urlscan.io logo urlscan.io
SecurityTrails logo

www.brandonsun.com Open in urlscan Pro
2a04:fa87:fffd::c000:4221  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.brandonsun.com/
Effective URL: https://www.brandonsun.com/
Submission: On October 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 38 IPs in 6 countries across 19 domains to perform 141 HTTP transactions. The main IP is 2a04:fa87:fffd::c000:4221, located in Ireland and belongs to AUTOMATTIC, US. The main domain is www.brandonsun.com. The Cisco Umbrella rank of the primary domain is 814183.
TLS certificate: Issued by R3 on September 27th 2022. Valid for: 3 months.
This is the only time www.brandonsun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 26 2a04:fa87:fff... 2635 (AUTOMATTIC)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 172.217.19.98 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.186.166 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2a03:2880:f02... 32934 (FACEBOOK)
2 174.137.122.128 40495 (ASN-MARCHEX)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.0.163.197 14618 (AMAZON-AES)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f12... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.89.81.207 14618 (AMAZON-AES)
1 205.200.191.140 7122 (MTS-ASN)
3 147.75.85.120 54825 (PACKET)
1 2001:4860:480... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
3 147.75.83.64 54825 (PACKET)
13 2a00:1450:400... 15169 (GOOGLE)
1 50.17.180.6 14618 (AMAZON-AES)
1 205.200.191.105 7122 (MTS-ASN)
1 2a00:1450:400... 15169 (GOOGLE)
141 38
26    2a04:fa87:fffd::c000:4221 (Ireland)

ASN2635 (AUTOMATTIC, US)
www.brandonsun.com
3    2a00:1450:400c:c00::5f (Brussels, Belgium)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a02:26f0:3500:893::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
4    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
translate.google.com
13    172.217.19.98 (United States)

ASN15169 (GOOGLE, US)
PTR: muc03s07-in-f98.1e100.net
securepubads.g.doubleclick.net
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
1    2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a02:26f0:3500:898::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
scdn.cxense.com
7    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
10441863.fls.doubleclick.net
1    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
4    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    174.137.122.128 (United States)

ASN40495 (ASN-MARCHEX, US)
rw1.marchex.io
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    52.0.163.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-163-197.compute-1.amazonaws.com
winnipeg-free-press-snowplow-collector.localnewslab.io
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
2    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    54.89.81.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-81-207.compute-1.amazonaws.com
px.marchex.io
1    205.200.191.140 (Winnipeg, Canada)

ASN7122 (MTS-ASN, CA)
PTR: 205-200-200-191-140.static.bellmts.net
account.brandonsun.com
3    147.75.85.120 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
api.cxense.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
9    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
pagead2.googlesyndication.com
11    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e0d604d579bb356fbec217be92d4c6c3.safeframe.googlesyndication.com
cdn.ampproject.org
3    147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
13    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    50.17.180.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-180-6.compute-1.amazonaws.com
brandonsun-can.newsmemory.com
1    205.200.191.105 (Winnipeg, Canada)

ASN7122 (MTS-ASN, CA)
PTR: wfpmail.com
passages.brandonsun.com
1    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
Apex Domain
Subdomains		 Transfer
28 brandonsun.com
www.brandonsun.com — Cisco Umbrella Rank: 814183
account.brandonsun.com
passages.brandonsun.com
1 MB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
e0d604d579bb356fbec217be92d4c6c3.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
339 KB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
10441863.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
193 KB
14 google.com
translate.google.com — Cisco Umbrella Rank: 1199
news.google.com — Cisco Umbrella Rank: 5478
apis.google.com — Cisco Umbrella Rank: 109
adservice.google.com — Cisco Umbrella Rank: 76
www.google.com — Cisco Umbrella Rank: 2
120 KB
11 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5054
scdn.cxense.com — Cisco Umbrella Rank: 11629
api.cxense.com — Cisco Umbrella Rank: 7820
p1cluster.cxense.com — Cisco Umbrella Rank: 7717
comcluster.cxense.com — Cisco Umbrella Rank: 5514
id.cxense.com — Cisco Umbrella Rank: 10944
104 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 382
218 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
140 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 6301
adservice.google.de — Cisco Umbrella Rank: 8962
2 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
translate.googleapis.com — Cisco Umbrella Rank: 833
99 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
284 B
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
198 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
region1.google-analytics.com — Cisco Umbrella Rank: 2852
20 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
247 KB
3 marchex.io
rw1.marchex.io — Cisco Umbrella Rank: 29212
px.marchex.io — Cisco Umbrella Rank: 16113
10 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 365
www.linkedin.com — Cisco Umbrella Rank: 625
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 191
44 KB
1 newsmemory.com
brandonsun-can.newsmemory.com
46 KB
1 localnewslab.io
winnipeg-free-press-snowplow-collector.localnewslab.io
312 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 758
3 KB
141 19
Domain Requested by
26 www.brandonsun.com 1 redirects www.brandonsun.com
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.brandonsun.com
cdn.ampproject.org
13 securepubads.g.doubleclick.net www.brandonsun.com
securepubads.g.doubleclick.net
www.googletagservices.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
7 fonts.gstatic.com fonts.googleapis.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 www.google.com www.brandonsun.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
4 adservice.google.de adservice.google.com
securepubads.g.doubleclick.net
4 www.facebook.com www.brandonsun.com
4 adservice.google.com 10441863.fls.doubleclick.net
securepubads.g.doubleclick.net
4 connect.facebook.net www.brandonsun.com
connect.facebook.net
4 www.googletagmanager.com www.brandonsun.com
www.googletagmanager.com
3 api.cxense.com cdn.cxense.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 news.google.com www.brandonsun.com
news.google.com
3 cdn.cxense.com www.brandonsun.com
cdn.cxense.com
3 fonts.googleapis.com www.brandonsun.com
securepubads.g.doubleclick.net
2 stats.g.doubleclick.net www.google-analytics.com
2 www.gstatic.com www.brandonsun.com
translate.googleapis.com
2 rw1.marchex.io www.googletagmanager.com
rw1.marchex.io
2 10441863.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 scdn.cxense.com www.brandonsun.com
2 translate.googleapis.com www.brandonsun.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 passages.brandonsun.com
1 brandonsun-can.newsmemory.com
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 p1cluster.cxense.com cdn.cxense.com
1 e0d604d579bb356fbec217be92d4c6c3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 account.brandonsun.com www.brandonsun.com
1 px.marchex.io www.brandonsun.com
1 www.google.de www.brandonsun.com
1 www.linkedin.com www.brandonsun.com
1 px.ads.linkedin.com 1 redirects
1 winnipeg-free-press-snowplow-collector.localnewslab.io www.brandonsun.com
1 snap.licdn.com www.googletagmanager.com
1 apis.google.com www.brandonsun.com
1 translate.google.com www.brandonsun.com
141 40
Subject Issuer Validity Valid
brandonsun.com
R3		 2022-09-27 -
2022-12-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-17 -
2023-04-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.news.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-12 -
2022-10-10		 3 months crt.sh
*.marchex.io
GeoTrust RSA CA 2018		 2022-06-21 -
2023-06-21		 a year crt.sh
*.localnewslab.io
Amazon		 2022-08-17 -
2023-09-13		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
winnipegfreepress.com
GeoTrust RSA CA 2018		 2022-06-02 -
2023-07-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.newsmemory.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-31		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://www.brandonsun.com/
Frame ID: E5C5FD2495ACB438342BD53E687071DA
Requests: 92 HTTP requests in this frame

Frame: https://10441863.fls.doubleclick.net/activityi;dc_pre=CMGIwd-jwvoCFeiFUAYdo_4G8A;src=10441863;type=traff0;cat=lokno00;ord=9796204102763;gtm=2wg9s0;auiddc=1176810201.1664738919;~oref=https%3A%2F%2Fwww.brandonsun.com%2F
Frame ID: 115B574A1E29CE3667BE92E87B889FE6
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 9044F599BE7BACC78D69EA4D95BDB16C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMGIwd-jwvoCFeiFUAYdo_4G8A;src=10441863;type=traff0;cat=lokno00;ord=9796204102763;gtm=2wg9s0;auiddc=1176810201.1664738919;~oref=https%3A%2F%2Fwww.brandonsun.com%2F
Frame ID: 53084BC0B6BE64CCFAF23DC0456C46A8
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMGIwd-jwvoCFeiFUAYdo_4G8A;src=10441863;type=traff0;cat=lokno00;ord=9796204102763;gtm=2wg9s0;auiddc=1176810201.1664738919;~oref=https%3A%2F%2Fwww.brandonsun.com%2F
Frame ID: 3020D1C7D86B7F7F85C8E0D55A3FDFCF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 387C0720F7A1818A67F7DC7098EA17DD
Requests: 4 HTTP requests in this frame

Frame: https://e0d604d579bb356fbec217be92d4c6c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5BB5085B761E71E9852433F45EBECA78
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8D58337BA200C613FA93EB5614430AD5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B3AD686FB42841E87B48FC66EBF779D6
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQy2LXZe1LLixAt2_95aFZcW6-_C6iwQrb4FztKG8PUp7MakXbLHBKaP0mOR08mbsLl-ehXshFt6Eg5kgR7b7oAcfn7ohvLtLYrsilRtsSfFNWEBBfbULZSRAcLr4bXTxAXB47C89978ZJDCw80IMd6GvgFmYsvpKkQ5LGU4WleaoztU10tEz311J-eSlJSxcB4n8p-y1ZZkVsACX8iD_A4vjlPKiY7B57e4sziF4kqPBPS8c5YBe6Wjyqx-9X2MltD9D0Rd4o0GHhKuurKv1VS-lQEtC34Kk0C4TGSJ8iFn6I5sc81187bPF0O_uEAHhxuA9ocLDd&sai=AMfl-YSztuRw-VFmw6n-Ga3ISSkA_ter3bBMLnFpt0RCG6KNlYWph3yZ6QeRQF-eG00Zt_tilDu45qWqOT7vNEhgxxxe9HtTcevF6YR4veVhmsWyHhS3rLCrjAurePKcr9UaFg&sig=Cg0ArKJSzAQVIcRn4boQEAE&uach_m=[UACH]&adurl=
Frame ID: 26696590090710216DE30F512A37EDCE
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: E3FC49C35DFCB1EC79DAD3482B54F78D
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: 5B343DE4D435330796C0B75351A93814
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Brandon Sun – Breaking News, Sports, Manitoba, Canada

Page URL History Show full URLs

  1. http://www.brandonsun.com/ HTTP 301
    https://www.brandonsun.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

141
Requests

99 %
HTTPS

72 %
IPv6

19
Domains

40
Subdomains

38
IPs

6
Countries

2996 kB
Transfer

6693 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.brandonsun.com/ HTTP 301
    https://www.brandonsun.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://10441863.fls.doubleclick.net/activityi;src=10441863;type=traff0;cat=lokno00;ord=9796204102763;gtm=2wg9s0;auiddc=1176810201.1664738919;~oref=https%3A%2F%2Fwww.brandonsun.com%2F HTTP 302
  • https://10441863.fls.doubleclick.net/activityi;dc_pre=CMGIwd-jwvoCFeiFUAYdo_4G8A;src=10441863;type=traff0;cat=lokno00;ord=9796204102763;gtm=2wg9s0;auiddc=1176810201.1664738919;~oref=https%3A%2F%2Fwww.brandonsun.com%2F
Request Chain 39
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3300905&time=1664738919502&url=https%3A%2F%2Fwww.brandonsun.com%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3300905%26time%3D1664738919502%26url%3Dhttps%253A%252F%252Fwww.brandonsun.com%252F%26liSync%3Dtrue

141 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.brandonsun.com/
Redirect Chain
  • http://www.brandonsun.com/
  • https://www.brandonsun.com/
121 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
a19954e5507393b097153ba24bc08dc14f87e162bd49e513b274834bb303c333

