www.mrbrandly.com Open in urlscan Pro
156.253.69.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mrbrandly.com/
Effective URL:
http://www.mrbrandly.com/
Submission: On August 22 via manual (August 22nd 2024, 5:05:53 pm UTC) from JP — Scanned from US

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 16 domains to perform 51 HTTP transactions. The main IP is 156.253.69.32, located in Johannesburg, South Africa and belongs to HKIDC-AS-AP LUOGELANG FRANCE LIMITED, HK. The main domain is www.mrbrandly.com.

This is the only time www.mrbrandly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 9	156.253.69.32 156.253.69.32	142286 (HKIDC-AS-...) (HKIDC-AS-AP LUOGELANG FRANCE LIMITED)
3	108.138.115.149 108.138.115.149	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:247... 2600:9000:247b:8200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
5	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	156.253.71.3 156.253.71.3	142286 (HKIDC-AS-...) (HKIDC-AS-AP LUOGELANG FRANCE LIMITED)
5	151.101.66.62 151.101.66.62	54113 (FASTLY) (FASTLY)
2	14.215.183.79 14.215.183.79	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	180.101.212.103 180.101.212.103	134770 (CHINANET-...) (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network)
1	18.173.132.21 18.173.132.21	16509 (AMAZON-02) (AMAZON-02)
1	18.173.140.223 18.173.140.223	16509 (AMAZON-02) (AMAZON-02)
2	3.221.239.160 3.221.239.160	14618 (AMAZON-AES) (AMAZON-AES)
1 1	210.87.207.163 210.87.207.163	138195 (MOACKCOLT...) (MOACKCOLTD-AS-AP MOACK.Co.LTD)
1	103.199.103.169 103.199.103.169	138195 (MOACKCOLT...) (MOACKCOLTD-AS-AP MOACK.Co.LTD)
2	2606:4700::68... 2606:4700::6811:882f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.201.174.84 23.201.174.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	20.40.202.2 20.40.202.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	163.177.17.97 163.177.17.97	136958 (UNICOM-GU...) (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1 2	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
2	151.101.2.62 151.101.2.62	54113 (FASTLY) (FASTLY)
51	23

9 156.253.69.32 (Johannesburg, South Africa) 6 redirects

ASN142286 (HKIDC-AS-AP LUOGELANG FRANCE LIMITED, HK)

mrbrandly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mrbrandly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.115.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-115-149.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:247b:8200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:5a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidanalytics.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.253.71.3 (Johannesburg, South Africa)

ASN142286 (HKIDC-AS-AP LUOGELANG FRANCE LIMITED, HK)

156.253.71.3	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.66.62 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.detroitnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 14.215.183.79 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.101.212.103 (China)

ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN)

push.zhanzhang.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-21.jfk52.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.140.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-140-223.jfk52.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.221.239.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-239-160.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.87.207.163 (Korea, Republic Of) 1 redirects

ASN138195 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR)

gg.moguseotwentyseven.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.199.103.169 (Korea, Republic Of)

ASN138195 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR)

down20240819.mgchannel2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:882f (United States)

ASN13335 (CLOUDFLARENET, US)

polarcdn-terrax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.174.84 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-174-84.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.2 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.177.17.97 (China)

ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN)

api.share.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a00b::12 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.62 (San Francisco, United States)

ASN54113 (FASTLY, US)

reporting-api.gannettinnovation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	mrbrandly.com 6 redirects mrbrandly.com www.mrbrandly.com	111 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1198 c2.taboola.com — Cisco Umbrella Rank: 12492 pm-widget.taboola.com — Cisco Umbrella Rank: 4404 beacon.taboola.com — Cisco Umbrella Rank: 5056 vidanalytics.taboola.com — Cisco Umbrella Rank: 3613	347 KB
5	detroitnews.com user.detroitnews.com Failed www.detroitnews.com — Cisco Umbrella Rank: 179931	75 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 394 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 999 aax.amazon-adsystem.com — Cisco Umbrella Rank: 501	85 KB
4	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8226 push.zhanzhang.baidu.com — Cisco Umbrella Rank: 145136 api.share.baidu.com — Cisco Umbrella Rank: 128016	12 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280	182 KB
4	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 1040 pixel.adsafeprotected.com — Cisco Umbrella Rank: 1139	12 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3983 collector.brandmetrics.com — Cisco Umbrella Rank: 4257	20 KB
2	gannettinnovation.com reporting-api.gannettinnovation.com — Cisco Umbrella Rank: 24244
2	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 553	559 B
2	polarcdn-terrax.com polarcdn-terrax.com — Cisco Umbrella Rank: 15053	7 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 2804	165 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1622	17 KB
1	mgchannel2.com down20240819.mgchannel2.com
1	moguseotwentyseven.com 1 redirects gg.moguseotwentyseven.com	134 B
0	Failed function sub() { [native code] }. Failed
51	16

	Domain	Requested by
8	www.mrbrandly.com	5 redirects www.mrbrandly.com
5	www.detroitnews.com	www.mrbrandly.com
4	securepubads.g.doubleclick.net	www.mrbrandly.com securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	www.mrbrandly.com c.amazon-adsystem.com
2	reporting-api.gannettinnovation.com	www.mrbrandly.com
2	gum.criteo.com	1 redirects www.mrbrandly.com
2	pm-widget.taboola.com	cdn.taboola.com www.mrbrandly.com
2	polarcdn-terrax.com	www.mrbrandly.com
2	pixel.adsafeprotected.com	static.adsafeprotected.com www.mrbrandly.com
2	hm.baidu.com	156.253.71.3 www.mrbrandly.com
2	cdn.confiant-integrations.net	www.mrbrandly.com
2	cdn.taboola.com	www.mrbrandly.com
2	cdn.brandmetrics.com	www.mrbrandly.com cdn.brandmetrics.com
2	static.adsafeprotected.com	www.mrbrandly.com
1	vidanalytics.taboola.com	cdn.taboola.com
1	beacon.taboola.com	cdn.taboola.com
1	api.share.baidu.com	www.mrbrandly.com
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	secure.cdn.fastclick.net	www.mrbrandly.com
1	down20240819.mgchannel2.com	156.253.71.3
1	gg.moguseotwentyseven.com	1 redirects
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	www.mrbrandly.com
1	push.zhanzhang.baidu.com	www.mrbrandly.com
1	c2.taboola.com	www.mrbrandly.com
1	mrbrandly.com	1 redirects
0	xn--gmq11yrxjois Failed	www.mrbrandly.com
0	user.detroitnews.com Failed	www.mrbrandly.com
51	28

This site contains no links.

