%2F%2Fwww.brandonsun.com%2F&new=1&arf=0&ltm=1663862036018&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=l8d8hy0tcn3l9fnk&ckp=l8d8hvlaw8g1fris&glb=&cp_userState=anon&cp_subscription=not-logged-in&cp_ver=2.47&cp_testGroup=12&cp_loadDelay=3.1&cst=vn9zz9eur6wfd7r368dq8zj3
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:53:59 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 103 B
675 B 94ms
34ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22l8d8hvlaw8g1fris%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%22vn9zz9eur6wfd7r368dq8zj3%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%22vn9zz9eur6wfd7r368dq8zj3%22%7D%5D%2C%22siteId%22%3A%229222360305937373874%22%2C%22location%22%3A%22https%3A%2F%2Fwww.brandonsun.com%2F%22%7D&callback=cXJsonpCB5

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

c00bed27bf4f835da5bcc7f652b62820b95af4824a8ad38fc1c225b3e3c25fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 15:53:59 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 103
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 111 KB
41 KB 613ms
613ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=338640791035688&correlator=1182576444439390&eid=31068501%2C31069762%2C31069793&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fif&iu_parts=3823844%2Cbrandonsun.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&adks=3364577129&sfv=1-0-38&fsapi=false&prev_scp=loc%3Dspotlight%26pos%3D1%26page%3Dindex%26ut%3Dnot-logged-in%26ck%3Dindex%2Cweather-sunny-with-cloudy-periods%2Cweather-cloudy-with-clear-breaks%2Cweather_30_hotter%26imp%3Dindex%26pr%3Dnews&eri=1&sc=1&cookie=ID%3D0ac9297ede690f41%3AT%3D1663862039%3AS%3DALNI_MYnv7woIp13kVi3mZ-LSb_rZWINwg&abxe=1&dt=1663862039748&lmt=1663862039&dlt=1663862035615&idt=970&adxs=648&adys=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.brandonsun.com%2F&frm=20&vis=1&psz=304x73&msz=300x22&fws=4&ohw=306&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=373764274.1663862036&ga_sid=1663862039&ga_hid=1562185543&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52617444c58a5d06dd144bb56f2c2266193488f1081fe0cf72c0f06055d10f10

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKP42I7hqPoCFXHBuwgdcbkJCg&gqi=&layout=/sadbundle/%24csp%253Der3%24/16952947388415811233/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKP42I7hqPoCFXHBuwgdcbkJCg&gqi=&layout=/sadbundle/%24csp%253Der3%24/16952947388415811233/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41466
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 22 Sep 2022 15:54:00 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.brandonsun.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E5E4 13 KB
5 KB 64ms
20ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.brandonsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 15:50:46 GMT
expires: Fri, 22 Sep 2023 15:50:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 49AE 783 B
534 B 145ms
63ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

439aed5775b9090e90614a5b51d2e0cb2ca46757a3c9eb00bafb9aaa0ec073d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2Plwe5fs2WgdnmYBdZhAjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.brandonsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-2Plwe5fs2WgdnmYBdZhAjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 15:53:59 GMT
expires: Thu, 22 Sep 2022 15:53:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame E5E4 36 KB
16 KB 116ms
35ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 19:19:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 49AE 0
0 69ms
67ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092101&jk=338640791035688&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E5E4 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IJVa3A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:54:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012209072154000/ Frame 45B8 220 KB
61 KB 184ms
34ms Script
text/javascript 2a00:1450:400d:806::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 254704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61518
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b9e6b1d3ca7cc68d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 45B8 14 KB
5 KB 243ms
94ms Script
text/javascript 2a00:1450:400d:806::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 254704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dcaf3864e0ab6b08"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 45B8 94 KB
28 KB 246ms
97ms Script
text/javascript 2a00:1450:400d:806::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 254704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28888
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "95b4b320f7966d1a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 45B8 5 KB
2 KB 260ms
112ms Script
text/javascript 2a00:1450:400d:806::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 254704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1908
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5561dff7c028bd87"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 45B8 40 KB
13 KB 262ms
113ms Script
text/javascript 2a00:1450:400d:806::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 254704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12958
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00747b471d2f1a24"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
DATA 200
OK truncated
/ Frame 45B8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb01e9dc6d9de8d342ebe72c09a906c1f8c89fd3378b51475a2d53a8cc06d44a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 12092524433978151820
tpc.googlesyndication.com/simgad/ Frame 45B8 104 KB
104 KB 22ms
21ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12092524433978151820?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql9rdrXOkbKb1cz85bLoX_Ey57Jww