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
117
cache-control
max-age=300, must-revalidate
content-encoding
gzip
content-length
25448
content-type
text/html; charset=UTF-8
date
Sun, 02 Oct 2022 19:28:39 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.brandonsun.com/wp-json/>; rel="https://api.w.org/"
server
nginx
vary
Accept-Encoding
x-cache
hit
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn1 0 2 9980
x-tec-api-origin
https://www.brandonsun.com
x-tec-api-root
https://www.brandonsun.com/wp-json/tribe/events/v1/
x-tec-api-version
v1

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sun, 02 Oct 2022 19:28:38 GMT
Location
https://www.brandonsun.com/
Server
nginx
css2
fonts.googleapis.com/ 		29 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::5f Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
677e13931343c9c296edbe034e6ce78a815ebfd4de447675838f2b833efb69ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 02 Oct 2022 19:28:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 19:28:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Oct 2022 19:28:39 GMT
cx.js
cdn.cxense.com/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:893::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3a28b1e29b466e8ef53e57501216eb49261ecce111802b5c013f196ab375f070

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sun, 02 Oct 2022 19:28:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Sep 2022 07:23:15 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30723
Expires
Sun, 02 Oct 2022 20:28:39 GMT
gtm.js
www.googletagmanager.com/ 		294 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TK48WJ9
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
badb84c0c8a26ae7179972a38959e05aa253b2b99d4c4a471613b51f9a3fd065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90933
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 02 Oct 2022 19:28:39 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 18:56:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 23:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 02 Oct 2022 19:56:39 GMT
element.js
translate.google.com/translate_a/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
49129d59dbc6ec81a58312ca9c74d0eb6d570112f6b0f537deb2a7af15c6a44e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 19:28:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
sffe /
Resource Hash
9e35fbfca7388f673e3f46af9cda30b71a9017a97537b07bc98a54fb52163207
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27692
x-xss-protection
0
server
sffe
etag
"1352 / 550 of 1000 / last-modified: 1664575578"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Oct 2022 19:28:39 GMT
swg.js
news.google.com/swg/js/v1/ 		147 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
820b1489c126d422feaf97b9459cb2171fa52e3044658168157046740dd637b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46349
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:57:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sun, 02 Oct 2022 20:07:55 GMT
swg-gaa.js
news.google.com/swg/js/v1/ 		71 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-gaa.js
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a794e7a0db0af3ee88785c3961565fd1dd939b2b82e63d0b9d0b12c5136338a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:07:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18227
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 19:57:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sun, 02 Oct 2022 19:57:42 GMT
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 02 Oct 2022 19:28:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"95a07626e083cec6"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Oct 2022 19:28:39 GMT
cx.cce.js
scdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scdn.cxense.com/cx.cce.js
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:898::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sun, 02 Oct 2022 19:28:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 19:29:56 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5964
Expires
Sun, 02 Oct 2022 20:28:39 GMT
cx.js
scdn.cxense.com/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scdn.cxense.com/cx.js
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:898::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3a28b1e29b466e8ef53e57501216eb49261ecce111802b5c013f196ab375f070

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sun, 02 Oct 2022 19:28:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Sep 2022 07:23:15 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30723
Expires
Sun, 02 Oct 2022 20:28:39 GMT
style.min.css
www.brandonsun.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.brandonsun.com/wp-includes/css/dist/block-library/style.min.css?m=1663868862g
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:39 GMT
x-rq
hhn1 0 2 9980
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 17:47:42 GMT
server
nginx
age
868195
etag
W/"632c9fbe-15b64"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11683
expires
Mon, 02 Oct 2023 19:28:39 GMT
/
www.brandonsun.com/_static/ 		188 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.brandonsun.com/_static/??-eJydkMsKwkAMRX/ITCj25UL8lk6btiPzoslY/XuHiiCiC13lktwcboJrhD54IS8YbZqMZ7RmmkWHK8Q5SODVRMKOmYQxcoksN0uMA41dsqJ65h2+UHprcgGX4Mkbl200ZLDGMetuJQ6O4FKpolKlcsb/itlSLaCTH2wGtWqvin84xssSzvxxVWZy+dAxgvE96I4JttbjA9/smv277eSORV2XZbM/NO0dmyaIew==
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ae97c3551ae3b0f51e4223dc4f1c9f1a0abe9e92e31b2f8127a42c2c944b72e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:39 GMT
x-rq
hhn1 0 2 9980
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 17:52:58 GMT
server
nginx
age
251468
vary
Accept-Encoding
x-cache
hit
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
42970
/
www.brandonsun.com/_static/ 		717 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.brandonsun.com/_static/??-eJydkdEOgjAMRX/IbQ4J8mL8lsEGlmxldgyCX+8wGH0xEZImfWjvzbmtmDyrexwMDqK2kBpzkXkbW8AgGnqNtLBQCa3mLrBRcnnkZ+4AeRcO4n99A9ga8gQ4ZItNyYsdLjeF2ppKUULJE8dWko/+LQKsbdQmiC7VPRqa1/bt/HOJOWhJDWYjxtR45f3G7K7XhhAetONuYQJviFVxic/Gkp+43GGTnkf9qru6iyyKPC9zKbPuCfLn17k=
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ccc1ae8d8fa1614cfef673670b6a37fd4cce2e6ef77571bb99755a47da072d33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:39 GMT
x-rq
hhn1 0 2 9980
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 20:41:52 GMT
server
nginx
age
251468
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
198956
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-11192669-2
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21f8ba0044e32b617a14b1adb5203faf7ba88590a3cba56ffb40371ddb2fd277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43447
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 02 Oct 2022 19:28:39 GMT
b.png
www.brandonsun.com/wp-content/themes/fp-inc-base-theme/images/weather/icons-png/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.brandonsun.com/wp-content/themes/fp-inc-base-theme/images/weather/icons-png/b.png
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
13689523a09825f3186a135d2234306e7a5e1a294b176745b3c9c8417b59a73b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:39 GMT
x-rq
hhn1 0 2 9980
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 15:49:24 GMT
server
nginx
age
3825429
etag
W/"62fbbc84-bac"
x-cache
hit
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3011
expires
Mon, 02 Oct 2023 19:28:39 GMT
brandon-sun-logo.svg
www.brandonsun.com/wp-content/themes/bsn-theme/assets/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.brandonsun.com/wp-content/themes/bsn-theme/assets/images/brandon-sun-logo.svg
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
19262038e4822652211892db8897ccb20a77e5c5d6eea854f501f3a3e6510658