Subject Issuer	Validity	Valid
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
brandmetrics.com WE1	`2024-06-27` - `2024-09-25`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
confiant-integrations.net WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.mgchannel2.com E5	`2024-08-07` - `2024-11-05`	3 months	crt.sh
polarcdn-terrax.com WE1	`2024-08-07` - `2024-11-05`	3 months	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2024-05-13` - `2025-06-11`	a year	crt.sh
gannettinnovation.com R11	`2024-08-02` - `2024-10-31`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://www.mrbrandly.com/
Frame ID: 66E21643325F29C3473BCC78732AABAC
Requests: 53 HTTP requests in this frame

Frame: https://down20240819.mgchannel2.com/?shareName=ggline
Frame ID: FD7302C8C5AEFCC141D94A0EA73CCC2D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

人妻无码-人妻无码中文-人妻无码中文在线观看

Page URL History Show full URLs

http://mrbrandly.com/ HTTP 307
https://mrbrandly.com/ HTTP 307
http://mrbrandly.com/ HTTP 301
http://www.mrbrandly.com/ HTTP 307
https://www.mrbrandly.com/ HTTP 307
http://www.mrbrandly.com/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Page Statistics

51
Requests

51 %
HTTPS

17 %
IPv6

16
Domains

28
Subdomains

23
IPs

4
Countries

1040 kB
Transfer

3590 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mrbrandly.com/ HTTP 307
https://mrbrandly.com/ HTTP 307
http://mrbrandly.com/ HTTP 301
http://www.mrbrandly.com/ HTTP 307
https://www.mrbrandly.com/ HTTP 307
http://www.mrbrandly.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

http://www.mrbrandly.com/gcdn/presto/2021/06/13/PDTN/118c8bf7-7ee1-411c-8dfd-a0c153e57c6b-2021-0613-dm-me_kilpatrick2203.jpg?crop=3196,1798,x1,y1162&width=660&height=370&format=pjpg&auto=webp HTTP 302
https://www.detroitnews.com/gcdn/presto/2021/06/13/PDTN/118c8bf7-7ee1-411c-8dfd-a0c153e57c6b-2021-0613-dm-me_kilpatrick2203.jpg?crop=3196,1798,x1,y1162&width=660&height=370&format=pjpg&auto=webp

Request Chain 13

http://www.mrbrandly.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74891391007-harrington.jpg?crop=4031,2268,x0,y0&width=210&height=118&format=pjpg&auto=webp HTTP 302
https://www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74891391007-harrington.jpg?crop=4031,2268,x0,y0&width=210&height=118&format=pjpg&auto=webp

Request Chain 14

http://www.mrbrandly.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74894898007-20240821-dmlionspractice-0024.jpg?crop=1035,582,x0,y59&width=210&height=118&format=pjpg&auto=webp HTTP 302
https://www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74894898007-20240821-dmlionspractice-0024.jpg?crop=1035,582,x0,y59&width=210&height=118&format=pjpg&auto=webp

Request Chain 15

http://www.mrbrandly.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74891061007-red-wave.jpg?crop=3989,2244,x0,y11&width=210&height=118&format=pjpg&auto=webp HTTP 302
https://www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74891061007-red-wave.jpg?crop=3989,2244,x0,y11&width=210&height=118&format=pjpg&auto=webp

Request Chain 16

http://www.mrbrandly.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74885923007-dji-20240821083430-0058-d-djiam.jpg?crop=3599,2025,x0,y336&width=660&height=371&format=pjpg&auto=webp&quality=40 HTTP 302
https://www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74885923007-dji-20240821083430-0058-d-djiam.jpg?crop=3599,2025,x0,y336&width=660&height=371&format=pjpg&auto=webp&quality=40

Request Chain 32

http://cdn.confiant-integrations.net/gptprebidnative/202407090940/wrap.js HTTP 307
https://cdn.confiant-integrations.net/gptprebidnative/202407090940/wrap.js

Request Chain 34

https://gg.moguseotwentyseven.com/ HTTP 301
https://down20240819.mgchannel2.com/?shareName=ggline

Request Chain 45

http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS HTTP 302
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

51 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.mrbrandly.com/
Redirect Chain

http://mrbrandly.com/
https://mrbrandly.com/
http://mrbrandly.com/
http://www.mrbrandly.com/
https://www.mrbrandly.com/
http://www.mrbrandly.com/

179 KB
67 KB

5239ms
4413ms

Document
text/html

156.253.69.32
HKIDC-AS-AP LUOGE...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.mrbrandly.com/
Protocol: HTTP/1.1
Server: 156.253.69.32 Johannesburg, South Africa, ASN142286 (HKIDC-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: bccdada92d76221d5fb5da97858fd697d72be1fbac8f48e9b93514b445b0b2b8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=gbk
Date: Thu, 22 Aug 2024 17:05:40 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Location: http://www.mrbrandly.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK pbjsandwichdirecta9-q1a2z3d617f5f3.min.js Show response
www.mrbrandly.com/tangstatic/js/ 2 B
443 B 3620ms
3605ms Script
text/javascript 156.253.69.32
HKIDC-AS-AP LUOGE...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.mrbrandly.com/tangstatic/js/pbjsandwichdirecta9-q1a2z3d617f5f3.min.js
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: HTTP/1.1
Server: 156.253.69.32 Johannesburg, South Africa, ASN142286 (HKIDC-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: 6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Aug 2024 17:05:44 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 321 KB
79 KB 807ms
159ms Script
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc0c998eff149cb4a93c30ad34fb3ac78929f08c0bb67d1fd3a1c398737b8888

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 16:14:56 GMT
content-encoding: gzip
via: 1.1 08f45c153a856ff7955174d0e6f60744.cloudfront.net (CloudFront), 1.1 d33ed2107293e32734a96656b820e092.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2024 19:39:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
age: 3046
x-amz-server-side-encryption: AES256
etag: W/"697d5d5cb9eee26a08aec8b885d0213b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: HfGOEMwMSayjonGziIzDYW9uUL-UFpHNyS54NMChevrJlk9G0Egg6A==

GET
H2 200 iasPET.1.js Show response
static.adsafeprotected.com/ 22 KB
7 KB 762ms
144ms Script
application/javascript 2600:9000:247b:8200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/iasPET.1.js
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 16:18:09 GMT
x-amz-version-id: UWTIHcIBCTlOhfqinKDA9NwqhFA8.Ocb
content-encoding: gzip
via: 1.1 3e2f727ea310e2e3b32b1270aac06aea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 2853
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Jun 2021 13:42:44 GMT
server: AmazonS3
etag: W/"51636de3ce868a2172f9e6996c2934e0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 8MfBPhj1FCxCf46KKbjFaVWwipAYhvGjYDTAqREyW2cGD7-Ap5nrlQ==