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d17d721d0132bb1ebd7a652d5f620c104bd93ddfa84fb91e9dbbf937808bdd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 22:29:54 GMT
x-content-type-options: nosniff
age: 494646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106661
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 17:00:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 22:29:54 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 45B8 2 KB
2 KB 29ms
23ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 21762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 23 Sep 2022 09:51:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 45B8 295 B
319 B 26ms
20ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 21762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 23 Sep 2022 09:51:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 45B8 0
0 64ms
58ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWqZ1WUzy84Qfps1lyd7J87dqNuq8rIx_RIqy3ZBUeekUTKkpF9NwE8xRoDxyZqqOJx-0X
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 45B8 0
0 71ms
65ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsZduF4UsY4LsE4qC7_UPtreIgATht_zDbJvk0rnHD9SEu_uaAhABIKGMtgNglcKhgrAHoAGF2pjZA8gBAqkCGEt7Q9STsD7gAgCoAwHIAwiqBJECT9D92oFPGzK7lzwAf-GmKN57d-hbiwBNyi8igahkA462BSvI6qnqFhIGpxmrSzgcqULFnQeAt8KOYCOQfLVe_91LGdf_bbajX57aMUn1CnePPRYzmXUrq0szUV4yzqsRVIsSKH3IV_X8QalMg8kR5Zp6I2EJq_yqaSJTkGIzdSddPe7VLL0SuApzUyoBwCsbn-jndlifacxVjfqJDi1psxd5BTf2tC5Mq8I0e4skLh71Xiz8FhveMpGSdrsyiTKtRI82zh-9f-32J6leChIPDC7dfCZTFnGekiBkf7ZzQaYfDfjc1ruhgNoYlGNDkUCtFZ_l-5IOGBUW6i3sLcKL7Uu-daYnUe7xOhjoB1T877cIwATX8f69-APgBAGSBQQIBBgBkgUECAUYBKAGAoAHsvKQKKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIXRKtIIEQiA4YBwEAEYHTIC6wI6AoBAgAoByAsB2BML0BUBgBcBshceChwIABIUcHViLTM2MTM5OTczMjM5MjAxNTEY7McM&sigh=geQiy8dDAR4&uach_m=[UACH]
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012209072154000/ Frame 1CB6 220 KB
60 KB 85ms
72ms Script
text/javascript 2a00:1450:400d:806::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 254704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61518
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b9e6b1d3ca7cc68d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 1CB6 14 KB
5 KB 126ms
40ms Script
text/javascript 2a00:1450:400d:806::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 254704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dcaf3864e0ab6b08"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 1CB6 94 KB
28 KB 121ms
35ms Script
text/javascript 2a00:1450:400d:806::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 254704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28888
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "95b4b320f7966d1a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 1CB6 5 KB
2 KB 124ms
38ms Script
text/javascript 2a00:1450:400d:806::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 254704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1908
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5561dff7c028bd87"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 1CB6 40 KB
13 KB 131ms
45ms Script
text/javascript 2a00:1450:400d:806::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 254704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12958
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00747b471d2f1a24"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1CB6 6 KB
672 B 96ms
34ms Stylesheet
text/css 2a00:1450:400e:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 15:00:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 22 Sep 2022 15:54:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Sep 2022 15:54:00 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1CB6 2 KB
2 KB 24ms
20ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 21762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 23 Sep 2022 09:51:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1CB6 295 B
319 B 24ms
20ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 21762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 23 Sep 2022 09:51:18 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1CB6 0
0 76ms
73ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeIKgF4UsY7qCKqis9u8PsISGyAiolpPJbPKtp8jIENnM_d8FEAEgoYy2A2CVwqGCsAegAfrz5NQDyAEJ4AIAqAMByAMKqgSaAk_QuQczQs-G5VTJeP4HcjIn00OTXD29J8yYxYB30lcMYLU1MdfXeUOblqsrm11Zbyiy7_oXlb8rwSzchqpM5gNB4f99sJBBljingtdeB4RYaFmhx2pekea_glM_Wqx9eewaxTfbvJtTs79wbwYksglTVRlIJ2dqz7GwUdVzvJo9i9cnhZS0rJLfFKXSH5F3-v7XQAdNaZUy6wi9zGqvjRZ6Em-bQjYn4oggfMkNV7h-TZSgpq8FRRNiExQj0m8kgspyCqOirWyL8RnbCv1L48N2yaqe_6BPd3_XwUgLtoNkiV-j4ps9l4WwhbU9GgMfbeiN8ygsVP_YJct9jsVIGVDXQ_LiqmneyIhf-uYjr-fpLX46ZtiUfN37ysAEzfqt-IcE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9TYj9wCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ0o8p0ggRCIDhgHAQARgdMgLrAjoCgECACgHICwG4E-QD2BMM0BUBgBcBshceChwIABIUcHViLTM2MTM5OTczMjM5MjAxNTEY7McM&sigh=B1pMXYoFb-I&uach_m=[UACH]&cid=CAQSOwCsnQUxZb1JYUDR9scwK54I1Hpyw9cETGhWVIWEqM3nf5xfWO3FKU3WBohEHhRd9UiMD2Z-MLtZ-aVuGAEgDg&template_id=484
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/9945519036505969286/ Frame 1CB6 46 KB
47 KB 27ms
23ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9945519036505969286/2076313506083323656