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:39 GMT
content-encoding
gzip
x-rq
hhn1 0 2 9980
last-modified
Mon, 26 Sep 2022 19:25:07 GMT
server
nginx
age
0
etag
W/"6331fc93-140c"
vary
X-Mobile-Class
x-cache
miss
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2088
expires
Mon, 02 Oct 2023 19:28:39 GMT
scripts.js
www.brandonsun.com/wp-content/plugins/lightbox-photoswipe/assets/ps4/ 		90 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.brandonsun.com/wp-content/plugins/lightbox-photoswipe/assets/ps4/scripts.js?m=1664220307g
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a9934b98dff0f90f68a3d07944cd938528ea277225fee38fd63db1db3dae5dd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:39 GMT
x-rq
hhn1 0 2 9980
content-encoding
gzip
last-modified
Mon, 26 Sep 2022 19:25:07 GMT
server
nginx
age
251468
etag
W/"6331fc93-16911"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
23019
expires
Mon, 02 Oct 2023 19:28:39 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.n5VdVz6eb04.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqVRgLwAFfGrWE2BVtm80bN0uyr5A/ 		262 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.n5VdVz6eb04.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqVRgLwAFfGrWE2BVtm80bN0uyr5A/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.n5VdVz6eb04.O/d=1/rs=AN8SPfqVRgLwAFfGrWE2BVtm80bN0uyr5A/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
522219c3978b635866d1f45a2d0a6438c5a7cee401b7d4a8c22f22c3ed3079d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:29:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93874
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 05:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Sep 2023 20:29:39 GMT
wp-emoji-release.min.js
www.brandonsun.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.brandonsun.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:39 GMT
x-rq
hhn1 0 2 9980
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 19:06:15 GMT
server
nginx
age
2830978
etag
W/"630e5fa7-48b9"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5004
expires
Mon, 02 Oct 2023 19:28:39 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.brandonsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 18:50:34 GMT
x-content-type-options
nosniff
age
520685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Sep 2023 18:50:34 GMT
fa-solid-900.woff2
www.brandonsun.com/wp-content/client-mu-plugins/frontend/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.brandonsun.com/wp-content/client-mu-plugins/frontend/webfonts/fa-solid-900.woff2
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/_static/??-eJydkMsKwkAMRX/ITCj25UL8lk6btiPzoslY/XuHiiCiC13lktwcboJrhD54IS8YbZqMZ7RmmkWHK8Q5SODVRMKOmYQxcoksN0uMA41dsqJ65h2+UHprcgGX4Mkbl200ZLDGMetuJQ6O4FKpolKlcsb/itlSLaCTH2wGtWqvin84xssSzvxxVWZy+dAxgvE96I4JttbjA9/smv277eSORV2XZbM/NO0dmyaIew==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer
https://www.brandonsun.com/_static/??-eJydkMsKwkAMRX/ITCj25UL8lk6btiPzoslY/XuHiiCiC13lktwcboJrhD54IS8YbZqMZ7RmmkWHK8Q5SODVRMKOmYQxcoksN0uMA41dsqJ65h2+UHprcgGX4Mkbl200ZLDGMetuJQ6O4FKpolKlcsb/itlSLaCTH2wGtWqvin84xssSzvxxVWZy+dAxgvE96I4JttbjA9/smv277eSORV2XZbM/NO0dmyaIew==
Origin
https://www.brandonsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:39 GMT
content-encoding
gzip
x-rq
hhn1 0 2 9980
last-modified
Mon, 26 Sep 2022 19:25:06 GMT
server
nginx
age
0
etag
W/"6331fc92-131bc"
vary
X-Mobile-Class
x-cache
miss
content-type
font/woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
expires
Mon, 02 Oct 2023 19:28:39 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.brandonsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:40:45 GMT
x-content-type-options
nosniff
age
460074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16324
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:08:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 11:40:45 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.brandonsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 22:46:40 GMT
x-content-type-options
nosniff
age
420119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14964
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:08:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 22:46:40 GMT
fa-brands-400.woff2
www.brandonsun.com/wp-content/client-mu-plugins/frontend/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.brandonsun.com/wp-content/client-mu-plugins/frontend/webfonts/fa-brands-400.woff2
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/_static/??-eJydkMsKwkAMRX/ITCj25UL8lk6btiPzoslY/XuHiiCiC13lktwcboJrhD54IS8YbZqMZ7RmmkWHK8Q5SODVRMKOmYQxcoksN0uMA41dsqJ65h2+UHprcgGX4Mkbl200ZLDGMetuJQ6O4FKpolKlcsb/itlSLaCTH2wGtWqvin84xssSzvxxVWZy+dAxgvE96I4JttbjA9/smv277eSORV2XZbM/NO0dmyaIew==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer
https://www.brandonsun.com/_static/??-eJydkMsKwkAMRX/ITCj25UL8lk6btiPzoslY/XuHiiCiC13lktwcboJrhD54IS8YbZqMZ7RmmkWHK8Q5SODVRMKOmYQxcoksN0uMA41dsqJ65h2+UHprcgGX4Mkbl200ZLDGMetuJQ6O4FKpolKlcsb/itlSLaCTH2wGtWqvin84xssSzvxxVWZy+dAxgvE96I4JttbjA9/smv277eSORV2XZbM/NO0dmyaIew==
Origin
https://www.brandonsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:39 GMT
content-encoding
gzip
x-rq
hhn1 0 2 9980
last-modified
Mon, 26 Sep 2022 19:25:06 GMT
server
nginx
age
0
etag
W/"6331fc92-12bc0"
vary
X-Mobile-Class
x-cache
miss
content-type
font/woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
expires
Mon, 02 Oct 2023 19:28:39 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK48WJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 02 Oct 2022 19:01:59 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
1600
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Sun, 02 Oct 2022 21:01:59 GMT
activityi;dc_pre=CMGIwd-jwvoCFeiFUAYdo_4G8A;src=10441863;type=traff0;cat=lokno00;ord=9796204102763;gtm=2wg9s0;auiddc=1176810201.1664738919;~oref=https%3A%2F%2Fwww.brandonsun.com%2F
10441863.fls.doubleclick.net/ Frame 115B
Redirect Chain
  • https://10441863.fls.doubleclick.net/activityi;src=10441863;type=traff0;cat=lokno00;ord=9796204102763;gtm=2wg9s0;auiddc=1176810201.1664738919;~oref=https%3A%2F%2Fwww.brandonsun.com%2F?
  • https://10441863.fls.doubleclick.net/activityi;dc_pre=CMGIwd-jwvoCFeiFUAYdo_4G8A;src=10441863;type=traff0;cat=lokno00;ord=9796204102763;gtm=2wg9s0;auiddc=1176810201.1664738919;~oref=https%3A%2F%2Fw...
485 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10441863.fls.doubleclick.net/activityi;dc_pre=CMGIwd-jwvoCFeiFUAYdo_4G8A;src=10441863;type=traff0;cat=lokno00;ord=9796204102763;gtm=2wg9s0;auiddc=1176810201.1664738919;~oref=https%3A%2F%2Fwww.brandonsun.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK48WJ9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
903eda8b00db7b04e25430f83af2bf1325aea1485da6611eaed3ab2e98a2a050
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.brandonsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
384
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 02 Oct 2022 19:28:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 02 Oct 2022 19:28:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10441863.fls.doubleclick.net/activityi;dc_pre=CMGIwd-jwvoCFeiFUAYdo_4G8A;src=10441863;type=traff0;cat=lokno00;ord=9796204102763;gtm=2wg9s0;auiddc=1176810201.1664738919;~oref=https%3A%2F%2Fwww.brandonsun.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK48WJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:39 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 20:23:36 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=17219
accept-ranges
bytes
content-length
3063
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 02 Oct 2022 19:28:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26840
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
cwembjZzqD6TzvLGxGJMQ5jBP7KVT0Ed5j1SR6iYdKTgFDbNfdsBnbIGLzNO6PrgCKn7muVM2WXkEHheh3rL4A==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1fea9bf4afbb158c082689db3e89c2cf0fd852628452556aea17451caa02c22a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 02 Oct 2022 19:28:39 GMT
content-md5
QmLOeGdWTbi2CEUDa2WAVw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
jQsytOVpGdkl21d7o21EqPFkYV8dRL4FRpRju8tJLmodmyEMMPVBBe2UqKVPgUMBg4g8DprMmqxuQfwY8HgBMA==
x-fb-trip-id
917726464
x-fb-content-md5
e990f4ac526bee5008fc871f276d11e2
cross-origin-opener-policy
same-origin-allow-popups
etag
"27bb587ae55357ed0455c87313068f0f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 19:32:09 GMT
number-changer.js
rw1.marchex.io/euinc/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rw1.marchex.io/euinc/number-changer.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK48WJ9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.137.122.128 , United States, ASN40495 (ASN-MARCHEX, US),
Reverse DNS
Software
Apache /
Resource Hash
fba2e28dab7e9f0135909704885960e762725fa8e62af67e4fdd2929fb1e91a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sun, 02 Oct 2022 19:28:39 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Transfer-Encoding
chunked
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=32
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-11192669-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK48WJ9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c5f2f3edffbd3c2e50b77268539487fcae90b97836c4bc97477380dc5b7cd7e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
42356
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 02 Oct 2022 19:28:39 GMT
js
www.googletagmanager.com/gtag/ 		209 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GM37S7T1YK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK48WJ9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f18602a84f592491aeaddee7332ba60b0399cd3ecccc071c79438e82b1df067
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75028
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 02 Oct 2022 19:28:39 GMT
truncated
/ Frame 9044 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		846 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:18:04 GMT
x-content-type-options
nosniff
age
635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
846
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 02 Oct 2023 19:18:04 GMT
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sun, 02 Oct 2022 19:59:51 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 18:41:53 GMT
x-content-type-options
nosniff
age
2806
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 02 Oct 2023 18:41:53 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=152450493&t=pageview&_s=1&dl=https%3A%2F%2Fwww.brandonsun.com%2F&ul=en-us&de=UTF-8&dt=Brandon%20Sun%20%E2%80%93%20Breaking%20News%2C%20Sports%2C%20Manitoba%2C%20Canada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=784291319&gjid=1964025253&cid=265959381.1664738919&tid=UA-126530131-1&_gid=1488882952.1664738919&_r=1&gtm=2wg9s0TK48WJ9&z=1839331363
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.brandonsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 19:28:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.brandonsun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
winnipeg-free-press-snowplow-collector.localnewslab.io/com.google.analytics/ 		2 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://winnipeg-free-press-snowplow-collector.localnewslab.io/com.google.analytics/v1
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.163.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-163-197.compute-1.amazonaws.com
Software
akka-http/10.1.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.brandonsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
https://www.brandonsun.com
date
Sun, 02 Oct 2022 19:28:39 GMT
access-control-allow-credentials
true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server
akka-http/10.1.10
content-length
2
content-type
text/plain; charset=UTF-8
li_sync
www.linkedin.com/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3300905&time=1664738919502&url=https%3A%2F%2Fwww.brandonsun.com%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3300905%26time%3D1664738919502%26url%3Dhttps%253A%252F%252Fwww.brandonsun.com%252...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3300905%26time%3D1664738919502%26url%3Dhttps%253A%252F%252Fwww.brandonsun.com%252F%26liSync%3Dtrue
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Redirect headers

date
Sun, 02 Oct 2022 19:28:39 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 1EDCF8E0170D4FF5977494314E24487E Ref B: FRAEDGE1206 Ref C: 2022-10-02T19:28:39Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3300905%26time%3D1664738919502%26url%3Dhttps%253A%252F%252Fwww.brandonsun.com%252F%26liSync%3Dtrue
x-li-proto
http/2
content-length
0
x-li-uuid
AAXqEjvy/djXBsitCXLAGg==
sdk.js
connect.facebook.net/en_US/ 		300 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=945d38493eab4042c9704e5bbbca8996
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c8e6f8c8894b0abac617828562ad3d9fc61002c5bf969c24502fa2cd722af4d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.brandonsun.com/
Origin
https://www.brandonsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 02 Oct 2022 19:28:39 GMT
content-md5
Rdqb1m8Pbsx/99ttkCAQTQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86933
x-fb-rlafr
0
x-fb-debug
qxMuIr6wrC264imF0qe0znEPm47PL/ISpOTJSC7r2TOPSyinCsJt4wqFikre8UZtidoesYL49+wh6fFBO6nnMQ==
x-fb-content-md5
6afde0cced5d2b9fd960451cabc8d4d0
cross-origin-opener-policy
same-origin-allow-popups
etag
"1cb6bebc24e190a83d56a3638a28a958"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 02 Oct 2023 18:13:09 GMT
524625568278206
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/524625568278206?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3085b181409694c2679b6397714cc6b371889da9f2a0023a24295db4c6da278
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 02 Oct 2022 19:28:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
meZsHR6IXM5IGVOuVD/+CngWv9m5lUYUpxLwcWQFwN47SlMrAzVlaNd9RccbTZtKq5yIUGsaeI3BU44Cd9l37A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl_2022092701.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
sffe /
Resource Hash
34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 11:39:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
373723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131011
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 08:38:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 28 Sep 2023 11:39:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		116 B
123 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.brandonsun.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
cafe /
Resource Hash
5ef28f858db88cc8f297ae07038c10cc3544b07bf4973563537a9b327667571a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
expires
Sun, 02 Oct 2022 19:28:39 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-126530131-1&cid=265959381.1664738919&jid=784291319&gjid=1964025253&_gid=1488882952.1664738919&_u=YEBAAEAAAAAAAC~&z=1953629279
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.brandonsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 02 Oct 2022 19:28:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.brandonsun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CMGIwd-jwvoCFeiFUAYdo_4G8A;src=10441863;type=traff0;cat=lokno00;ord=9796204102763;gtm=2wg9s0;auiddc=1176810201.1664738919;~oref=https%3A%2F%2Fwww.brandonsun.com%2F
adservice.google.com/ddm/fls/i/ Frame 5308 		484 B
853 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CMGIwd-jwvoCFeiFUAYdo_4G8A;src=10441863;type=traff0;cat=lokno00;ord=9796204102763;gtm=2wg9s0;auiddc=1176810201.1664738919;~oref=https%3A%2F%2Fwww.brandonsun.com%2F
Requested by
Host: 10441863.fls.doubleclick.net
URL: https://10441863.fls.doubleclick.net/activityi;dc_pre=CMGIwd-jwvoCFeiFUAYdo_4G8A;src=10441863;type=traff0;cat=lokno00;ord=9796204102763;gtm=2wg9s0;auiddc=1176810201.1664738919;~oref=https%3A%2F%2Fwww.brandonsun.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b13c38710e3ab4482c232be3129118088c6b4f3cd57b33bac63bbce839ec3d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10441863.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
384
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 02 Oct 2022 19:28:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=129054303830226&ev=fb_page_view&dl=https%3A%2F%2Fwww.brandonsun.com%2F&rl=&if=false&ts=1664738919609&sw=1600&sh=1200&at=
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 02 Oct 2022 19:28:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=524625568278206&ev=PageView&dl=https%3A%2F%2Fwww.brandonsun.com%2F&rl=&if=false&ts=1664738919658&sw=1600&sh=1200&v=2.9.84&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1664738919657.1541793445&it=1664738919509&coo=false&rqm=GET
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 02 Oct 2022 19:28:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=524625568278206&ev=user-not-loggedin&dl=https%3A%2F%2Fwww.brandonsun.com%2F&rl=&if=false&ts=1664738919660&sw=1600&sh=1200&v=2.9.84&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1664738919657.1541793445&it=1664738919509&coo=false&rqm=GET
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 02 Oct 2022 19:28:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-126530131-1&cid=265959381.1664738919&jid=784291319&_u=YEBAAEAAAAAAAC~&z=1143782282
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 19:28:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-126530131-1&cid=265959381.1664738919&jid=784291319&_u=YEBAAEAAAAAAAC~&z=1143782282
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 19:28:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getnumdata.js
rw1.marchex.io/euinc/ 		249 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rw1.marchex.io/euinc/getnumdata.js?var=_vsrkpd.d;acc=fwABAV8M0955zACy;cky=rkpd_fwABAV8M0955zACy;ign=1;url=https%3A%2F%2Fwww.brandonsun.com%2F;
Requested by
Host: rw1.marchex.io
URL: https://rw1.marchex.io/euinc/number-changer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.137.122.128 , United States, ASN40495 (ASN-MARCHEX, US),
Reverse DNS
Software
Apache /
Resource Hash
8b82448e5551693ea90c222fc2eb8df69f5cbb2f03e75587d1f206e3b35adc03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sun, 02 Oct 2022 19:28:39 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Transfer-Encoding
chunked
P3P
CP="NOI COR NID TAI OUR BUS STA"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=200
dc_pre=CMGIwd-jwvoCFeiFUAYdo_4G8A;src=10441863;type=traff0;cat=lokno00;ord=9796204102763;gtm=2wg9s0;auiddc=1176810201.1664738919;~oref=https%3A%2F%2Fwww.brandonsun.com%2F
adservice.google.de/ddm/fls/i/ Frame 3020 		194 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CMGIwd-jwvoCFeiFUAYdo_4G8A;src=10441863;type=traff0;cat=lokno00;ord=9796204102763;gtm=2wg9s0;auiddc=1176810201.1664738919;~oref=https%3A%2F%2Fwww.brandonsun.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMGIwd-jwvoCFeiFUAYdo_4G8A;src=10441863;type=traff0;cat=lokno00;ord=9796204102763;gtm=2wg9s0;auiddc=1176810201.1664738919;~oref=https%3A%2F%2Fwww.brandonsun.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 02 Oct 2022 19:28:39 GMT
expires
Sun, 02 Oct 2022 19:28:39 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
px.marchex.io/ 		43 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.marchex.io/pixel.gif?c=1664738919815
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.81.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-81-207.compute-1.amazonaws.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:40 GMT
last-modified
Thu, 01 Jul 2021 14:25:02 GMT
server
Apache
etag
"2b-5c6109ac86f97"
p3p
policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
content-type
image/gif
accept-ranges
bytes
content-length
43
identify
account.brandonsun.com/api/v2/auth/ 		118 B
999 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://account.brandonsun.com/api/v2/auth/identify
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/_static/??-eJydkdEOgjAMRX/IbQ4J8mL8lsEGlmxldgyCX+8wGH0xEZImfWjvzbmtmDyrexwMDqK2kBpzkXkbW8AgGnqNtLBQCa3mLrBRcnnkZ+4AeRcO4n99A9ga8gQ4ZItNyYsdLjeF2ppKUULJE8dWko/+LQKsbdQmiC7VPRqa1/bt/HOJOWhJDWYjxtR45f3G7K7XhhAetONuYQJviFVxic/Gkp+43GGTnkf9qru6iyyKPC9zKbPuCfLn17k=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.200.191.140 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
205-200-200-191-140.static.bellmts.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.25 / PHP/7.4.25
Resource Hash
560c836d7a468b5a03d13f71367dca6889af2e39a50acb730702e166e3f4add3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.brandonsun.com;
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options Allow-From https://brandonsun.com/