GET
H2 200 gannett_net.js Show response
cdn.brandmetrics.com/tag/f5e47f5ae82e4c48bbc1a7f9281ed95b/ 5 KB
3 KB 678ms
79ms Script
text/javascript 2606:4700:20::681a:5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/f5e47f5ae82e4c48bbc1a7f9281ed95b/gannett_net.js
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b03799d1b9b43d5f2b6990e07ec1f2f7b708dbdd251d682673fb206ff49ef1d6

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:41 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 22 Aug 2024 16:47:08 GMT
server: cloudflare
age: 1113
cf-polished: origSize=4796
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LyQfFzSar7gu2IdQ8%2ByzV0Ox7eycEEnOw%2B3UkPKoBWpPlmldWh%2Baw%2FAMGqlcAdYTq0O7mnYJxVMye847t1fZjZv%2F3vBqnb8ZI%2FoLLVunXEh26OZi3U6BpwjaFT9ir2tLOJRI6GK8EzGN4AfL8BbG5RaZ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8b7472fa49a27bcb-LAX
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 102 KB
32 KB 853ms
212ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

15187261a89c201ca251650bd07409945bddb6c253e3ee6307e9a17abbb864cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32375
x-xss-protection: 0
server: cafe
etag: 157 / 19957 / 31086257 / config-hash: 14254142982598812292
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 22 Aug 2024 17:05:41 GMT

GET
H/1.1 200
OK main-q1a2z31db52734.min.js Show response
www.mrbrandly.com/tangstatic/js/ 89 KB
41 KB 3946ms
3202ms Script
text/javascript 156.253.69.32
HKIDC-AS-AP LUOGE...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.mrbrandly.com/tangstatic/js/main-q1a2z31db52734.min.js
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: HTTP/1.1
Server: 156.253.69.32 Johannesburg, South Africa, ASN142286 (HKIDC-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: 17b1adefbb5e5b1f5f2a99e6fbb7880ac687cd645bb9e4411213385e6614437b

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Aug 2024 17:05:44 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/gannett-network/ 1 MB
302 KB 83ms
75ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 45749604a30c3c469625453ef283137f1b3b3992ea8e620ce134043182d73656

Request headers

Referer: http://www.mrbrandly.com/
Origin: http://www.mrbrandly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: NuG1RCEdJjG2lOtzoxTS5AYYjW9QFH5w
content-encoding: gzip
via: 1.1 varnish
date: Thu, 22 Aug 2024 17:05:42 GMT
x-amz-request-id: X551Y9Z0XWW38XDM
age: 571
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 11
x-amz-replication-status: FAILED
content-length: 308441
x-amz-id-2: djeO/oIdPbBA0aG9ehp13vc4hvb5MUnsSFyCMYhyBWTtUNQ1+Y3uBvLxZ63EVbEINAsAkm0QheE=
x-served-by: cache-lax-kwhp1940070-LAX
last-modified: Thu, 22 Aug 2024 16:56:06 UTC
server: nginx
x-timer: S1724346343.888071,VS0,VE2
etag: "5c1be136c2dfccb6aebe62ad8baed49fed2f8819"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 3
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/gannettcompany-detroitnews/ 60 KB
18 KB 514ms
264ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/gannettcompany-detroitnews/newsroom.js
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ba780c96f30409922f00b9a51a24852a7f2e381dbfc8aec1fd06b308f6a2051

Request headers

Referer: http://www.mrbrandly.com/
Origin: http://www.mrbrandly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Thu, 22 Aug 2024 17:05:41 GMT
x-amz-request-id: H5AR1SK2K5GDYW1S
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17691
x-amz-id-2: qMbgtarHfDzKPARFqVGpxhYpUkF8kuN9uX+UuQuEO4Q4Oj7A/zjNn7qptcxPE4Esrk+48X0Nkik=
x-served-by: cache-lax-kwhp1940070-LAX
last-modified: Thu, 12 Oct 2023 17:48:58 GMT
server: AmazonS3
x-timer: S1724346341.153805,VS0,VE186
etag: "58448eea227d8f8b76f98ac7264b5464"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/ 264 KB
63 KB 213ms
83ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/config.js
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7ee4da7f5ce65504f7743af2a03cde3d14d1483a6cc53d7d8f3a70c97d91869

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:41 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: YEWJXG81VBSB1DMY
age: 673
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 64468
x-amz-id-2: ysbbYtY/RFbS+3uNRJLzXom4qa9fvxPqQ8qTpRdno/zdcAL+FRuZSOi5HZI6WPXU89qlfo4tn3I=
last-modified: Thu, 22 Aug 2024 16:44:53 GMT
server: cloudflare
etag: "baa0383b19cdc748a068d17e8a2133d5"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
cf-ray: 8b7472f77d7bcba0-LAX

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09ff51e8da83c9e21d60dfe0362dd8ba6757e563659f1ab043779e1dd5118b4b

Request headers

Referer: http://www.mrbrandly.com/
Origin: http://www.mrbrandly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET /
user.detroitnews.com/PDTN-GUP/user/ 0
0

GET
H/1.1 200
OK mgmg.js Show response
156.253.71.3/ 878 B
1 KB 1290ms
635ms Script
application/javascript 156.253.71.3
HKIDC-AS-AP LUOGE...

General

Check archive.org

Show headers Download Go to

Full URL: http://156.253.71.3/mgmg.js
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: HTTP/1.1
Server: 156.253.71.3 Johannesburg, South Africa, ASN142286 (HKIDC-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: 406fcd1f322a66e1014e5aa90d2319ed7efa244636760138d2d54481293f28de

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 17:05:42 GMT
Last-Modified: Mon, 19 Aug 2024 12:08:06 GMT
Server: nginx
ETag: "66c335a6-36e"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 878
Expires: Fri, 23 Aug 2024 05:05:42 GMT

GET
H2

200

118c8bf7-7ee1-411c-8dfd-a0c153e57c6b-2021-0613-dm-me_kilpatrick2203.jpg
www.detroitnews.com/gcdn/presto/2021/06/13/PDTN/
Redirect Chain

http://www.mrbrandly.com/gcdn/presto/2021/06/13/PDTN/118c8bf7-7ee1-411c-8dfd-a0c153e57c6b-2021-0613-dm-me_kilpatrick2203.jpg?crop=3196,1798,x1,y1162&width=660&height=370&format=pjpg&auto=webp
https://www.detroitnews.com/gcdn/presto/2021/06/13/PDTN/118c8bf7-7ee1-411c-8dfd-a0c153e57c6b-2021-0613-dm-me_kilpatrick2203.jpg?crop=3196,1798,x1,y1162&width=660&height=370&format=pjpg&auto=webp

30 KB
30 KB

174ms
152ms

Image
image/webp

151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.detroitnews.com/gcdn/presto/2021/06/13/PDTN/118c8bf7-7ee1-411c-8dfd-a0c153e57c6b-2021-0613-dm-me_kilpatrick2203.jpg?crop=3196,1798,x1,y1162&width=660&height=370&format=pjpg&auto=webp