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d17223cfbb663e06c64fa507b85925a20f461bcd8745fb82a859e8e0f5398385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 08:26:39 GMT
x-content-type-options: nosniff
age: 286041
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47598
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 13:58:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 08:26:39 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6107337347684482019/ Frame 1CB6 812 B
839 B 25ms
22ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6107337347684482019/downsize_200k_v1?w=100&h=100

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

290167bb5b849a202e62e1c12f99b32d8bebf1aaaa59bba315b487901d9c0455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 01:05:11 GMT
x-content-type-options: nosniff
age: 571729
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 812
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 16:53:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 01:05:11 GMT

GET
DATA 200
OK truncated
/ Frame 1CB6 220 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80a36ea40cdfd5d20de7567ad33e27d205dcb0a4dbfe5cc2399ae6b9f4be9ee6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1CB6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 265653476ac02d4965dec2282caa695571ddc725721f3e66891f811f8c4d8abe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9683 6 KB
3 KB 71ms
24ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.brandonsun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 15:53:59 GMT
expires: Fri, 22 Sep 2023 15:53:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 45B8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

165ms
77ms

Image
text/html

2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: H2
Server: 2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

date: Thu, 22 Sep 2022 15:54:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1CB6 15 KB
16 KB 66ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.brandonsun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 256148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1CB6 15 KB
15 KB 64ms
23ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.brandonsun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 256455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 16:39:45 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/ Frame 674B 71 KB
18 KB 25ms
23ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/index.html

Requested by

Host: www.brandonsun.com
URL: https://www.brandonsun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9a4eef71e949cf7402ab13cfc0a4321226db7f9a6c5892ced1ab275e683ee5c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 4255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18020
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 14:43:05 GMT
expires: Fri, 22 Sep 2023 14:43:05 GMT
last-modified: Thu, 01 Sep 2022 18:49:37 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9683 0
0 69ms
69ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLl2fF4UsY-OQMPGC7_UP8fKmUI-O151s3cXszp8Q2cz93wUQASChjLYDYJXCoYKwB6AB6cWqnQLIAQmpAi4tEIZijrA-4AIAqAMByANIqgScAk_QSkcjWyuvqYjjmGCwdI5yfy7QZ-yUxKhb2yb3czvuTha4mu9Fz4T9B2YZPY1zwX8X9JYW9_ZzZLPy5Cm_wuo5bCpjOIZxB6ZzCvR2Yfjg9C9hxxPugBrKHu8UvDC82qLJQ5SPSSco5AV31oIxearf4_x3j5lnDfWLD3k_IEZVrZvP1baY51Wx_58rZAMDDBV3LHznmtJ8DUFaq2YidaWG7q4NhE1cMntTrhvqp9_Su34ShNjVmrt9dqpMbCKcni6727qjNQ9r7g7bgLiS4o4sBDx-K9YWA2HoEbiXhX0wAyqz3h7uN2jLQOe_5vmrqcTs6UVg5JE7A9h2Fwf9VIt-URxmtfEeBj9MipoTUvGbtH0Wh14BoPk2xWu2wASmysjdmgPgBAGSBQQIBBgBkgUECAUYBKAGLoAH_7nV4gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC7kTPSCBEIgOGAcBABGB0yAusCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi0zNjEzOTk3MzIzOTIwMTUxGOzHDA&sigh=Nkxlos-q6EA&uach_m=[UACH]&cid=CAQSOwCsnQUx9JrM6woPpkYWta9ycL9i3VIAI8a1XJHTEEuTyfknoc_CZd8_1zCidZV9YV84GH_KbmBhmSUwGAEgDg&template_id=419
Requested by: Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame 9683 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js

Requested by

Host: 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
URL: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9574
x-xss-protection: 0
server: cafe
etag: 3447265524526809024
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:25:45 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 674B 16 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 04:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 23 Sep 2022 04:14:04 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 674B 33 KB
13 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86453ecc16f6b785226ee9203819ea6bc46dc79171c51ed9605e3e2662281704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 09:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
server: cafe
etag: 10485928763175976200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 23 Sep 2022 09:36:20 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C719 143 B
476 B 40ms
33ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
URL: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1017
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 15:37:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 9683 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js

Requested by

Host: 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
URL: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:49:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 9683 17 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
URL: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7568
x-xss-protection: 0
server: cafe
etag: 16266204680973569043
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:50:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9683 0
0 57ms
56ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTeOKMhqKoo-_yxa310lKw-1gtM752gctpgVy6rHoiqE_2lyHWvPz9RzQtR8Cu8FODWRp7u
Requested by: Host: 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
URL: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9683 140 KB
44 KB 416ms
113ms Script
text/javascript 2a00:1450:400d:807::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
URL: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 15:54:01 GMT