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.brandonsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Sun, 02 Oct 2022 19:28:41 GMT
Strict-Transport-Security
max-age=63072000;
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://*.brandonsun.com;
X-Powered-By
PHP/7.4.25
Connection
Keep-Alive
Content-Length
118
Referrer-Policy
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.25
X-Frame-Options
Allow-From https://brandonsun.com/
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.brandonsun.com
Cache-Control
max-age=0, no-store
Access-Control-Allow-Credentials
true
X-RateLimit-Limit
60
Keep-Alive
timeout=5, max=100
X-RateLimit-Remaining
59
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=524625568278206&ev=Microdata&dl=https%3A%2F%2Fwww.brandonsun.com%2F&rl=&if=false&ts=1664738921164&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Brandon%20Sun%20%E2%80%93%20Breaking%20News%2C%20Sports%2C%20Manitoba%2C%20Canada%22%2C%22meta%3Adescription%22%3A%22Breaking%20News%2C%20Sports%2C%20Manitoba%2C%20Canada%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1664738919657.1541793445&it=1664738919509&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 02 Oct 2022 19:28:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
segment
api.cxense.com/profile/user/ 		62 B
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/profile/user/segment?callback=cXJsonpCB1&persisted=38d5e37a13985ceec570aaaacd3a7c2f5defc36d&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22l8rqkiy5ij14c8xt%22%2C%22type%22%3A%22cx%22%7D%5D%7D
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
ca11b298f778bc9674f60d265c6b71dfcc42723d64cef1ecb6c7056c3088c6e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 19:28:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
62
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=152450493&t=pageview&_s=1&dl=https%3A%2F%2Fwww.brandonsun.com%2F&ul=en-us&de=UTF-8&dt=Brandon%20Sun%20%E2%80%93%20Breaking%20News%2C%20Sports%2C%20Manitoba%2C%20Canada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=73430841&gjid=2116389622&cid=265959381.1664738919&tid=UA-11192669-2&_gid=1488882952.1664738919&_r=1&gtm=2ou9s0&cd2=not-logged-in&z=1446720303
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.brandonsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 19:28:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.brandonsun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GM37S7T1YK&gtm=2oe9s0&_p=152450493&cid=265959381.1664738919&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664738921&sct=1&seg=0&dl=https%3A%2F%2Fwww.brandonsun.com%2F&dt=Brandon%20Sun%20%E2%80%93%20Breaking%20News%2C%20Sports%2C%20Manitoba%2C%20Canada&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GM37S7T1YK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 19:28:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.brandonsun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
obits
www.brandonsun.com/wp-json/api/v1/widget-data/ 		2 KB
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.brandonsun.com/wp-json/api/v1/widget-data/obits?_=1664738919254
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/_static/??-eJydkdEOgjAMRX/IbQ4J8mL8lsEGlmxldgyCX+8wGH0xEZImfWjvzbmtmDyrexwMDqK2kBpzkXkbW8AgGnqNtLBQCa3mLrBRcnnkZ+4AeRcO4n99A9ga8gQ4ZItNyYsdLjeF2ppKUULJE8dWko/+LQKsbdQmiC7VPRqa1/bt/HOJOWhJDWYjxtR45f3G7K7XhhAetONuYQJviFVxic/Gkp+43GGTnkf9qru6iyyKPC9zKbPuCfLn17k=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1988a43cbc7d9ba37a02a769a0c990fe960109605ca34870815a9ac2e841a1e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.brandonsun.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
miss
x-rq
hhn1 0 2 9980
server
nginx
allow
GET
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex
link
<https://www.brandonsun.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
sp1.html
cdn.cxense.com/ Frame 387C 		684 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:893::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer
https://www.brandonsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
379
Content-Type
text/html
Date
Sun, 02 Oct 2022 19:28:41 GMT
Expires
Wed, 12 Oct 2022 19:28:41 GMT
Last-Modified
Tue, 11 Jan 2022 07:21:04 GMT
Server
AkamaiNetStorage
Unused62
8096267
Vary
Accept-Encoding
data
api.cxense.com/public/widget/ 		342 B
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22testgroup%22%3A%2218%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22userState%22%2C%22value%22%3A%22anon%22%7D%2C%7B%22key%22%3A%22subscription%22%2C%22value%22%3A%22not-logged-in%22%7D%2C%7B%22key%22%3A%22ver%22%2C%22value%22%3A%222.47%22%7D%2C%7B%22key%22%3A%22testGroup%22%2C%22value%22%3A%2218%22%7D%2C%7B%22key%22%3A%22loadDelay%22%2C%22value%22%3A%222.7%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2218%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.brandonsun.com%2F%22%7D%2C%22widgetId%22%3A%22e4ea3c606b0df5db461caf8e75840f0bf806cce6%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22l8rqkiy5ij14c8xt%22%7D%7D%2C%22prnd%22%3A%22l8rqkiy57xz2rzid%22%7D&media=javascript&sid=9222360305937373874&widgetId=e4ea3c606b0df5db461caf8e75840f0bf806cce6&resizeToContentSize=true&useSecureUrls=true&usi=l8rqkiy5ij14c8xt&rnd=419441045&prnd=l8rqkiy57xz2rzid&tzo=0&callback=cXJsonpCB2
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
dce53fe8caa5ff377165edca7e6667bb06bc7de0698b93b7fec1e28ce7eabbd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 19:28:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
342
expires
Mon, 26 Jul 1997 05:00:00 GMT
data
api.cxense.com/public/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22testgroup%22%3A%2218%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22userState%22%2C%22value%22%3A%22anon%22%7D%2C%7B%22key%22%3A%22subscription%22%2C%22value%22%3A%22not-logged-in%22%7D%2C%7B%22key%22%3A%22ver%22%2C%22value%22%3A%222.47%22%7D%2C%7B%22key%22%3A%22testGroup%22%2C%22value%22%3A%2218%22%7D%2C%7B%22key%22%3A%22loadDelay%22%2C%22value%22%3A%222.7%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2218%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.brandonsun.com%2F%22%7D%2C%22widgetId%22%3A%2287d55267e9832b8285b355d1ca93f19f003b6f93%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22l8rqkiy5ij14c8xt%22%7D%7D%2C%22prnd%22%3A%22l8rqkiy57xz2rzid%22%7D&media=javascript&sid=9222360305937373874&widgetId=87d55267e9832b8285b355d1ca93f19f003b6f93&resizeToContentSize=true&useSecureUrls=true&usi=l8rqkiy5ij14c8xt&rnd=1791748249&prnd=l8rqkiy57xz2rzid&tzo=0&callback=cXJsonpCB3
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
8b34da130ddd414df589a6684024c109d4601c99bdafbbc9fe5d416a3b60d386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 19:28:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
2315
expires
Mon, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.brandonsun.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.brandonsun.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		557 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=494613562429489&correlator=1151943169745045&eid=31069634%2C31070023%2C31069950&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fif&iu_parts=3823844%2Cbrandonsun.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=180x40&ifi=1&adks=3759655058&sfv=1-0-38&fsapi=false&prev_scp=loc%3DweatherSlideOut%26pos%3D1%26page%3Dindex%26ut%3Dnot-logged-in%26ck%3Dindex%2Cweather-variable-cloudiness%2Cweather-variable-cloudiness%2Cweather-0_5%26imp%3Dindex%26pr%3Dnews&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1664738921922&lmt=1664738921&dlt=1664738919035&idt=722&adxs=-424&adys=89&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.brandonsun.com%2F&frm=20&vis=1&psz=400x-1&msz=180x-1&fws=516&ohw=400&ga_vid=265959381.1664738919&ga_sid=1664738922&ga_hid=152450493&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
cafe /
Resource Hash
0e642b73b74303ba1407eb77581732307027f34e33cf09a3f1429fe0f84ce3a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.brandonsun.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=494613562429489&correlator=1207977346043987&eid=31069634%2C31070023%2C31069950&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fif&iu_parts=3823844%2Cbrandonsun.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=2&adks=2693653942&sfv=1-0-38&fsapi=false&prev_scp=loc%3Dtop%26pos%3D1%26page%3Dindex%26ut%3Dnot-logged-in%26ck%3Dindex%2Cweather-variable-cloudiness%2Cweather-variable-cloudiness%2Cweather-0_5%26imp%3Dindex%26pr%3Dnews&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1664738921928&lmt=1664738921&dlt=1664738919035&idt=722&adxs=316&adys=143&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.brandonsun.com%2F&frm=20&vis=1&psz=1000x16&msz=968x0&fws=0&ohw=0&ga_vid=265959381.1664738919&ga_sid=1664738922&ga_hid=152450493&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
cafe /
Resource Hash
b00d1c28fdd5626ba2e91d9de2a0f390cdabf5e15a3c62febb101cc21503b33f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11681
x-xss-protection
0
google-lineitem-id
6122188697
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138406508086
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.brandonsun.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		406 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=494613562429489&correlator=2376364731208942&eid=31069634%2C31070023%2C31069950&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fif&iu_parts=3823844%2Cbrandonsun.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=4x4&ifi=3&adks=3500686986&sfv=1-0-38&fsapi=false&prev_scp=loc%3Dtop%26pos%3D1%26page%3Dindex%26ut%3Dnot-logged-in%26ck%3Dindex%2Cweather-variable-cloudiness%2Cweather-variable-cloudiness%2Cweather-0_5%26imp%3Dindex%26pr%3Dnews&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1664738921931&lmt=1664738921&dlt=1664738919035&idt=722&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.brandonsun.com%2F&frm=20&vis=1&psz=4x0&msz=4x0&fws=0&ohw=0&ga_vid=265959381.1664738919&ga_sid=1664738922&ga_hid=152450493&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
cafe /
Resource Hash
146cd5af630c883ae94bf954ffb2644263cce8608162a50320c5cdcb001ad92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
212
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.brandonsun.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a5094c625bfb2272cc1e91217e48ca229d8c714bb2edf91f1a9dad6edaccfc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11239
x-xss-protection
0
container.html
e0d604d579bb356fbec217be92d4c6c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5BB5 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e0d604d579bb356fbec217be92d4c6c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.brandonsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 02 Oct 2022 19:28:42 GMT
expires
Mon, 02 Oct 2023 19:28:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-11192669-2&cid=265959381.1664738919&jid=73430841&gjid=2116389622&_gid=1488882952.1664738919&_u=aEDAAUABAAAAAC~&z=1618351412
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.brandonsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 02 Oct 2022 19:28:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.brandonsun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cx.js
cdn.cxense.com/ Frame 387C 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:893::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3a28b1e29b466e8ef53e57501216eb49261ecce111802b5c013f196ab375f070