Requested by

Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/

Protocol

Server

151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2152fb1891fc0e7fa224d685e85a74f28834de209b3ac5c0c55b6fcffe5a47df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:45 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000;includeSubDomains;preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 63864
x-cache: MISS, HIT, MISS, MISS, MISS
fastly-stats: io=1
content-length: 30520
etag: "iAaUEXfpTc/k4hEwMMcsSJusSjY32OoxQGD8qTLm08E"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

Pragma: no-cache
Date: Thu, 22 Aug 2024 17:05:45 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://www.detroitnews.com/gcdn/presto/2021/06/13/PDTN/118c8bf7-7ee1-411c-8dfd-a0c153e57c6b-2021-0613-dm-me_kilpatrick2203.jpg?crop=3196,1798,x1,y1162&width=660&height=370&format=pjpg&auto=webp
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

74891391007-harrington.jpg
www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/
Redirect Chain

http://www.mrbrandly.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74891391007-harrington.jpg?crop=4031,2268,x0,y0&width=210&height=118&format=pjpg&auto=webp
https://www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74891391007-harrington.jpg?crop=4031,2268,x0,y0&width=210&height=118&format=pjpg&auto=webp

6 KB
6 KB

255ms
254ms

Image
image/webp

151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74891391007-harrington.jpg?crop=4031,2268,x0,y0&width=210&height=118&format=pjpg&auto=webp

Requested by

Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/

Protocol

Server

151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f6d61cc9e9bd89f3cc9be78c90e8ccd24e25622ff0ce6d04f2d061942f7e2ef2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:45 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000;includeSubDomains;preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 79501
x-cache: MISS, MISS, MISS, MISS
fastly-stats: io=1
content-length: 5952
etag: "uDcrMYGHUQhWYM3ksFPCDLQN+ZDmhR8OmnkaJc5tmMk"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

Pragma: no-cache
Date: Thu, 22 Aug 2024 17:05:45 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74891391007-harrington.jpg?crop=4031,2268,x0,y0&width=210&height=118&format=pjpg&auto=webp
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

74894898007-20240821-dmlionspractice-0024.jpg
www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/
Redirect Chain

http://www.mrbrandly.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74894898007-20240821-dmlionspractice-0024.jpg?crop=1035,582,x0,y59&width=210&height=118&format=pjpg&auto=webp
https://www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74894898007-20240821-dmlionspractice-0024.jpg?crop=1035,582,x0,y59&width=210&height=118&format=pjpg&auto=webp

4 KB
4 KB

93ms
92ms

Image
image/webp

151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74894898007-20240821-dmlionspractice-0024.jpg?crop=1035,582,x0,y59&width=210&height=118&format=pjpg&auto=webp

Requested by

Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/

Protocol

Server

151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e9c3186cad171d801d403c4b4e5fee8982a07b3d71a04890c062cc6be8452fe3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:45 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000;includeSubDomains;preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 68753
x-cache: MISS, HIT, HIT, MISS, MISS
fastly-stats: io=1
content-length: 3736
etag: "nirrJ67hFWWFPTifb4PkFmquTIoCq5tNsM0LAzz/O+s"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

Pragma: no-cache
Date: Thu, 22 Aug 2024 17:05:45 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74894898007-20240821-dmlionspractice-0024.jpg?crop=1035,582,x0,y59&width=210&height=118&format=pjpg&auto=webp
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

74891061007-red-wave.jpg
www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/
Redirect Chain

http://www.mrbrandly.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74891061007-red-wave.jpg?crop=3989,2244,x0,y11&width=210&height=118&format=pjpg&auto=webp
https://www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74891061007-red-wave.jpg?crop=3989,2244,x0,y11&width=210&height=118&format=pjpg&auto=webp

7 KB
7 KB

225ms
225ms

Image
image/webp

151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74891061007-red-wave.jpg?crop=3989,2244,x0,y11&width=210&height=118&format=pjpg&auto=webp

Requested by

Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/

Protocol

Server

151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

efa0ec0bd70402937b86277a2035e3b835ebf2f303987cd812b49fa01955ed57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:47 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000;includeSubDomains;preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 73202
x-cache: MISS, MISS, MISS, MISS, MISS
fastly-stats: io=1
content-length: 7496
etag: "fOcJym9bI7O8IjLiZrGZMGu8xWcbHzQvqGhyVqOCDwo"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

Pragma: no-cache
Date: Thu, 22 Aug 2024 17:05:47 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74891061007-red-wave.jpg?crop=3989,2244,x0,y11&width=210&height=118&format=pjpg&auto=webp
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

74885923007-dji-20240821083430-0058-d-djiam.jpg
www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/
Redirect Chain

http://www.mrbrandly.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74885923007-dji-20240821083430-0058-d-djiam.jpg?crop=3599,2025,x0,y336&width=660&height=371&format=pjpg&auto=webp&quality=40
https://www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74885923007-dji-20240821083430-0058-d-djiam.jpg?crop=3599,2025,x0,y336&width=660&height=371&format=pjpg&auto=webp&quality=40

28 KB
28 KB

87ms
86ms

Image
image/webp

151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74885923007-dji-20240821083430-0058-d-djiam.jpg?crop=3599,2025,x0,y336&width=660&height=371&format=pjpg&auto=webp&quality=40

Requested by

Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/

Protocol

Server

151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f2fa1043768ce73e3c2b1895b52c6a41ddf524953bee28d79a0fc57204cd3803

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:45 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000;includeSubDomains;preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 96796
x-cache: HIT, HIT, MISS, MISS
fastly-stats: io=1
content-length: 28436
etag: "3OlX7io8eBLnF7iE6sP5I4l00osz8d5HTn8RDLJmajM"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

Pragma: no-cache
Date: Thu, 22 Aug 2024 17:05:45 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://www.detroitnews.com/gcdn/authoring/authoring-images/2024/08/21/PDTN/74885923007-dji-20240821083430-0058-d-djiam.jpg?crop=3599,2025,x0,y336&width=660&height=371&format=pjpg&auto=webp&quality=40
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET global-q1a2z3JYh0nddmja0UsyPnKNUd1bkkVs0.min.json
www.mrbrandly.com/ 0
0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 973ms
359ms Script
application/javascript 14.215.183.79
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?0e87f6573774e5726f07312a6b235967

Requested by

Host: 156.253.71.3
URL: http://156.253.71.3/mgmg.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

3488e7301c5af59d6e76e6773204d277f1a6e1c0e11e80bcb0f73c818f9c13ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 17:05:43 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: dfb233b0975832a8eb0e5725a347aa52
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11289

GET
H/1.1 200
OK push.js Show response
push.zhanzhang.baidu.com/ 281 B
377 B 1314ms
243ms Script
text/javascript 180.101.212.103
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to