GET
DATA 200
OK truncated
/ Frame 9683 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6878bbef7320d0a544fbcb3bf67254fe1102595c792eb8c9aa9396a3a0df6855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 674B 36 KB
16 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 19:19:56 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/ Frame 674B 2 KB
2 KB 26ms
25ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/logo.png

Requested by

Host: 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
URL: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d588405e095c8bfa835532d3e0f2f22b6b9c986dd72edaf3e424676fa6a1b239

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 592429
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2194
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 18:49:37 GMT
server: sffe
date: Thu, 15 Sep 2022 19:20:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Sep 2023 19:20:11 GMT

GET
H3 200 txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/ Frame 674B 17 KB
17 KB 23ms
22ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/txt1.png

Requested by

Host: 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
URL: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39f3c67218b87ce297531f261783054835b1e9ddbcef1c65fc0e94e5a704dd68

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 592429
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17359
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 18:49:37 GMT
server: sffe
date: Thu, 15 Sep 2022 19:20:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Sep 2023 19:20:11 GMT

GET
H3 200 txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/ Frame 674B 9 KB
9 KB 25ms
23ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/txt2.png

Requested by

Host: 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
URL: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b729fcbe3798334e3d1236d2dbfd7726b255065712f49585bd02ebc52c06722

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 592429
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9591
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 18:49:37 GMT
server: sffe
date: Thu, 15 Sep 2022 19:20:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Sep 2023 19:20:11 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/ Frame 674B 1 KB
1 KB 27ms
26ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/cta.png

Requested by

Host: 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
URL: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187972c91ff725ca24bd4935cdd1bd6efee081d8242352bb4f8a2993ed84b478

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 592429
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1150
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 18:49:37 GMT
server: sffe
date: Thu, 15 Sep 2022 19:20:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Sep 2023 19:20:11 GMT

GET
H3 200 img1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/ Frame 674B 29 KB
29 KB 27ms
26ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/img1.jpg

Requested by

Host: 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
URL: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b8a382c1d9d1a525424f571fceceb17372f7b0ad18863e80626f0cad9952a75

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 592429
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30011
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 18:49:37 GMT
server: sffe
date: Thu, 15 Sep 2022 19:20:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Sep 2023 19:20:11 GMT

GET
H3 200 img2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/ Frame 674B 28 KB
28 KB 29ms
28ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16952947388415811233/img2.jpg

Requested by

Host: 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
URL: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18abac1a98ee788df00d6df4aa08bf12262e9dc2986f503cf7fc2f3c63fbebdf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 592429
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28542
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 18:49:37 GMT
server: sffe
date: Thu, 15 Sep 2022 19:20:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Sep 2023 19:20:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 71ms
70ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092101&jk=338640791035688&bg=!qqmlqe3NAAZqQh0mSkI7ACkAdvg8WuJcpvg3PC0dNPg5MXrtRVT3RqpWn_u1osFuTpktgZXmSWD8MAIAAACbUgAAAANoAQcKAKbr4SzXvgHj9PPO_XMFUTKI-7o4Ndf6jcAPAI_TIcSCE_G_K9tv4NzHXEkgmi2eVDImaT_4zvR9l2Jx0ebRVfq_ILPfeR0q-iCEb5r3pLUiHwOwrcjWRfaY4wqgjEgTXh1qJ6WEtI5rgA712M-8oR8P_GbvR4GTUl9mlt7kQ3RUYQMMNh-ZXrpF4-0edJ8lok1CnlsXpHKJ3_Q8_AFmFSRYAVzLucwRmQKfNiXspc2vo1aB9SMfN3fbvqWrbOnqFvAUyvtygTcfxPJS7Miq0i2O5--SI5bhhQDeP6Fp9mOrw9-Y-_-BZQo6Uw3VzuHRrXrBNlyOzPIIS7GraBCyS5mHqt2AjpwHhyY4Vri-xI2Rm8L6uLuF7KOOYFD-gr125Dr689vwPrizz3s2eP0oan-JIeoCL7tKhySoigOogVjwhGw3ALHnAHuLp3P5hs4MpkBcGGPCrf_keFja9NhnSxV0-wWasFpAuew3HIROJ7XKcqgVKKrdoRc4H9swewjb-0Yrxain2IJxtf58bf6dKW4WL1ZNCIkkxIIc0zfU6bLEAVeZUK5bFMv7X19b2ZY8z1tTQss_mbrQppJRDpfHw9Yy-2bhlsq19w1EIyJdD8Woiei5KasCIkh4sYhED3nHkHrCw_1IL5CZLMRpg4RpawSk0F83ZG_eCuU583unLyq9HXAIKxqTf49ZSLTLbE8qJeOlyy7IriAN2ncRRQ_AEJxNfrXOP5Yi9nTgZ8q-piOEBxcRSCwQ_s4nhgqgaAByrHBmXYCVn0ya0KtSpQqeIEWtbfctdRIgIiMPVgy_Q34yJZggodEd1F6CbowbODG9xCEdf4FGeJDrhVxo8rf6WOrlorfT5mFsb1zAi4Pyp2_1tfNRbraqlg-h_MuOJ1fSzAyZSp6nVcINn40gWgwhOrOvm6_5qiwxpzPijspOnmMvXF52hSXK4o4aXZx9IA8yEUoya-CBLZ3Ug4pQnneXghov7xg-0DJ8Ji07gyDfL0nq9dFAJauxhmohd1qipgIs-fmYY2imCIarYHaGGGOwEM1zJqB5FQoUNjx3-P9jQ3XKgS4FIZpE44CZXxa7OqflDQ4JMLYk90CmWIyZsxlxev5UaP8xRsJm1EY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C719
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