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sun, 02 Oct 2022 19:28:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Sep 2022 07:23:15 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30723
Expires
Sun, 02 Oct 2022 20:28:41 GMT
p1.js
p1cluster.cxense.com/ Frame 387C 		46 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
b1cd62b19b8eff537d602830d399a4e93f619307063f7d302fe9339263c7cffa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
last-modified
Sat, 02 Apr 2022 19:28:42 GMT
server
Jetty(9.4.28.v20200408)
etag
qe2911snmexm33ed8ors1rjta
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
46
expires
Mon, 02 Oct 2023 19:28:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 02 Oct 2022 19:28:42 GMT
rep.gif
comcluster.cxense.com/Repo/ Frame 387C 		43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.3&typ=pgv&rnd=l8rqkiy57xz2rzid&sid=9222360305937373874&loc=https%3A%2F%2Fwww.brandonsun.com%2F&new=1&arf=0&ltm=1664738919152&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=l8rqkl27zfq2inda&ckp=l8rqkiy5ij14c8xt&glb=&cp_userState=anon&cp_subscription=not-logged-in&cp_ver=2.47&cp_testGroup=18&cp_loadDelay=2.7&cst=qe2911snmexm33ed8ors1rjta
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Sun, 02 Oct 2022 19:28:42 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/ 		101 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22l8rqkiy5ij14c8xt%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%22qe2911snmexm33ed8ors1rjta%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%22qe2911snmexm33ed8ors1rjta%22%7D%5D%2C%22siteId%22%3A%229222360305937373874%22%2C%22location%22%3A%22https%3A%2F%2Fwww.brandonsun.com%2F%22%7D&callback=cXJsonpCB4
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
b0d79f22d756f448a5226153b722923be1a7b30ea0aac8c265c98e2a3037fd71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 19:28:42 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
101
expires
Mon, 26 Jul 1997 05:00:00 GMT
2022100115100-63388f02f16c379ba995b63bjpeg.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/2022100115100-63388f02f16c379ba995b63bjpeg.jpg?w=1024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ebf0212ef623202f1ab5057de028b07c3fe4f10946858c7c24cbdfa700fb265b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
x-rq
hhn1 109 28 443
last-modified
Sat, 01 Oct 2022 22:05:20 GMT
server
nginx
etag
"3ab7adda0e7a0406"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
53218
expires
Sun, 01 Oct 2023 22:05:20 GMT
b.png
www.brandonsun.com/wp-content/themes/fp-inc-base-theme/images/weather/icons-png/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.brandonsun.com/wp-content/themes/fp-inc-base-theme/images/weather/icons-png/b.png
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/_static/??-eJydkdEOgjAMRX/IbQ4J8mL8lsEGlmxldgyCX+8wGH0xEZImfWjvzbmtmDyrexwMDqK2kBpzkXkbW8AgGnqNtLBQCa3mLrBRcnnkZ+4AeRcO4n99A9ga8gQ4ZItNyYsdLjeF2ppKUULJE8dWko/+LQKsbdQmiC7VPRqa1/bt/HOJOWhJDWYjxtR45f3G7K7XhhAetONuYQJviFVxic/Gkp+43GGTnkf9qru6iyyKPC9zKbPuCfLn17k=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
13689523a09825f3186a135d2234306e7a5e1a294b176745b3c9c8417b59a73b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
x-rq
hhn1 0 2 9980
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 15:49:24 GMT
server
nginx
age
3825432
etag
W/"62fbbc84-bac"
x-cache
hit
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3011
expires
Mon, 02 Oct 2023 19:28:42 GMT
bn.png
www.brandonsun.com/wp-content/themes/fp-inc-base-theme/images/weather/icons-png/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.brandonsun.com/wp-content/themes/fp-inc-base-theme/images/weather/icons-png/bn.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a760a48f78d2aba788df01bac73d8e08cdb471b2cefbb3ed4f4173bdbe02a159

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
x-rq
hhn1 0 2 9980
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 15:49:24 GMT
server
nginx
age
3622730
etag
W/"62fbbc84-a76"
x-cache
hit
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2701
expires
Mon, 02 Oct 2023 19:28:42 GMT
782138_web1_220101-rinks-Enns-interior.jpeg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/782138_web1_220101-rinks-Enns-interior.jpeg?w=1024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6b1cc98ed3048b8b2514711e8156e2ea0d2891dd92ff33f2be64351503f95532

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
x-rq
hhn1 109 88 443
last-modified
Sat, 01 Oct 2022 08:35:54 GMT
server
nginx
etag
"0e5f9d135a901c6c"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
85244
expires
Sun, 01 Oct 2023 08:35:54 GMT
781069_web1_221001-WARD-1-PROFILE-02.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/781069_web1_221001-WARD-1-PROFILE-02.jpg?w=1024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dbf663737a6d53ea7b804a8bfba10cd7e363e7b08699a934477a93cf462832d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
x-rq
hhn1 109 200 443
last-modified
Sat, 01 Oct 2022 08:02:23 GMT
server
nginx
etag
"7fc4d31cef3ac800"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
31198
expires
Sun, 01 Oct 2023 08:02:23 GMT
784350_web1_200402-LibraryClosures1.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/784350_web1_200402-LibraryClosures1.jpg?w=1024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1de26568ada25245a030a17099160eec24c09f06d8b13f8867484e82f648ec6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
x-rq
hhn1 109 195 443
last-modified
Sat, 01 Oct 2022 08:02:23 GMT
server
nginx
etag
"009a153b37096534"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
57188
expires
Sun, 01 Oct 2023 08:02:23 GMT
725782_web1_220906_Marshall_Ring_04.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/725782_web1_220906_Marshall_Ring_04.jpg?w=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b607820ac27acb9517adee329d8ac90d0a16bd29d11d807474a5c20d6f7811ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
x-rq
hhn1 109 140 443
last-modified
Sat, 10 Sep 2022 08:03:25 GMT
server
nginx
etag
"349b4e5f2f3c9184"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10496
expires
Sun, 10 Sep 2023 08:03:25 GMT
688735_web1_ROSS.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.brandonsun.com/wp-content/uploads/sites/3/2022/08/688735_web1_ROSS.jpg?w=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
29a5c2097f99c6f83d0a6eb315a968fd08a277eae13ec278cc9e23842c18c887

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
x-rq
hhn1 109 84 443
last-modified
Sat, 27 Aug 2022 17:04:14 GMT
server
nginx
etag
"d6a71c8e92ae46a7"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8982
expires
Sun, 27 Aug 2023 17:04:14 GMT
650106_web1_ross-column.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/08/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.brandonsun.com/wp-content/uploads/sites/3/2022/08/650106_web1_ross-column.jpg?w=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6d2cfcfb36926883c4ff291aa2b34fe7a75af4af506a82060b3f627cb1d4e694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
x-rq
hhn1 109 142 443
last-modified
Sat, 13 Aug 2022 16:11:39 GMT
server
nginx
etag
"1a66b81ff884d449"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11736
expires
Sun, 13 Aug 2023 16:11:39 GMT
784926_web1_093022-ORANGE-SHIRTS-3.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/784926_web1_093022-ORANGE-SHIRTS-3.jpg?w=768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7a3415f3747641facd2f416b3b4332a47bc9792fa15565607f181369fc56b87f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
x-rq
hhn1 109 84 443
last-modified
Sat, 01 Oct 2022 08:02:23 GMT
server
nginx
etag
"51d4baf646663595"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
37598
expires
Sun, 01 Oct 2023 08:02:23 GMT
220927-ROAD-CONSTRUCTION-MG.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 		388 KB
388 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/220927-ROAD-CONSTRUCTION-MG.jpg?w=1024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
99371e8373904c3ed3bd6c790109d1387ecb0bdd04650237a59bd1fbc2a344b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
x-rq
hhn1 109 144 443
last-modified
Sat, 01 Oct 2022 10:24:40 GMT
server
nginx
etag
"f4072e4b53162df3"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
397150
expires
Sun, 01 Oct 2023 10:24:40 GMT
786103_web1_Mary-Courchene.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/10/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.brandonsun.com/wp-content/uploads/sites/3/2022/10/786103_web1_Mary-Courchene.jpg?w=1024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b88d5392517fd4b0e6eeff84718a51369ac3bc4ec092f7dcab7d37e72c12be9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
x-rq
hhn1 109 28 443
last-modified
Sat, 01 Oct 2022 07:00:51 GMT
server
nginx
etag
"45b09b548f7bb88e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
45006
expires
Sun, 01 Oct 2023 07:00:51 GMT
20220930180952-633773b656afa4fc0ea88625jpeg.jpg
www.brandonsun.com/wp-content/uploads/sites/3/2022/09/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.brandonsun.com/wp-content/uploads/sites/3/2022/09/20220930180952-633773b656afa4fc0ea88625jpeg.jpg?w=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a94f1385dd2cfbff19640923135249d3605879acff8547b55c7dbe09a4f6a223