Full URL: http://push.zhanzhang.baidu.com/push.js
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: HTTP/1.1
Server: 180.101.212.103 , China, ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN),
Reverse DNS
Software: bfe /
Resource Hash: 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 17:05:44 GMT
Content-Encoding: gzip
Server: bfe
Content-Length: 232
Content-Type: text/javascript

GET
H3 200 adx Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
2 KB 187ms
187ms Fetch
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/adx?t=position%3Dnative-front_tile&iu=7103%2Fmi-detroit-C1561%2Fnative-front_tile%2Fhomepage&sz=2x3&cust_params=utm_props%3D%7C%7C%26navigationtype%3Ddirect%26cst_section%3Dhomepage%26pageType%3Dhome-front%26property%3DPDTN%26sitepage%3DPDTN%2Fhome%26ssts_section%3Dhome%26aam_props%3Dtangent-desktop%7Cdesktop%7Chomefront%26build%3Dtangent-desktop&tfcd=0&c=126613556875537

Requested by

Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

bc443fdf2105361ab7fbbb56624c031c900522caabb03e60cc0f244ba41faa76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2187
x-xss-protection: 0
google-lineitem-id: 4745742846
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138309324735
content-type: text/html; charset=UTF-8
access-control-allow-origin: http://www.mrbrandly.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1e79cf080833c1a5f91acadb51b5f326cec37a3a4edaf92ae32109876555fb0

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 326 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e884a5aa6872d5f3dd20ce71f57863a55c3dd599af9a4d6b49f778189a6241b2

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408150101/ 477 KB
149 KB 140ms
140ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408150101/pubads_impl.js?cb=31086257

Requested by

Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

c8783c15855fdad3b79a8878f5cc9a1c048c5b55cfc65cc9de266b915e5ab81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 16:57:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152053
x-xss-protection: 0
server: cafe
etag: 6480962962318068084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 22 Aug 2025 16:57:53 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 71 B
77 B 491ms
200ms XHR
application/json 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mrbrandly.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

cdb67f917d53cec6e59ce218e8cc503b25fd9ed1491220766c21c69182a613e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
x-xss-protection: 0
expires: Thu, 22 Aug 2024 17:05:43 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 440ms
163ms XHR
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:44 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 bce50d2cc476ede482a8048a0c124908.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Origin,accept-encoding
x-amz-cf-id: GX86Ez9j_XE_7R8Jw5GAqploAES0z9wbRb42inPOzOt6Z2L3fQK9VA==

GET
H2 200 3062 Show response
config.aps.amazon-adsystem.com/configs/ 531 B
799 B 450ms
140ms Script
application/javascript 18.173.132.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3062
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-21.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 929b739be2542d64621ab4b9ce2587d27b3afadaf4ad3eba248394674379f273

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 16:41:58 GMT
via: 1.1 76f877b8790c6441a8bdc32b2feafab8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P2
age: 1425
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 531
x-amz-cf-id: Cms5MgN_JYTXMwQpwxGhHmLPYdSKoaXgoKP78hesVL7qYgy0VAzv_g==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 641 B
991 B 154ms
153ms XHR
application/json 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3062&u=http%3A%2F%2Fwww.mrbrandly.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: f3e3353bd01e767ff59da7875dc275115913898a536f5542349fcce15b66a48b

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:42 GMT
via: 1.1 d33ed2107293e32734a96656b820e092.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://www.mrbrandly.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 641
x-amz-cf-id: TP3a-_TX6sxr4ajMQ_17UbJLtmlIoq6VnzQf_3ZhlhixloxtXscC2A==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
436 B 469ms
161ms XHR
text/javascript 18.173.140.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3062&u=http%3A%2F%2Fwww.mrbrandly.com%2F&pid=gWAMm08xnMIaw&cb=0&ws=1600x1200&v=24.814.1731&t=1500&slots=%5B%7B%22sd%22%3A%22ad-slot-7103-mi-detroit-C1561-high_impact-homepage-1%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F7103%2Fmi-detroit-C1561%2Fhigh_impact%2Fhomepage%2F1%22%7D%2C%7B%22id%22%3A%22videoPlayer_plcmt2%22%2C%22mt%22%3A%22v%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-mi-detroit-C1561-poster_front-homepage-2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F7103%2Fmi-detroit-C1561%2Fposter_front%2Fhomepage%2F1%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-mi-detroit-C1561-poster_scroll_front-homepage-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F7103%2Fmi-detroit-C1561%2Fposter_scroll_front%2Fhomepage%2F1%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-mi-detroit-C1561-leaderboard_btf-homepage-7%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F7103%2Fmi-detroit-C1561%2Fleaderboard_btf%2Fhomepage%2F1%22%7D%5D&gpp=DBABBg%7EBUoAAAKA.QA&gpp_sid=%5B8%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.140.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-140-223.jfk52.r.cloudfront.net
Software: Server /
Resource Hash: d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:43 GMT
content-encoding: gzip
via: 1.1 91ac4dab8fb53750ccb2571903bd2844.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK52-P2
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://www.mrbrandly.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 84
x-amz-cf-id: CxVEqs571jNj-sSRlfshxH3T6ifCBPq1IAswWPyDZxVilqdovsrY9A==

GET
H/1.1 200
OK pub Show response
pixel.adsafeprotected.com/services/ 735 B
757 B 408ms
214ms XHR
application/json 3.221.239.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:ad-slot-7103-mi-detroit-C1561-high_impact-homepage-1,s:1000.250,p:7103/mi-detroit-C1561/high_impact/homepage,t:display%7D&slot=%7Bid:ad-slot-7103-mi-detroit-C1561-poster_front-homepage-2,s:300.250,p:7103/mi-detroit-C1561/poster_front/homepage,t:display%7D&slot=%7Bid:ad-slot-7103-mi-detroit-C1561-poster_scroll_front-homepage-3,s:300.250,p:7103/mi-detroit-C1561/poster_scroll_front/homepage,t:display%7D&slot=%7Bid:ad-slot-7103-mi-detroit-C1561-leaderboard_btf-homepage-7,s:728.90,p:7103/mi-detroit-C1561/leaderboard_btf/homepage,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=305dd951-7d4b-8a81-38e0-04880ced8eca&url=http%253A%252F%252Fwww.mrbrandly.com%252F
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol: HTTP/1.1
Server: 3.221.239.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-239-160.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 47de1b2d70898ed846c952f8d98a9acfcbdf96bbabff489208f0b6c30c467544

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 17:05:43 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
Transfer-Encoding: chunked
vary: Accept-Encoding
Content-Type: application/json;charset=UTF-8
access-control-allow-origin: http://www.mrbrandly.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
Connection: keep-alive
timing-allow-origin: *