157ms
85ms

Document
text/html

2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
URL: https://061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 15:54:01 GMT
expires: Thu, 22 Sep 2022 15:54:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 15:54:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 45B8 42 B
64 B 70ms
70ms Image
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbwNZA3VHrBvc11vnSTtP7Vh8iXcwzz2LD4VXZnnED5LpMOniSbru1hbppsjIDNwJKwmg7SCDm_SRjYdCHGaLne3Y4z8kLypgTuTxG2-kducYIXzTNankDBIVEkuKL2Fgcbeamcw&sai=AMfl-YRFzZnJhkaHvphyypXhoTqXhVLI6UmkARdARcjQ6b83IWxmF4faecRJ41i1Lk96j3NRUqbv4L3s5oMjRlUphnHSdX1ZFgU5TC2TpwHR4ovqgleniDdvwRIEuIVg&sig=Cg0ArKJSzM92au9FM5OhEAE&cid=CAASUORoev5L9BcvprYEu6T4qPi_7S4EhrOoKiJHPRHz2ApjnmsG2JtxUDDcQ6XDi0voSwKKL7SxHk7rogXhDdDeSKtUtNN26o34p2A0THir6C29&id=ampim&o=316,143&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=413&tls=1414&g=100&h=100&tt=1414&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 15:54:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1CB6 42 B
64 B 71ms
70ms Image
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaEdBq79uzMEOCMPEok-VcJWA7XdPgot5rkl7SLGPrQvU9Bq3Ytcz7XkMBnG0K4YqH0UNkFh89ThdlyNvdR-mxFv8RUbPy2djpC_8gNdLVizO90HX0Pq6SnJBBwLwKsLyK89n7rA&sai=AMfl-YSC3M11MZjbXHKkDmqvW0HBCvhXUnfERYZeMaxxdp0GWWsiKTYAytIaTzhoCciGBAt9o1s4h5k0gItEES2FbZj5wWTkTzpV03zqExfXOvgURP5bYjpTm9anilo&sig=Cg0ArKJSzMzstV_x-cZXEAE&cid=CAQSOwCsnQUxZb1JYUDR9scwK54I1Hpyw9cETGhWVIWEqM3nf5xfWO3FKU3WBohEHhRd9UiMD2Z-MLtZ-aVuGAEgDg&id=ampim&o=978,501&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=293&tls=1293&g=100&h=100&tt=1293&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.brandonsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 15:54:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