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
x-rq
hhn1 109 86 443
last-modified
Sun, 02 Oct 2022 18:48:17 GMT
server
nginx
etag
"6127dc6668ccb522"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16734
expires
Mon, 02 Oct 2023 18:48:17 GMT
obits
www.brandonsun.com/wp-json/api/v1/widget-data/ 		2 KB
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.brandonsun.com/wp-json/api/v1/widget-data/obits?_=1664738919255
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/_static/??-eJydkdEOgjAMRX/IbQ4J8mL8lsEGlmxldgyCX+8wGH0xEZImfWjvzbmtmDyrexwMDqK2kBpzkXkbW8AgGnqNtLBQCa3mLrBRcnnkZ+4AeRcO4n99A9ga8gQ4ZItNyYsdLjeF2ppKUULJE8dWko/+LQKsbdQmiC7VPRqa1/bt/HOJOWhJDWYjxtR45f3G7K7XhhAetONuYQJviFVxic/Gkp+43GGTnkf9qru6iyyKPC9zKbPuCfLn17k=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1988a43cbc7d9ba37a02a769a0c990fe960109605ca34870815a9ac2e841a1e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.brandonsun.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
hit
content-length
525
x-rq
hhn1 0 2 9980
server
nginx
allow
GET
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex
link
<https://www.brandonsun.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.brandonsun.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.brandonsun.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=494613562429489&correlator=3616014020641774&eid=31069634%2C31070023%2C31069950%2C676982996&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fif&iu_parts=3823844%2Cbrandonsun.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&adks=3828665943&sfv=1-0-38&fsapi=false&prev_scp=loc%3Dtop%26pos%3D1%26page%3Dindex%26ut%3Dnot-logged-in%26ck%3Dindex%2Cweather-variable-cloudiness%2Cweather-variable-cloudiness%2Cweather-0_5%26imp%3Dindex%26pr%3Dnews&eri=1&sc=1&cookie=ID%3D25e259b0010d9d29%3AT%3D1664738922%3AS%3DALNI_MZCmlkEGsCcmgT5859BrJM8Nn_r1Q&abxe=1&dt=1664738922299&lmt=1664738922&dlt=1664738919035&idt=722&adxs=973&adys=363&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.brandonsun.com%2F&frm=20&vis=1&psz=310x275&msz=310x123&fws=4&ohw=312&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=265959381.1664738919&ga_sid=1664738922&ga_hid=152450493&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
cafe /
Resource Hash
37835e552403a26a939477148a9dc7135420f9e2c7f3882adbf12dc5d0fe2c02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12053
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.brandonsun.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		303 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=494613562429489&correlator=1836310600871844&eid=31069634%2C31070023%2C31069950%2C676982996&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fif&iu_parts=3823844%2Cbrandonsun.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=180x40&ifi=5&adks=1403793799&sfv=1-0-38&fsapi=false&prev_scp=loc%3DweatherBigBoxTile%26pos%3D2%26page%3Dindex%26ut%3Dnot-logged-in%26ck%3Dindex%2Cweather-variable-cloudiness%2Cweather-variable-cloudiness%2Cweather-0_5%26imp%3Dindex%26pr%3Dnews&eri=1&sc=1&cookie=ID%3D25e259b0010d9d29%3AT%3D1664738922%3AS%3DALNI_MZCmlkEGsCcmgT5859BrJM8Nn_r1Q&abxe=1&dt=1664738922302&lmt=1664738922&dlt=1664738919035&idt=722&adxs=1103&adys=618&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.brandonsun.com%2F&frm=20&vis=1&psz=310x115&msz=180x0&fws=132&ohw=312&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=265959381.1664738919&ga_sid=1664738922&ga_hid=152450493&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
cafe /
Resource Hash
b02385b145e36a3f910af6659a87331dcf40437f32abbeb234a22956232d159f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.brandonsun.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8D58 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.brandonsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9859
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 02 Oct 2022 16:44:23 GMT
expires
Mon, 02 Oct 2023 16:44:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B3AD 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
604b31d10f61e7465b3030242f719c397ef804e3a998c1782f0c04759be65aaa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tfpFG4kpPiF4ICGMu7Mxng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.brandonsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-tfpFG4kpPiF4ICGMu7Mxng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 02 Oct 2022 19:28:42 GMT
expires
Sun, 02 Oct 2022 19:28:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
getprima.php
brandonsun-can.newsmemory.com/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandonsun-can.newsmemory.com/getprima.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.17.180.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-180-6.compute-1.amazonaws.com
Software
Apache /
Resource Hash
efd684dac9c5beefa0f0494b3af22e8289147cf61f0dcd668d6dfff65215aa69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Expires
Sun, 02 Oct 2022 19:43:42 GMT
Date
Sun, 02 Oct 2022 19:28:42 GMT
Cache-Control
max-age=900,s-maxage=900
Server
Apache
Transfer-Encoding
chunked
Content-Type
image/png
brandonsun-logo.svg
passages.brandonsun.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://passages.brandonsun.com/images/brandonsun-logo.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.200.191.105 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
wfpmail.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.3.25 /
Resource Hash
aeeca56c3fe0516248ed4a3ff1da8130ae3fd2d560cfa6ef967ef7404b56b2b8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sun, 02 Oct 2022 19:28:43 GMT
Strict-Transport-Security
max-age=63072000;
Last-Modified
Tue, 06 Oct 2020 15:17:23 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.3.25
ETag
"1bd3-5b1021892ca33"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7123
X-XSS-Protection
1; mode=block
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.brandonsun.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.brandonsun.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=494613562429489&correlator=256633157163120&eid=31069634%2C31070023%2C31069950%2C676982996&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fif&iu_parts=3823844%2Cbrandonsun.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&adks=2195058956&sfv=1-0-38&fsapi=false&prev_scp=loc%3Dspotlight%26pos%3D1%26page%3Dindex%26ut%3Dnot-logged-in%26ck%3Dindex%2Cweather-variable-cloudiness%2Cweather-variable-cloudiness%2Cweather-0_5%26imp%3Dindex%26pr%3Dnews&eri=1&sc=1&cookie=ID%3D25e259b0010d9d29%3AT%3D1664738922%3AS%3DALNI_MZCmlkEGsCcmgT5859BrJM8Nn_r1Q&abxe=1&dt=1664738922381&lmt=1664738922&dlt=1664738919035&idt=722&adxs=648&adys=2085&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.brandonsun.com%2F&frm=20&vis=1&psz=304x258&msz=300x115&fws=4&ohw=306&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=265959381.1664738919&ga_sid=1664738922&ga_hid=152450493&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
cafe /
Resource Hash
10b31e03631816eb359487ae573894c41aef8336223c5192714e26b2f9bc00e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12118
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.brandonsun.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B3AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092701&jk=494613562429489&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js
pagead2.googlesyndication.com/bg/ Frame 8D58 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 10:37:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31876
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16054
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 02 Oct 2023 10:37:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2669 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQy2LXZe1LLixAt2_95aFZcW6-_C6iwQrb4FztKG8PUp7MakXbLHBKaP0mOR08mbsLl-ehXshFt6Eg5kgR7b7oAcfn7ohvLtLYrsilRtsSfFNWEBBfbULZSRAcLr4bXTxAXB47C89978ZJDCw80IMd6GvgFmYsvpKkQ5LGU4WleaoztU10tEz311J-eSlJSxcB4n8p-y1ZZkVsACX8iD_A4vjlPKiY7B57e4sziF4kqPBPS8c5YBe6Wjyqx-9X2MltD9D0Rd4o0GHhKuurKv1VS-lQEtC34Kk0C4TGSJ8iFn6I5sc81187bPF0O_uEAHhxuA9ocLDd&sai=AMfl-YSztuRw-VFmw6n-Ga3ISSkA_ter3bBMLnFpt0RCG6KNlYWph3yZ6QeRQF-eG00Zt_tilDu45qWqOT7vNEhgxxxe9HtTcevF6YR4veVhmsWyHhS3rLCrjAurePKcr9UaFg&sig=Cg0ArKJSzAQVIcRn4boQEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 2669 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:24:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Oct 2022 19:24:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2669 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 02 Oct 2022 19:28:42 GMT
16060246857183935900
tpc.googlesyndication.com/simgad/ Frame 2669 		227 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16060246857183935900
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3826fad12202db0cd1d0e6b07e996de70cb86db1a25f4eba1fb5c024ba28d9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 20:34:20 GMT
x-content-type-options
nosniff
age
514462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232839
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 20:30:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 26 Sep 2023 20:34:20 GMT
l
www.google.com/ads/measurement/ Frame 2669 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGW2FcUwHRn-ptCy_ue06nMtdribokSjClpIIL7nIl7eaz54C6oKsfyPFRRf17FJAYe_Z2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
truncated
/ Frame 2669 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a28cda85cf9c6f826541208d3a1fc717b0c60a54457e374ae9a4cec610dd1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 8D58 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gRwn8A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2669 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-M5EjuLFUWuxTWViHJm6hiBAqtgCA5FK0kc4q8PM3hjXZlYNwWkI2kyA77lYy_mNrptd_sEJ2YjIeAtbgeoEi6eASxTWRHCfEwcAUAn8ZIizXDiASxvPAhoTTrPq7wexh0tP0hbwiDMg-IRxTK1atngBtWCabEw0bXavJncZSu2qUayQUCbXfsFfiKxXYlBA2A50v0F1GJOgbvvSrqlqwq61bnobOwYpkjm0anNm-pFm4WNnVqEgA-UAB_JYX8aX2REmTbClMrAMYx1XEYs7X-J5nnGjjYdQMyvc3BhDqbBOuJXedaZegvvi6SLWyy4-Oi3PPHqI6oBg&sai=AMfl-YQd1vtLmFBTBlYkbMZ-V9pPn7qBIbh_83ZLHM1RbvCY1BuNtjkgDPk9_bNBVjsjgtL2aqkhE2L_3GRqZryiVY3qMuda9bgO9va0jzLvBxs9Jk2l7P1mTu2Rxv2skacmhg&sig=Cg0ArKJSzIxSGnhuNuW-EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 19:28:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 02 Oct 2022 19:28:42 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012209072154000/ Frame E3FC 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 01 Oct 2022 18:29:48 GMT
age
89935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61518
x-xss-protection
0
server
sffe
etag
"b9e6b1d3ca7cc68d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 01 Oct 2023 18:29:48 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame E3FC 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 07:43:03 GMT
age
215140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
etag
"dcaf3864e0ab6b08"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 07:43:03 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame E3FC 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 07:43:03 GMT
age
215140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28888
x-xss-protection
0
server
sffe
etag
"95b4b320f7966d1a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 07:43:03 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame E3FC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 07:43:03 GMT
age
215140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1908
x-xss-protection
0
server
sffe
etag
"5561dff7c028bd87"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 07:43:03 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame E3FC 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 07:43:03 GMT
age
215140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12958
x-xss-protection
0
server
sffe
etag
"00747b471d2f1a24"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 07:43:03 GMT
css
fonts.googleapis.com/ Frame E3FC 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::5f Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 02 Oct 2022 19:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 18:01:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Oct 2022 19:28:43 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E3FC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 07:43:04 GMT
x-content-type-options
nosniff
server
cafe
age
42338
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 03 Oct 2022 07:43:04 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E3FC 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 07:43:04 GMT
x-content-type-options
nosniff
server
cafe
age
42338
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 03 Oct 2022 07:43:04 GMT
l
www.google.com/ads/measurement/ Frame E3FC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSP8Z71tAkRERZroaou1ISlesOmTzeVlI3iDj7v8VCE95HYqNdcc4mESS49T7dSgXfCppZU
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame E3FC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQN9zauY5Y4jvFpnBywW80IewAb23tsJskYqyq_wP29keEAEgoYy2A2CV4oqCmAegAeXFtL0CyAEJqQIWhNpvuHGwPuACAKgDAcgDCqoEmAJP0KxJ1vSc-yTi-GlyStAPsxEoiolTrTB0Dv-AqwJMas-DY8Xy64aoEUqxn65LE0pdobTPFmQ9sCVJum01G0qEs0HE0TlGPfzEbQJijhVukxO2xQ2omtEhAN5SA9GI3Rqe-6p6uhCuRi3CtGGHzevwykFsN6z_X7_5i7bvXoFDypq8vpcLLaS29IW2qXhi6dQsvmsRFFdwUZBH1duuw_rPb4XdBgKJYR_pgG0VnqGWlzfNLd_I3Xo7Q_BZzgDr8nTuU-kuY6xM6JhFuHHFjRLWl6Q8VgdUOsVVYqdlr3557zPM4Rt7XonN8evcTl8APOpBxbdVDaFpcC2ppdfadQS3gnGo_1K5tIgzoDJNwVo9woi3WMevumH_wATh6ae13QPgBAGSBQQIBBgBkgUECAUYBKAGLoAHqZ2fLqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENeuB9IIEQiA4YBwEAEYHTIC6wI6AoBAgAoByAsBuBPkA9gTDYgUAtAVAYAXAbIXHgocCAASFHB1Yi0zNjEzOTk3MzIzOTIwMTUxGOzHDA&sigh=dctYzlabNfE&uach_m=[UACH]&template_id=484
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
2076313506083323656
tpc.googlesyndication.com/simgad/6109538919768920935/ Frame E3FC 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6109538919768920935/2076313506083323656
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1bf1b27fa63170efbb30b5897c2793067bf4c75966f27d97c50c3c92da6bb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 19:35:38 GMT
x-content-type-options
nosniff
age
258784
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48758
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 13:54:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 29 Sep 2023 19:35:38 GMT
truncated
/ Frame E3FC 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d94a565d503629c0a27da450997ba2d6d3029385f272c55fd6579dd388c63b81