GET
H2 200 iasADX.js Show response
static.adsafeprotected.com/ 12 KB
5 KB 141ms
140ms Script
application/javascript 2600:9000:247b:8200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/iasADX.js
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 123bb290d7e535508dc84350e2152c6a561dcda94f4c5bbf1fcc1f50fd89b63b

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 16:18:09 GMT
x-amz-version-id: S08nbEMSQBiWsSqdAKl6yaGPRyD0riRA
content-encoding: gzip
via: 1.1 3e2f727ea310e2e3b32b1270aac06aea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 2855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Feb 2022 12:59:56 GMT
server: AmazonS3
etag: W/"c700d1e14608af0f21adaf6e08ac2cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: l1ccRk6B9JH4UwsCLc_-FvLEACK8cr1nuOfVFJkm6lR4NBX7jz05lQ==

GET
H/1.1 200
OK jsdiagnostic
pixel.adsafeprotected.com/ 43 B
281 B 351ms
157ms Image
image/gif 3.221.239.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.adsafeprotected.com/jsdiagnostic?code:pet_m&anid:922805&sessionId:305dd951-7d4b-8a81-38e0-04880ced8eca
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: HTTP/1.1
Server: 3.221.239.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-239-160.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 22 Aug 2024 17:05:43 GMT
server: Apache-Coyote/1.1
p3p: CP="COM NAV INT STA NID OUR IND NOI"
Content-Type: image/gif
cache-control: no-cache
Connection: keep-alive
Content-Length: 43

GET
H3

200

wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202407090940/
Redirect Chain

http://cdn.confiant-integrations.net/gptprebidnative/202407090940/wrap.js
https://cdn.confiant-integrations.net/gptprebidnative/202407090940/wrap.js

284 KB
101 KB

86ms
85ms

Script
application/javascript

172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202407090940/wrap.js
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: H3
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:43 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: RA0KREJVFCZDHB7H
age: 3801989
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 103346
x-amz-id-2: RPaFLnQOmQHhEC6kKNdsxm9WgOdamNGRp/rs5Qu3JkkVMZpO6ny9zC8KoMxDv596wJoOEiHu7JBnD4qgIqfNyd6zYsnObHHT
last-modified: Tue, 09 Jul 2024 14:20:21 GMT
server: cloudflare
etag: "76074361c87e7c8d3af88302818b71f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b7473056be7cba0-LAX

Redirect headers

Location: https://cdn.confiant-integrations.net/gptprebidnative/202407090940/wrap.js
Non-Authoritative-Reason: DNS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 56 KB
17 KB 272ms
271ms Script
text/javascript 2606:4700:20::681a:5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=6384de98-7e2a-4671-b441-6ea4cb092952&toploc=www.mrbrandly.com
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/f5e47f5ae82e4c48bbc1a7f9281ed95b/gannett_net.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb508ceb1e3029fbb0c1fe3ea7679b0e1f9fa3d5b1521ab2436e5a4d3df95459

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Aug 2024 17:05:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=epKTCMReOPq6n4hYvWQu6RNK%2FHbJb4a5OpGjsfUf%2BTZhxYa9iM2nF%2B8LJOr%2Bd%2FzE%2FchjnfQH056j5Wk3GQ0vqYE%2F1jU%2FQfL6Ywfa7cdPE1BeIuYKgr7%2FDm4%2FWU8lvkJ3FrKdp%2Ft87hUMAl0cLu0Q1afP"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8b74730548ba7bcb-LAX
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2

200

/
down20240819.mgchannel2.com/ Frame FD73
Redirect Chain

https://gg.moguseotwentyseven.com/
https://down20240819.mgchannel2.com/?shareName=ggline

0
0

1823ms
220ms

Document
text/html

103.199.103.169
MOACKCOLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://down20240819.mgchannel2.com/?shareName=ggline

Requested by

Host: 156.253.71.3
URL: http://156.253.71.3/mgmg.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.199.103.169 , Korea, Republic Of, ASN138195 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.mrbrandly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 22 Aug 2024 17:05:46 GMT
etag: W/"66c2f06f-60b"
last-modified: Mon, 19 Aug 2024 07:12:47 GMT
server: openresty
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

content-length: 166
content-type: text/html
date: Thu, 22 Aug 2024 17:05:44 GMT
location: https://down20240819.mgchannel2.com/?shareName=ggline
server: openresty
strict-transport-security: max-age=31536000

GET
H2 200 c946a994113e43809008c048b7b9021d Show response
polarcdn-terrax.com/nativeads/v1.4.0/json/creative/promofeed/ 14 KB
3 KB 352ms
177ms Fetch
application/json 2606:4700::6811:882f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-terrax.com/nativeads/v1.4.0/json/creative/promofeed/c946a994113e43809008c048b7b9021d?fragment=5
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:882f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 749d2e47a864b0edae9178539a6581cba3fb4e25fb2ad847821c7a47dd8bfe0b

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 17:05:43 GMT
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-country: US
access-control-expose-headers: X-Country, CF-Ray
cache-control: no-cache, must-revalidate
timing-allow-origin: *
cf-ray: 8b747306883dcba2-LAX
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 288ms
138ms Script
application/javascript 23.201.174.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: HTTP/1.1
Server: 23.201.174.84 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-174-84.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e903bd882c087c12cca3384b9a38354d9909ee2ac5182ce3df2695f3fc478372

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 17:05:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jan 2023 19:40:17 GMT
Server: Apache
ETag: "d734-5f2f3919e751f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17407
Expires: Thu, 22 Aug 2024 17:20:43 GMT

GET
H/1.1 200
OK c.js
collector.brandmetrics.com/ 0
0 589ms
116ms Fetch
application/json 20.40.202.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=6384de98-7e2a-4671-b441-6ea4cb092952&toploc=www.mrbrandly.com&rnd=1329467&json
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=6384de98-7e2a-4671-b441-6ea4cb092952&toploc=www.mrbrandly.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://www.mrbrandly.com
Date: Thu, 22 Aug 2024 17:05:43 GMT
Access-Control-Allow-Credentials: true
Request-Context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Content-Length: 0
Content-Type: application/json

GET
H2 200 66b516130e780d2babd49176
polarcdn-terrax.com/image/v1.0.0/bin/ 4 KB
4 KB 442ms
435ms Image
image/jpeg 2606:4700::6811:882f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://polarcdn-terrax.com/image/v1.0.0/bin/66b516130e780d2babd49176?v=c7fc6&h=120&w=120&autocrop=1
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:882f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70fe5166d209d8e29df4653e629122511acb83a3f615a6926e6e1ffcf7217977

Request headers

Referer: http://www.mrbrandly.com/
Origin: http://www.mrbrandly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:44 GMT
via: 1.1 varnish
cf-cache-status: MISS
content-length: 3994
last-modified: Thu, 22 Aug 2024 17:05:44 GMT
server: cloudflare
access-control-max-age: 432000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 499203531
cache-control: public, max-age=432000
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b7473080de3cba2-LAX