245 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.brandonsun.com/	1970-01-20 15:47:02	Name: _pprv Value: %7B%22consent%22%3A%7B%220%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%221%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%222%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%223%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%224%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%225%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%226%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%227%22%3A%7B%22mode%22%3A%22opt-in%22%7D%7D%7D
.brandonsun.com/	1970-01-20 08:20:38	Name: _gcl_au Value: 1.1.588398652.1663862036
.brandonsun.com/	1970-01-20 06:12:28	Name: _gid Value: GA1.2.1087379273.1663862036
.brandonsun.com/	1970-01-20 06:11:02	Name: _gat_UA-126530131-1 Value: 1
.brandonsun.com/	1970-01-20 08:20:38	Name: _fbp Value: fb.1.1663862036833.1380588991
.marchex.io/	1970-01-20 14:56:38	Name: uid Value: b7e9a576.5e94611ac27d2
.linkedin.com/	1970-01-20 06:54:14	Name: UserMatchHistory Value: AQIocK9oMJCRPwAAAYNl59q38pFtlSGi9v4pJB7SGXo_I_0JROKX3ADyVcdVhVKr2YUIFeS37thtYw
.linkedin.com/	1970-01-20 06:54:14	Name: AnalyticsSyncHistory Value: AQK69lk9NeUYRQAAAYNl59q34lsKttkL2WVgEV2z1BECYQOSbb_1UVxCiEaEs4_nsvve3z_Dir6Byfuq68-hGA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:56:38	Name: bcookie Value: "v=2&4a56a9ad-ef15-4b9e-829e-22319d7cf275"
.linkedin.com/	1970-01-20 06:12:28	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2391:u=1:x=1:i=1663862037:t=1663948437:v=2:sig=AQERP3mgDtxbcqmsi2dyttSCqX05p9w_"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:56:38	Name: bscookie Value: "v=1&20220922155357a7fa226d-c838-4e2c-895a-5bb6916b78e8AQFmHgvQMrlcVlNe_2A7xCRygtHaIHts"
.linkedin.com/	1970-01-20 10:30:14	Name: li_gc Value: MTswOzE2NjM4NjIwMzc7MjswMjGIwxMp4cqmTM4DFb1X2mCq+SUigt6PitmI7CvdB0KWQA==
www.brandonsun.com/	1969-12-31 23:59:59	Name: fingerprint_hash Value: 15df4a113093b93b4ce7bd7af6f22f87
account.brandonsun.com/	1970-01-20 06:11:09	Name: fpnewsplatform_session Value: 4g0NaZmQV7xD3nvUE2CQsXrNkzF7dCi0W0hLc0uu
.brandonsun.com/	1970-01-20 15:47:02	Name: _pcid Value: %7B%22browserId%22%3A%22l8d8hvlaw8g1fris%22%7D
.brandonsun.com/	1970-01-20 14:56:38	Name: cX_P Value: l8d8hvlaw8g1fris
.brandonsun.com/	1970-01-20 06:11:02	Name: _gat_gtag_UA_11192669_2 Value: 1
.brandonsun.com/	1970-01-20 15:47:02	Name: _ga_GM37S7T1YK Value: GS1.1.1663862039.1.0.1663862039.0.0.0
.brandonsun.com/	1970-01-20 15:47:02	Name: _ga Value: GA1.1.373764274.1663862036
.brandonsun.com/	1970-01-20 15:47:02	Name: _pctx Value: %7Bu%7DN4IgDghg5gpgagSxgdwJIBMQC4QBsAc6%2BAFgG64QAupARvpQKxQBOIANCAK4DOMz32AHadcuDjz4BlSlR7YQEQQHtB7ENwSUYGeQE4ATIYDMANgAMRsw11GA7HaP5bAFhABfIA
.brandonsun.com/	1969-12-31 23:59:59	Name: cX_S Value: l8d8hy0tcn3l9fnk
.cxense.com/	1970-01-20 14:56:38	Name: gckp Value: dixn0e41jhcn1kgqkgxfd3827
.brandonsun.com/	1970-01-20 14:56:38	Name: cX_G Value: cx%3A1ge11ruxr8g1020iis114wmokp%3A3qvkcqgmud3rp
.doubleclick.net/	1970-01-20 15:32:38	Name: IDE Value: AHWqTUl0GNKuNZRgVCbGF5s7C3vsTs01kSIeVzUfDY8CWaks-qsI9Xsne2Prck6J62Y
.brandonsun.com/	1970-01-20 15:32:38	Name: __gads Value: ID=db20f223e5a83199:T=1663862039:S=ALNI_MYergkHUDa8oZ_fkJ4RCAh2rpB6qA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