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame E3FC 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3db2e5c0e8be29dc507daee57be782f6e32f6e0078cdde2796a4151b160b9b4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012209072154000/ Frame 5B34 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 01 Oct 2022 18:29:48 GMT
age
89935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61518
x-xss-protection
0
server
sffe
etag
"b9e6b1d3ca7cc68d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 01 Oct 2023 18:29:48 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 5B34 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 07:43:03 GMT
age
215140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
etag
"dcaf3864e0ab6b08"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 07:43:03 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 5B34 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 07:43:03 GMT
age
215140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28888
x-xss-protection
0
server
sffe
etag
"95b4b320f7966d1a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 07:43:03 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 5B34 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 07:43:03 GMT
age
215140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1908
x-xss-protection
0
server
sffe
etag
"5561dff7c028bd87"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 07:43:03 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 5B34 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 07:43:03 GMT
age
215140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12958
x-xss-protection
0
server
sffe
etag
"00747b471d2f1a24"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 07:43:03 GMT
css
fonts.googleapis.com/ Frame 5B34 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::5f Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 02 Oct 2022 19:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 17:58:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Oct 2022 19:28:43 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5B34 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 07:43:04 GMT
x-content-type-options
nosniff
server
cafe
age
42339
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 03 Oct 2022 07:43:04 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5B34 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 07:43:04 GMT
x-content-type-options
nosniff
server
cafe
age
42339
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 03 Oct 2022 07:43:04 GMT
l
www.google.com/ads/measurement/ Frame 5B34 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRf3qsUWfCne3fHIJqN_MTrcSevQ_H65GO-MSLIBAz67tf25vGeyXTZ6L2v4WtyKQUbzaku
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 5B34 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CSX3LauY5Y_SYG8-VxdwPk6ebsALLrdTXbMn96OXdCrfpor3AARABIKGMtgNgleKKgpgHoAH__Yy2A8gBCakCFoTab7hxsD7gAgCoAwHIAwqqBKgCT9CLNyJVsCSapdYSq87ncagsC-mAEplAxNd4qLL-KdQCZ8cwvEWlbERuxrOWNe4_rfWb2VzlR6SKlHoqPGFFbqVvZuWgj5WnhsSMyDWkiUfpse_PDJUinc01sCSaqBf6UtA9gaD_8PJh27nCVifhSatHi5o6p5zEbgOkBCfFCJqQ32JFvn_iiKkz73DhpH0z_8s6dF5ONckv2AB_uvcqY8SJ55BPzTKu5qTMSaDLjaknnrhFIkzXzIj9T2Ryaoc9YzgmeWmF9oGdS2mw1NA0Sgdp-x7rwmhYKzfdbmWwLXNWTzhvfAym77Uw_puZJK0qS5h4sHEMaTBhZCE5dJyxodgXONKnYEplYSg44SfYeTRX5ZUrWETTePEb_cL1Q7vw88BhBSrHH47ABOfrgLHFAuAEAZIFBAgEGAGSBQQIBRgEoAYugAfpgfNJqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ44UG0ggRCIDhgHAQARgdMgLrAjoCgECACgHICwG4E-QD2BMLiBQZ0BUBmBYBgBcBshceChwIABIUcHViLTM2MTM5OTczMjM5MjAxNTEY7McM&sigh=RMuprJK8dVE&uach_m=[UACH]&template_id=484
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
2076313506083323656
tpc.googlesyndication.com/simgad/9801131011128257422/ Frame 5B34 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9801131011128257422/2076313506083323656
Requested by
Host: www.brandonsun.com
URL: https://www.brandonsun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23c7f3185808cb293607a4fc1faefeafec5047e4a9549f01a5f1d426d6e463c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 13:16:54 GMT
x-content-type-options
nosniff
age
454309
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11655
x-xss-protection
0
last-modified
Tue, 28 Dec 2021 14:53:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 27 Sep 2023 13:16:54 GMT
truncated
/ Frame 5B34 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54accb1b5bf42c17f1acef2eb872709554212e7731ecf2060ab5ca1698825a0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 5B34 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07ca5ec2e08a4d197d0bc0d6322cfe32848e02a147c9d055a732bcc83706e7d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E3FC 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.brandonsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 05:59:47 GMT
x-content-type-options
nosniff
age
221336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2023 05:59:47 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E3FC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.brandonsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:39:12 GMT
x-content-type-options
nosniff
age
456571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 12:39:12 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5B34 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.brandonsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 05:59:47 GMT
x-content-type-options
nosniff
age
221336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2023 05:59:47 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5B34 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.brandonsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:39:12 GMT
x-content-type-options
nosniff
age
456571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 12:39:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092701&jk=494613562429489&bg=!KyilKGzNAAYQgTJdMIE7ACkAdvg8WgQN-0tFr3MNYijureq-wki738_XkzzgRbu3qx7tpJ04z3tbbwIAAABxUgAAAAJoAQcKABvq8txlGZobILJGI-qZUkPz6ndDdfUxz6PJhtOZAqphQBMvlhZYRLI_KhrLvQm2ISrzvckLwx2kjlBOlfClw1xs95pClczjDA92S1bV1hSIXu6rzqVxSu9JNk3tajVah276MRwjwa-mQkNDKhIyvVUnmpbDfdh-HXYHgPDDryWJwpu4SdvoDs7c08vgu-0N6F_pdMHoOrnstojQeelDKdJk0AS_anGEDFo12fDEDH10tuph3FS62e8BtroZrF8GkP93j3KYkrFdf4TfiEJKUlybXj295TZ60O_vhkK7AgtV-NoUapmPvDEKG8Sg62PnsAOok6924z-N6yZCDdlS_ecm6-o1qMbXgMJoZvBQ3MNfGadmYiqaeNcP1N8FPl8wy9b3J1pDQQDEOQE5wqb5YJK7Iuj_K4tJ-2bR1j5gHv31j5MveMhFogWe1XAcd4_DhmicGZChCALKJXJJAeMEuJ5zdQ0Og44R1vPA01agfr--bf9ysiPhkumugZBWmW_bqkH4wKQ8qnSn3c3RTT2pK4bitII_PuVYlMOSVmrrizjttLgP-4FiN5iTtceLVi5RUfoCkalNQOp0SeSmxV6eGcMcbR7gZIG5MmO_KfQiBhFCEuT-4L79legV6iyW4WvX_uoLnmEk0YK4DyQls4RhKRz1-GM8pPFckhX9cELZ1ua0D2gdoKm5jH9jSOYeRqsU6h2Wg4xci-z1PK4xPYQzmR14F5tNnTEGMqkZ4G2sVO_L0EvHdoGXRm8V61iYbY1kUSNGXVBTUW_vBvZruCedYAMUGqwLMPh1ic7CJzfMSeTGAXzSLuKX8oLg10PVJKPs5ehkThPwEAeNlhyZxznaqenQA4kWcBEjSCpzwlaEetgcq5UvodlvQv58KCSxYvp30thDNjKRVERTwHRaERlX5VQT1B6nL9wr_5ac5EKZO719rcZFzX5sQZpj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5B34 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 07:43:04 GMT
x-content-type-options
nosniff
server
cafe
age
42339
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 03 Oct 2022 07:43:04 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5B34 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 07:43:04 GMT
x-content-type-options
nosniff
server
cafe
age
42339
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 03 Oct 2022 07:43:04 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2669 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscMZju7YpfoS9orRNMYfcKLsW5-waDXNkGTtb1rGFFnwwhx6bxPNjEN8b7O4iZ-gkF-7Ies7-a4v7kpMoA7suJfbQG8NCp20wCmGzoA7RJZGSuPtjB&sig=Cg0ArKJSzHFMtgBlAhlkEAE&id=lidar2&mcvt=1000&p=143,316,393,1286&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2693653942&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664738922590&rpt=264&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 19:28:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E3FC 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvccJmbmBEYRGa5fHxvXvoGL0ldg0WbDaoHSrdSBQ0UAtxMn9GYwhN0Xq239Th1A4_JL0_48fGGeGT4ZFZbYwxvS2HUbuWKwBqOkhfUhXdsWEg8siIO8cVez0V-FaKqOW4AnlFcrxdCEXvHzzP0qTuPw-0gmbJYBg0V&sai=AMfl-YQ6PDQp5rjH0iPjBM8-dmrhAX65SJb3VR3je6BGneqC4TwygZ9w_EJ37wAE0cD137DGFFHS2eMDsOmqrF97f30wrgho6aQjQU_3PC-3PFU9ymLRPYVJSOLczgkpmw&sig=Cg0ArKJSzNijoZzF5TPXEAE&cid=CAAST-Ro2BVwTIZ8k_TH26Z48rf0c6mlbgxb1af2KUQZpVtPOl_2s9oZoVafTNEoelOp-fu1L835Dfz2x75jK9brdwIr4KWlYLG0zwhQ5ZwSbqU&id=ampim&o=978,490&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=270&tls=1270&g=100&h=100&tt=1271&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.brandonsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 19:28:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

248 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| cX function| googleTranslateElementInit function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google function| cxCCE_callQueueExecute object| cxTest string| accountServerUrl object| publicationVariables object| pageVariables object| pageSections object| placedIds object| _wpemojiSettings object| handlebars function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| asyncGeneratorStep function| _asyncToGenerator function| ownKeys function| _objectSpread function| _defineProperty function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof object| FP_Account object| FP_Ads object| FP_App object| FP_Article object| FP_ContentManager object| FP_ContentRenderer object| FP_Cookie object| FP_DateTime object| FP_DOM object| FP_Event object| FP_Intercom string| fingerprint_hash object| metadata object| tileSections object| allArticlesForTiles object| pageCache object| featuredContentCache object| accountDeferral object| swgDeferral object| tabbedAdContainers boolean| useHistory number| num_cxense_searches object| FP_Main object| FP_Modal object| FP_Mynews object| FP_Navigation object| FP_News object| FP_Newsletters object| FP_NotificationTopics object| FP_Page object| FP_Preferences object| FP_Requests object| FP_Scroll object| FP_Sections object| FP_Static object| FP_Storage object| FP_SwG object| FP_SwG2 object| FP_Utilities object| FP_Widgets object| FP_Cxense object| FP_Facebook object| FP_Google object| FP_Wordpress object| newsletter_list function| dayjs function| Fingerprint2 object| Handlebars undefined| $ function| jQuery object| html5 object| Modernizr function| yepnope function| Swiper function| introJs function| gtag object| dataLayer object| tribe_l10n_datatables object| lbwpsOptions function| PhotoSwipe function| PhotoSwipeUI_Default object| lbwpsPhotoSwipe function| lbwpsCopyToClipboard object| twemoji object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| onYouTubeIframeAPIReady object| dz number| todayTime object| dzm number| todayTimeMinutes number| monthTime string| activeDays undefined| adArray undefined| cIndex undefined| notFound object| activeDaysArray number| daysActive number| iIndex string| subscription_type_fb string| whitelist_group_fb undefined| v4_clientuserid_fb number| metadataCheck function| getCookie object| match function| fbq function| _fbq function| fbAsyncInit string| vs_account_id object| closure_lm_447493 object| UrlCache object| SUBSCRIPTIONS object| SWG function| GaaGoogleSignInButton function| GaaGoogle3pSignInButton function| GaaSignInWithGoogleButton function| GaaMeteringRegwall function| GaaMetering object| gaplugins object| gaGlobal object| gaData function| _UA-126530131-1_sendHitTask function| lintrk boolean| _already_called_lintrk object| FB object| gapi object| ___jsl object| googletag object| ggeac object| google_js_reporting_queue object| __buffer function| _vs_popup number| int_dbg function| debug function| countDigits function| endsWith function| shouldRewriteIntl function| findIntlRewriteNum function| getRewriteNumber function| rewriteNodeIntl function| getGeneralIntlRegex boolean| mutationListnerAttached number| maxTokens number| curTokens function| addTokens function| attachMutationObserver undefined| vs_intl undefined| vs_intl_class undefined| _vsnocookies undefined| _vskw object| _vsrkpd undefined| google_measure_js_timing object| App undefined| cXJsonpCB1 undefined| cXJsonpCB2 undefined| cXJsonpCB3 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms undefined| cXJsonpCB4 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