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 358ms
358ms Image
image/gif 14.215.183.79
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=9D241EF8592B4759&cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1887428536&si=0e87f6573774e5726f07312a6b235967&v=1.3.2&lv=1&sn=54959&r=0&ww=1600&u=http%3A%2F%2Fwww.mrbrandly.com%2F&tt=%E4%BA%BA%E5%A6%BB%E6%97%A0%E7%A0%81-%E4%BA%BA%E5%A6%BB%E6%97%A0%E7%A0%81%E4%B8%AD%E6%96%87-%E4%BA%BA%E5%A6%BB%E6%97%A0%E7%A0%81%E4%B8%AD%E6%96%87%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B

Requested by

Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Aug 2024 17:05:44 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK s.gif
api.share.baidu.com/ 0
116 B 1331ms
308ms Image
text/plain 163.177.17.97
UNICOM-GUANGZHOU-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.share.baidu.com/s.gif?l=http://www.mrbrandly.com/
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: HTTP/1.1
Server: 163.177.17.97 , China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 17:05:45 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET /
user.detroitnews.com/PDTN-GUP/user/ 0
0

GET main.js
xn--gmq11yrxjois/gcdn/dcjs/prod/ 0
0

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
188 B 324ms
73ms Image
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=trecs-impl-by-demand_var
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 22 Aug 2024 17:05:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1724346346.316134,VS0,VE0
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-served-by: cache-bur-kbur8200046-BUR

GET
H/1.1 200
OK load.js Show response
pm-widget.taboola.com/gannett-network/ 4 KB
2 KB 154ms
72ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://pm-widget.taboola.com/gannett-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol: HTTP/1.1
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a290ac739a25a6ff96a373560f08f58d0b8e394e959edb58187c1ed42f65ac4c

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: CdqAxLVPOy4DPv0Wcxgk84eOSMRN1v99
Content-Encoding: gzip
Via: 1.1 varnish
Date: Thu, 22 Aug 2024 17:05:46 GMT
x-amz-request-id: 3223J4XEGRN2DDQG
Age: 2067
X-Cache: HIT
Connection: keep-alive
Content-Length: 1520
x-amz-id-2: IUIerZyuI4EXYpxCgNHXIs4i9ov0A92nG0aDs7Hw2qWSuoFZiQ8UE9bawR/bCxkWtuH8KQS4kBo=
X-Served-By: cache-bur-kbur8200126-BUR
Last-Modified: Thu, 07 Mar 2024 06:35:03 GMT
Server: AmazonS3
X-Timer: S1724346346.247221,VS0,VE0
ETag: "cbc58e3f1df91df770aca373fdac2186"
Vary: Accept-Encoding,
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
X-Cache-Hits: 40

GET
H2

200

sync Show response
gum.criteo.com/
Redirect Chain

http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

46 B
431 B

492ms
133ms

Script
text/javascript

2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/

Protocol

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 17:05:46 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 282952
expires: 60

Redirect headers

location: https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
cache-control: no-cache
content-length: 0

POST
H/1.1 204 / Show response
beacon.taboola.com/ 0
440 B 152ms
74ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://beacon.taboola.com/?ab=trecs-impl-by-demand_var&pub=unknown-site-on-gannett-network&trecsImpl=before&start=0&end=0
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol: HTTP/1.1
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

X-Cache-Hits: 0
Date: Thu, 22 Aug 2024 17:05:46 GMT
Via: 1.1 varnish
Server: Varnish
X-Timer: S1724346346.254810,VS0,VE0
Access-Control-Allow-Methods: GET, POST
Content-Type
Access-Control-Allow-Origin: http://www.mrbrandly.com
X-Cache: HIT
Cache-Control: private, no-store
Access-Control-Allow-Credentials: true
Connection: close
Accept-Ranges: bytes
Retry-After: 0
X-Served-By: cache-bur-kbur8200110-BUR

GET
H/1.1 200
OK pmk-20220605.18.js Show response
pm-widget.taboola.com/gannett-network/ 84 KB
24 KB 146ms
74ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://pm-widget.taboola.com/gannett-network/pmk-20220605.18.js
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/
Protocol: HTTP/1.1
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8dc1fcedbc857ba283ba8ed00d9807f942e595cd3468df9cc8640909eee0810

Request headers

Referer: http://www.mrbrandly.com/
Origin: http://www.mrbrandly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: _iERxXJzF_grj6DHriq2CUtJx.os.8w.
Content-Encoding: gzip
Via: 1.1 varnish
Date: Thu, 22 Aug 2024 17:05:46 GMT
x-amz-request-id: K7JK1JZK3WE9KFV1
Age: 788377
X-Cache: HIT
Connection: keep-alive
Content-Length: 24240
x-amz-id-2: /jiUOTDGTeEd+DpduxJq01H0jSOXE0aU+B96Uav3kEa8SX5BtPOaP6SpayyTR2vL85h5hKtI010=
X-Served-By: cache-bur-kbur8200171-BUR
Last-Modified: Thu, 07 Mar 2024 06:35:02 GMT
Server: AmazonS3
X-Timer: S1724346346.398633,VS0,VE0
ETag: "80ea3274784a5d6ac779d1dc4134b429"
Vary: Accept-Encoding, ,Origin
Access-Control-Allow-Methods: GET,POST,PUT
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 5557

POST
H2 200 client-logs
reporting-api.gannettinnovation.com/ 0
0 279ms
276ms Fetch
text/plain 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting-api.gannettinnovation.com/client-logs
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/tangstatic/js/main-q1a2z31db52734.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET favicon.ico
www.mrbrandly.com/ 0
0

GET main.js
xn--gmq11yrxjois/gcdn/dcjs/prod/ 0
0

POST
H2 200 client-logs
reporting-api.gannettinnovation.com/ 0
0 162ms
159ms Fetch
text/plain 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting-api.gannettinnovation.com/client-logs
Requested by: Host: www.mrbrandly.com
URL: http://www.mrbrandly.com/tangstatic/js/main-q1a2z31db52734.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 mbox
vidanalytics.taboola.com/putes/ 2 B
239 B 488ms
485ms Ping
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidanalytics.taboola.com/putes/mbox
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: http://www.mrbrandly.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

x-served-by: cache-bur-kbur8200046-BUR
date: Thu, 22 Aug 2024 17:05:51 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1724346351.087733,VS0,VE413
x-cache: MISS
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://www.mrbrandly.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2
x-backend-name: 5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00102

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: user.detroitnews.com
URL: https://user.detroitnews.com/PDTN-GUP/user/