061c6b7c2957e5ff02aa9b977dcc60b0.safeframe.googlesyndication.com
10441863.fls.doubleclick.net
account.brandonsun.com
adservice.google.com
adservice.google.de
api.cxense.com
apis.google.com
brandonsun-can.newsmemory.com
cdn.ampproject.org
cdn.cxense.com
comcluster.cxense.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.cxense.com
news.google.com
p1cluster.cxense.com
pagead2.googlesyndication.com
passages.brandonsun.com
px.ads.linkedin.com
px.marchex.io
px4.ads.linkedin.com
region1.google-analytics.com
rw1.marchex.io
scdn.cxense.com
securepubads.g.doubleclick.net
snap.licdn.com
stats.g.doubleclick.net
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
winnipeg-free-press-snowplow-collector.localnewslab.io
www.brandonsun.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
13.107.42.14
142.250.180.230
147.75.83.64
147.75.85.120
174.137.122.128
18.204.108.195
2001:4860:4802:34::36
205.200.191.105
205.200.191.140
2620:1ec:21::14
2a00:1450:4001:802::200e
2a00:1450:4001:806::2001
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2008
2a00:1450:4001:812::200e
2a00:1450:4001:831::2003
2a00:1450:400d:804::2002
2a00:1450:400d:805::2002
2a00:1450:400d:806::2001
2a00:1450:400d:806::200a
2a00:1450:400d:807::2002
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::2003
2a00:1450:400d:80d::2004
2a00:1450:400d:80e::200e
2a00:1450:400e:802::200a
2a00:1450:4025:402::9b
2a02:26f0:10e:380::268b
2a02:26f0:3500:16::215:149b
2a02:26f0:3500:893::268b
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f12d:83:face:b00c:0:25de
2a04:fa87:fffd::c000:4221
50.17.180.6
54.89.81.207
032152e99df08b015acce6e4ff26b2154e7bfa72b84d8aae36ba4a5b354986a5
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
09af6caefeb671f4527e8bf54659bb482eea031fe6899bafc12f149bb14155d0
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
0cb5ce5347b4125baea247f68db921003243d39e82b44edd25740df0a33cc105
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
0f045290c6228f2ba7c08b856d68342569b6c22ef7f824c0738e18e0b5a204f7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13689523a09825f3186a135d2234306e7a5e1a294b176745b3c9c8417b59a73b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
187972c91ff725ca24bd4935cdd1bd6efee081d8242352bb4f8a2993ed84b478
18abac1a98ee788df00d6df4aa08bf12262e9dc2986f503cf7fc2f3c63fbebdf
19262038e4822652211892db8897ccb20a77e5c5d6eea854f501f3a3e6510658
1cab116ba8f2f04044075c6d490ced9a83758dc3fb6e629e28de2df8485900e4
1d6e0a2d755b97ec66b97b670029b22e47dded9bf49ed1c5e7534d72829cff65
1dee3cf5211d106175a562cda1598b436250c37bae180215207eec3f183c47d8
20abfd9e225d23fa624f890804071ee22c168bef6b7be9a8c573b95aeabf0930
24149e300ec2e8b28fe2367203e7fcf8a8e5e8cbb31306f4028e9996d0347171
2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db
265653476ac02d4965dec2282caa695571ddc725721f3e66891f811f8c4d8abe
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
284343aec658afd1294bd247af0446dd8fe2f16e09e8658df8594517e81ff01a
290167bb5b849a202e62e1c12f99b32d8bebf1aaaa59bba315b487901d9c0455
29a5c2097f99c6f83d0a6eb315a968fd08a277eae13ec278cc9e23842c18c887
2a6206da89e988ebe74c2bfe239bfa4df4ca1923d4aa4bca3ea12c79381820be
2ec58488f1f40376e8df7a5bdf4513f958520f98ede4164579c8efde5f805112
3076520925d63c7f1f184c88ad47d810199b2f5193f3e376d30f97de558732ec
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37cf7be1a4b89aca4d24d454ba3afd1645bac6c0cbae5cafb4b6f3c77d46e9b0
39f3c67218b87ce297531f261783054835b1e9ddbcef1c65fc0e94e5a704dd68
427bd164f1d180c21db4306335580eccaf230b1a43de384806c1679b3ce5f45a
439aed5775b9090e90614a5b51d2e0cb2ca46757a3c9eb00bafb9aaa0ec073d2
44af7f9eeb2ed35dff44441284f7b6384df3bc8b9da4c965c83f6eb25efdb502
4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2
4b8a382c1d9d1a525424f571fceceb17372f7b0ad18863e80626f0cad9952a75
4b986f57e570c3dd6d9592e8acc2d01da4f29b4e741633f51bfe576413443c74
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea382b1f2269145da3f9033fcc39375731464a863f68ab3eb38c39567b24a1f
52617444c58a5d06dd144bb56f2c2266193488f1081fe0cf72c0f06055d10f10
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560c836d7a468b5a03d13f71367dca6889af2e39a50acb730702e166e3f4add3
56e9800723b5c2fb95866eb7993606d4d44df9484c39f2ce874d414a5e2ed8a8
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5db403fc7efefd78b0e8f6eafa8961114f4bd161a200c5242b44f98adb768fda
5ef28f858db88cc8f297ae07038c10cc3544b07bf4973563537a9b327667571a
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