24 Cookies

Domain/Path Name / Value
.brandonsun.com/ Name: _pprv
Value: %7B%22consent%22%3A%7B%220%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%221%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%222%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%223%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%224%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%225%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%226%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%227%22%3A%7B%22mode%22%3A%22opt-in%22%7D%7D%7D
.brandonsun.com/ Name: _gcl_au
Value: 1.1.1176810201.1664738919
.brandonsun.com/ Name: _gid
Value: GA1.2.1488882952.1664738919
.brandonsun.com/ Name: _gat_UA-126530131-1
Value: 1
.brandonsun.com/ Name: _fbp
Value: fb.1.1664738919657.1541793445
.linkedin.com/ Name: UserMatchHistory
Value: AQKXgiUSnGyiuwAAAYOaLATqE1iv2lsOazoGTeWv9YegtDN1H3rvDZ-92NWhRiSrp81aerocCSxjwQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJUScv9OjCD9wAAAYOaLATq1s5NKhbT1OzX-M9i182ALRHRv4KxL06oFG586dEDYJVng4GwguEnsf34xCVT1g
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&f60fa16e-e224-41c1-8469-864b667225dd"
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2496:u=1:x=1:i=1664738919:t=1664825319:v=2:sig=AQFWwi5gS_Vkue8djhpB5dbtePkACTrr"
.marchex.io/ Name: uid
Value: 1559092b.5ea123bf9f5b6
www.brandonsun.com/ Name: fingerprint_hash
Value: 15df4a113093b93b4ce7bd7af6f22f87
account.brandonsun.com/ Name: fpnewsplatform_session
Value: mCGF32DMhV0EDZ46zxIXJdk3UKznW2Fl9JDmKujf
.brandonsun.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22l8rqkiy5ij14c8xt%22%7D
.brandonsun.com/ Name: cX_P
Value: l8rqkiy5ij14c8xt
.brandonsun.com/ Name: _gat_gtag_UA_11192669_2
Value: 1
.brandonsun.com/ Name: _ga_GM37S7T1YK
Value: GS1.1.1664738921.1.0.1664738921.0.0.0
.brandonsun.com/ Name: _ga
Value: GA1.1.265959381.1664738919
.brandonsun.com/ Name: _pctx
Value: %7Bu%7DN4IgDghg5gpgagSxgdwJIBMQC4QBsAcATgI4DWCAngKwDsAHgF4BMhDCmANCAK4DOMhXtgB23XLi58BAZQAuEWX2wgIwgPbCQXXglkwMygJxMTAZgBsABlOWqh0zQen8NACwgAvkA
.brandonsun.com/ Name: cX_S
Value: l8rqkl27zfq2inda
.cxense.com/ Name: gckp
Value: cx:h7lz7krg9xb8315b40jdrj59:2ky2nl9ia2vei
.brandonsun.com/ Name: cX_G
Value: cx%3Ah7lz7krg9xb8315b40jdrj59%3A2ky2nl9ia2vei
.doubleclick.net/ Name: IDE
Value: AHWqTUk7q5Fd9FBGiaaA-yG1pU_1-lZJ2fo49nvBfPmuJoJ4zrsoAaPte0ljDBNSJ4g
.brandonsun.com/ Name: __gads
Value: ID=d66541b22ca4bcf1:T=1664738921:S=ALNI_MYr9OGOnzDnuQOHGS8nxhfCj_fYig

4 Console Messages

Source Level URL
Text
network error URL: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3300905%26time%3D1664738919502%26url%3Dhttps%253A%252F%252Fwww.brandonsun.com%252F%26liSync%3Dtrue
Message:
Failed to load resource: the server responded with a status of 429 ()
rendering warning URL: https://www.brandonsun.com/
Message:
[.WebGL-0x339c01f64d00]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels
other warning URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10441863.fls.doubleclick.net
account.brandonsun.com
adservice.google.com
adservice.google.de
api.cxense.com
apis.google.com
brandonsun-can.newsmemory.com
cdn.ampproject.org
cdn.cxense.com
comcluster.cxense.com
connect.facebook.net
e0d604d579bb356fbec217be92d4c6c3.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
id.cxense.com
news.google.com
p1cluster.cxense.com
pagead2.googlesyndication.com
passages.brandonsun.com
px.ads.linkedin.com
px.marchex.io
region1.google-analytics.com
rw1.marchex.io
scdn.cxense.com
securepubads.g.doubleclick.net
snap.licdn.com
stats.g.doubleclick.net
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
winnipeg-free-press-snowplow-collector.localnewslab.io
www.brandonsun.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
142.250.186.166
147.75.83.64
147.75.85.120
172.217.19.98
174.137.122.128
2001:4860:4802:32::36
205.200.191.105
205.200.191.140
2620:1ec:21::14
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c00::5f
2a00:1450:400c:c0c::9a
2a00:1450:400d:806::200e
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2002
2a00:1450:400d:80e::200a
2a02:26f0:3500:16::215:14a0
2a02:26f0:3500:893::268b
2a02:26f0:3500:898::268b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:fa87:fffd::c000:4221
50.17.180.6
52.0.163.197
54.89.81.207
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
07ca5ec2e08a4d197d0bc0d6322cfe32848e02a147c9d055a732bcc83706e7d3
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0e642b73b74303ba1407eb77581732307027f34e33cf09a3f1429fe0f84ce3a1
10b31e03631816eb359487ae573894c41aef8336223c5192714e26b2f9bc00e3
13689523a09825f3186a135d2234306e7a5e1a294b176745b3c9c8417b59a73b
146cd5af630c883ae94bf954ffb2644263cce8608162a50320c5cdcb001ad92e
19262038e4822652211892db8897ccb20a77e5c5d6eea854f501f3a3e6510658
1988a43cbc7d9ba37a02a769a0c990fe960109605ca34870815a9ac2e841a1e8
1b13c38710e3ab4482c232be3129118088c6b4f3cd57b33bac63bbce839ec3d2
1de26568ada25245a030a17099160eec24c09f06d8b13f8867484e82f648ec6c
1fea9bf4afbb158c082689db3e89c2cf0fd852628452556aea17451caa02c22a
21f8ba0044e32b617a14b1adb5203faf7ba88590a3cba56ffb40371ddb2fd277
23c7f3185808cb293607a4fc1faefeafec5047e4a9549f01a5f1d426d6e463c0
2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29a5c2097f99c6f83d0a6eb315a968fd08a277eae13ec278cc9e23842c18c887
34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37835e552403a26a939477148a9dc7135420f9e2c7f3882adbf12dc5d0fe2c02
3a28b1e29b466e8ef53e57501216eb49261ecce111802b5c013f196ab375f070
3db2e5c0e8be29dc507daee57be782f6e32f6e0078cdde2796a4151b160b9b4a
3f18602a84f592491aeaddee7332ba60b0399cd3ecccc071c79438e82b1df067
49129d59dbc6ec81a58312ca9c74d0eb6d570112f6b0f537deb2a7af15c6a44e
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
522219c3978b635866d1f45a2d0a6438c5a7cee401b7d4a8c22f22c3ed3079d0
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
54accb1b5bf42c17f1acef2eb872709554212e7731ecf2060ab5ca1698825a0e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560c836d7a468b5a03d13f71367dca6889af2e39a50acb730702e166e3f4add3
5a794e7a0db0af3ee88785c3961565fd1dd939b2b82e63d0b9d0b12c5136338a
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ef28f858db88cc8f297ae07038c10cc3544b07bf4973563537a9b327667571a
604b31d10f61e7465b3030242f719c397ef804e3a998c1782f0c04759be65aaa
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8
677e13931343c9c296edbe034e6ce78a815ebfd4de447675838f2b833efb69ca
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
6b1cc98ed3048b8b2514711e8156e2ea0d2891dd92ff33f2be64351503f95532
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d2cfcfb36926883c4ff291aa2b34fe7a75af4af506a82060b3f627cb1d4e694
7a28cda85cf9c6f826541208d3a1fc717b0c60a54457e374ae9a4cec610dd1b9
7a3415f3747641facd2f416b3b4332a47bc9792fa15565607f181369fc56b87f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
820b1489c126d422feaf97b9459cb2171fa52e3044658168157046740dd637b0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b34da130ddd414df589a6684024c109d4601c99bdafbbc9fe5d416a3b60d386
8b82448e5551693ea90c222fc2eb8df69f5cbb2f03e75587d1f206e3b35adc03
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
903eda8b00db7b04e25430f83af2bf1325aea1485da6611eaed3ab2e98a2a050
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99371e8373904c3ed3bd6c790109d1387ecb0bdd04650237a59bd1fbc2a344b1
9a5094c625bfb2272cc1e91217e48ca229d8c714bb2edf91f1a9dad6edaccfc5
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9e35fbfca7388f673e3f46af9cda30b71a9017a97537b07bc98a54fb52163207
a19954e5507393b097153ba24bc08dc14f87e162bd49e513b274834bb303c333
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a760a48f78d2aba788df01bac73d8e08cdb471b2cefbb3ed4f4173bdbe02a159
a94f1385dd2cfbff19640923135249d3605879acff8547b55c7dbe09a4f6a223
a9934b98dff0f90f68a3d07944cd938528ea277225fee38fd63db1db3dae5dd2
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
ae97c3551ae3b0f51e4223dc4f1c9f1a0abe9e92e31b2f8127a42c2c944b72e9
aeeca56c3fe0516248ed4a3ff1da8130ae3fd2d560cfa6ef967ef7404b56b2b8
b00d1c28fdd5626ba2e91d9de2a0f390cdabf5e15a3c62febb101cc21503b33f
b02385b145e36a3f910af6659a87331dcf40437f32abbeb234a22956232d159f
b0d79f22d756f448a5226153b722923be1a7b30ea0aac8c265c98e2a3037fd71
b1cd62b19b8eff537d602830d399a4e93f619307063f7d302fe9339263c7cffa
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b607820ac27acb9517adee329d8ac90d0a16bd29d11d807474a5c20d6f7811ac
b88d5392517fd4b0e6eeff84718a51369ac3bc4ec092f7dcab7d37e72c12be9d
badb84c0c8a26ae7179972a38959e05aa253b2b99d4c4a471613b51f9a3fd065
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
c5f2f3edffbd3c2e50b77268539487fcae90b97836c4bc97477380dc5b7cd7e2
c8e6f8c8894b0abac617828562ad3d9fc61002c5bf969c24502fa2cd722af4d1
ca11b298f778bc9674f60d265c6b71dfcc42723d64cef1ecb6c7056c3088c6e6
ccc1ae8d8fa1614cfef673670b6a37fd4cce2e6ef77571bb99755a47da072d33
d1bf1b27fa63170efbb30b5897c2793067bf4c75966f27d97c50c3c92da6bb97
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d94a565d503629c0a27da450997ba2d6d3029385f272c55fd6579dd388c63b81
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
dbf663737a6d53ea7b804a8bfba10cd7e363e7b08699a934477a93cf462832d1
dce53fe8caa5ff377165edca7e6667bb06bc7de0698b93b7fec1e28ce7eabbd8
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3085b181409694c2679b6397714cc6b371889da9f2a0023a24295db4c6da278
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f
ebf0212ef623202f1ab5057de028b07c3fe4f10946858c7c24cbdfa700fb265b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd684dac9c5beefa0f0494b3af22e8289147cf61f0dcd668d6dfff65215aa69
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531
f3826fad12202db0cd1d0e6b07e996de70cb86db1a25f4eba1fb5c024ba28d9d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fba2e28dab7e9f0135909704885960e762725fa8e62af67e4fdd2929fb1e91a0