Domain: www.mrbrandly.com
URL: http://www.mrbrandly.com/global-q1a2z3JYh0nddmja0UsyPnKNUd1bkkVs0.min.json

Domain: user.detroitnews.com
URL: https://user.detroitnews.com/PDTN-GUP/user/

Domain: xn--gmq11yrxjois
URL: https://xn--gmq11yrxjois/gcdn/dcjs/prod/main.js

Domain: www.mrbrandly.com
URL: http://www.mrbrandly.com/favicon.ico

Domain: xn--gmq11yrxjois
URL: https://xn--gmq11yrxjois/gcdn/dcjs/prod/main.js

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.mrbrandly.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ut9a4pgo06eq0ivqr3h88tvnk5
.doubleclick.net/	1970-01-20 22:59:07	Name: test_cookie Value: CheckForPermission
.hm.baidu.com/	1970-01-21 08:35:06	Name: HMACCOUNT_BFESS Value: 9D241EF8592B4759
.criteo.com/	1970-01-21 08:20:42	Name: receive-cookie-deprecation Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://www.mrbrandly.com/ Message: Access to fetch at 'https://user.detroitnews.com/PDTN-GUP/user/' from origin 'http://www.mrbrandly.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://user.detroitnews.com/PDTN-GUP/user/ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://xn--gmq11yrxjois/gcdn/dcjs/prod/main.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: http://www.mrbrandly.com/ Message: Access to fetch at 'https://user.detroitnews.com/PDTN-GUP/user/' from origin 'http://www.mrbrandly.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://user.detroitnews.com/PDTN-GUP/user/ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://xn--gmq11yrxjois/gcdn/dcjs/prod/main.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
api.share.baidu.com
beacon.taboola.com
c.amazon-adsystem.com
c2.taboola.com
cdn.brandmetrics.com
cdn.confiant-integrations.net
cdn.taboola.com
collector.brandmetrics.com
config.aps.amazon-adsystem.com
down20240819.mgchannel2.com
gg.moguseotwentyseven.com
gum.criteo.com
hm.baidu.com
mrbrandly.com
pixel.adsafeprotected.com
pm-widget.taboola.com
polarcdn-terrax.com
push.zhanzhang.baidu.com
reporting-api.gannettinnovation.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
user.detroitnews.com
vidanalytics.taboola.com
www.detroitnews.com
www.mrbrandly.com
xn--gmq11yrxjois
user.detroitnews.com
www.mrbrandly.com
xn--gmq11yrxjois
103.199.103.169
108.138.115.149
14.215.183.79
142.250.65.226
151.101.129.44
151.101.193.44
151.101.2.62
151.101.66.62
156.253.69.32
156.253.71.3
163.177.17.97
172.64.144.166
18.173.132.21
18.173.140.223
180.101.212.103
20.40.202.2
210.87.207.163
23.201.174.84
2600:9000:247b:8200:8:48e:53c0:93a1
2606:4700:20::681a:5a
2606:4700::6811:882f
2620:100:a00b::12
3.221.239.160
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09ff51e8da83c9e21d60dfe0362dd8ba6757e563659f1ab043779e1dd5118b4b
123bb290d7e535508dc84350e2152c6a561dcda94f4c5bbf1fcc1f50fd89b63b
15187261a89c201ca251650bd07409945bddb6c253e3ee6307e9a17abbb864cb
17b1adefbb5e5b1f5f2a99e6fbb7880ac687cd645bb9e4411213385e6614437b
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587
2152fb1891fc0e7fa224d685e85a74f28834de209b3ac5c0c55b6fcffe5a47df
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
3488e7301c5af59d6e76e6773204d277f1a6e1c0e11e80bcb0f73c818f9c13ec
406fcd1f322a66e1014e5aa90d2319ed7efa244636760138d2d54481293f28de
45749604a30c3c469625453ef283137f1b3b3992ea8e620ce134043182d73656
47de1b2d70898ed846c952f8d98a9acfcbdf96bbabff489208f0b6c30c467544
4ba780c96f30409922f00b9a51a24852a7f2e381dbfc8aec1fd06b308f6a2051
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
70fe5166d209d8e29df4653e629122511acb83a3f615a6926e6e1ffcf7217977
749d2e47a864b0edae9178539a6581cba3fb4e25fb2ad847821c7a47dd8bfe0b
929b739be2542d64621ab4b9ce2587d27b3afadaf4ad3eba248394674379f273
a290ac739a25a6ff96a373560f08f58d0b8e394e959edb58187c1ed42f65ac4c
a7ee4da7f5ce65504f7743af2a03cde3d14d1483a6cc53d7d8f3a70c97d91869
b03799d1b9b43d5f2b6990e07ec1f2f7b708dbdd251d682673fb206ff49ef1d6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e79cf080833c1a5f91acadb51b5f326cec37a3a4edaf92ae32109876555fb0
bc443fdf2105361ab7fbbb56624c031c900522caabb03e60cc0f244ba41faa76
bccdada92d76221d5fb5da97858fd697d72be1fbac8f48e9b93514b445b0b2b8
c8783c15855fdad3b79a8878f5cc9a1c048c5b55cfc65cc9de266b915e5ab81c
cb508ceb1e3029fbb0c1fe3ea7679b0e1f9fa3d5b1521ab2436e5a4d3df95459
cdb67f917d53cec6e59ce218e8cc503b25fd9ed1491220766c21c69182a613e0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e884a5aa6872d5f3dd20ce71f57863a55c3dd599af9a4d6b49f778189a6241b2
e903bd882c087c12cca3384b9a38354d9909ee2ac5182ce3df2695f3fc478372
e9c3186cad171d801d403c4b4e5fee8982a07b3d71a04890c062cc6be8452fe3
efa0ec0bd70402937b86277a2035e3b835ebf2f303987cd812b49fa01955ed57
f2fa1043768ce73e3c2b1895b52c6a41ddf524953bee28d79a0fc57204cd3803
f3e3353bd01e767ff59da7875dc275115913898a536f5542349fcce15b66a48b
f6d61cc9e9bd89f3cc9be78c90e8ccd24e25622ff0ce6d04f2d061942f7e2ef2
f8dc1fcedbc857ba283ba8ed00d9807f942e595cd3468df9cc8640909eee0810
fc0c998eff149cb4a93c30ad34fb3ac78929f08c0bb67d1fd3a1c398737b8888

www.mrbrandly.com Open in urlscan Pro 156.253.69.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

51 %HTTPS

17 %IPv6

16 Domains

28 Subdomains

23 IPs

4 Countries

1040 kBTransfer

3590 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mrbrandly.com Open in urlscan Pro
156.253.69.32 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

51 %
HTTPS

17 %
IPv6

16
Domains

28
Subdomains

23
IPs

4
Countries

1040 kB
Transfer

3590 kB
Size

4
Cookies

51 HTTP transactions
3 data transactions