677e13931343c9c296edbe034e6ce78a815ebfd4de447675838f2b833efb69ca
6878bbef7320d0a544fbcb3bf67254fe1102595c792eb8c9aa9396a3a0df6855
68ae355fc417b8d724185157351eead6ccb59c52910329a07bf4ba0c5502f1fa
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
6b729fcbe3798334e3d1236d2dbfd7726b255065712f49585bd02ebc52c06722
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d2cfcfb36926883c4ff291aa2b34fe7a75af4af506a82060b3f627cb1d4e694
7761301af9d3858f4e0b3036539b390a92754acc4b09f4ff8d52f43f5bb1802a
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fec54d4695af54a1bf77f1d2fc74c48bc31c78950d74115d839b42073340645
805767f2d75126098559944a5da371c704f3547938324341892e671a5e5952af
80a36ea40cdfd5d20de7567ad33e27d205dcb0a4dbfe5cc2399ae6b9f4be9ee6
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86453ecc16f6b785226ee9203819ea6bc46dc79171c51ed9605e3e2662281704
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8789ae314dfc6c71321276a2623e08d231e60fee4c3bc7ff58e7c790060d65ee
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b82448e5551693ea90c222fc2eb8df69f5cbb2f03e75587d1f206e3b35adc03
8bb8831c6581beb8c1f67f5228ff7db343c0cfa95493cc982d875d0ce0b2779c
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
909a3299e6fefc722df555e8729ecc1db6f40957b9add95e260743f53f6b1f0e
949bd1510e0b754e029d90ee7808b58c30229e331e61f1af046f848c6c24047c
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9f93115d5bf9a94f9e7778c421b22eb9f10efd821619544bcb6e2a75e6d4b6e3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a760a48f78d2aba788df01bac73d8e08cdb471b2cefbb3ed4f4173bdbe02a159
a7e247c8678afb014bffae5badf7a63e9ae61ae33562e558fdf042a18300af85
a9934b98dff0f90f68a3d07944cd938528ea277225fee38fd63db1db3dae5dd2
a9e595e2bfee423d0982b62afc76bc39f00ed0f807c44c7428c903ea39493dcb
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
ab7227f2ae21f2daf452863dfa171d2f5c902bf6f12deecd773ef6cb6e06d710
aeeca56c3fe0516248ed4a3ff1da8130ae3fd2d560cfa6ef967ef7404b56b2b8
b4780fa361d2e9770f718d7aa293679c4eac0ac675561b92a6ee1a035c2bef86
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b607820ac27acb9517adee329d8ac90d0a16bd29d11d807474a5c20d6f7811ac
ba8e79dbb6ab04727ee364e8cd503159011a2d5bbc4c0877d8c8e2364d94b29c
bb01e9dc6d9de8d342ebe72c09a906c1f8c89fd3378b51475a2d53a8cc06d44a
bbbf5262ab29470f60bf006242a25f578e6afa022bee7321e121869a5e9538a5
bd1192ac22f0d7b92241886d5df9d104c8e9483b1cb94cf6cdf3d5511d93bf3f
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
c00bed27bf4f835da5bcc7f652b62820b95af4824a8ad38fc1c225b3e3c25fc4
c1895630dd470cf7cec36822c5d6367191d530ee9979fc72f0bb96a79da4122c
c6fedaf1a942de578d924c177b5db3c9c1d67092d92435402ab5b059b7c75a9b
c83cb23419566ea076a477b55a25aaf9f32e028a94868fd6e50a7e261b778af0
ca11b298f778bc9674f60d265c6b71dfcc42723d64cef1ecb6c7056c3088c6e6
ced8d11334b82ec805e91f4b7b0fed7e5df30a40ef9c9aff2341803309b1e09e
ceeb477542ab15a768699d54a2e503f165a8ddd439bebb1748d09c8b8b0f509e
d17223cfbb663e06c64fa507b85925a20f461bcd8745fb82a859e8e0f5398385
d17d721d0132bb1ebd7a652d5f620c104bd93ddfa84fb91e9dbbf937808bdd1f
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
d588405e095c8bfa835532d3e0f2f22b6b9c986dd72edaf3e424676fa6a1b239
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
de10edc05ad6a2f6df0ffd1687d74a0aac347306cdd269a16aea7f34a5703da7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51c34133d034c6e711296d7f94369af2dbf385978319a0b95fe96cd8d281fa6
e6fbc53f83779ce2b45751df2c0a299f14ac5dfe0d1407a85ec1404c0bd3de7f
e9a4eef71e949cf7402ab13cfc0a4321226db7f9a6c5892ced1ab275e683ee5c
eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f684d375467f4aed2c439eacdb1267f58db9b264562e26a21baa9840ccd331f9
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f983200278f88b03d335641f3f6cf7559de7f7610154a970a6e126ccfac8004c
fba2e28dab7e9f0135909704885960e762725fa8e62af67e4fdd2929fb1e91a0

www.brandonsun.com Open in urlscan Pro 2a04:fa87:fffd::c000:4221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

156 Requests

99 %HTTPS

74 %IPv6

19 Domains

42 Subdomains

40 IPs

6 Countries

3238 kBTransfer

7098 kBSize

27 Cookies

33 Outgoing links

Page URL History

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.brandonsun.com Open in urlscan Pro
2a04:fa87:fffd::c000:4221 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

99 %
HTTPS

74 %
IPv6

19
Domains

42
Subdomains

40
IPs

6
Countries

3238 kB
Transfer

7098 kB
Size

27
Cookies

156 HTTP transactions
5 data transactions