brainleangains.com Open in urlscan Pro
2.58.213.99 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://travelandleisure.life/
Effective URL:
https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200...
Submission: On September 19 via api (September 19th 2022, 3:32:57 pm UTC) from US — Scanned from US

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 16 domains to perform 51 HTTP transactions. The main IP is 2.58.213.99, located in and belongs to . The main domain is brainleangains.com.
TLS certificate: Issued by R3 on August 9th 2022. Valid for: 3 months.

This is the only time brainleangains.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 5	96.44.182.131 96.44.182.131	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
7	2606:4700:20:... 2606:4700:20::681a:fa6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3035::6815:3ca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.246.234.151 34.246.234.151	16509 (AMAZON-02) (AMAZON-02)
1 1	5.2.73.214 5.2.73.214	60404 (LITESERVER) (LITESERVER)
6	2.58.213.99 2.58.213.99	() ()
1	2606:4700::68... 2606:4700::6812:acf	() ()
1	2607:f8b0:400... 2607:f8b0:4006:820::200a	() ()
22	2a02:6ea0:c40... 2a02:6ea0:c400::11	() ()
5	2607:f8b0:400... 2607:f8b0:4006:820::2003	() ()
1	52.217.165.24 52.217.165.24	() ()
1	2606:4700::68... 2606:4700::6812:1f97	() ()
51	13

5 96.44.182.131 (Los Angeles, United States) 3 redirects

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: unassigned.quadranet.com

travelandleisure.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.travelandleisure.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:fa6 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.directtraffic5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:3ca (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tracking.directtraffic8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.234.151 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-234-151.eu-west-1.compute.amazonaws.com

oftenha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.2.73.214 (Netherlands) 1 redirects

ASN60404 (LITESERVER, NL)

wlabashop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.58.213.99 (None, )

ASN- ()

brainleangains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (None, )

ASN- ()

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:6ea0:c400::11 (None, )

ASN- ()

1607929107.rsc.cdn77.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:820::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.165.24 (None, )

ASN- ()

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f97 (None, )

ASN- ()

signals.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	cdn77.org 1607929107.rsc.cdn77.org	557 KB
7	directtraffic5.com tracking.directtraffic5.com	56 KB
6	brainleangains.com brainleangains.com	39 KB
5	gstatic.com fonts.gstatic.com	37 KB
5	travelandleisure.life 3 redirects travelandleisure.life www.travelandleisure.life	2 KB
1	aimtell.com signals.aimtell.com	360 B
1	amazonaws.com s3.amazonaws.com	13 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	25 KB
1	wlabashop.com 1 redirects wlabashop.com	471 B
1	oftenha.com 1 redirects oftenha.com	766 B
1	directtraffic8.com 1 redirects tracking.directtraffic8.com	2 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	346 B
1	google.com analytics.google.com — Cisco Umbrella Rank: 402	355 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	73 KB
0	aimtell.io Failed cdn.aimtell.io Failed
51	16

	Domain	Requested by
22	1607929107.rsc.cdn77.org	brainleangains.com
7	tracking.directtraffic5.com	tracking.directtraffic5.com www.travelandleisure.life
6	brainleangains.com	tracking.directtraffic5.com brainleangains.com 1607929107.rsc.cdn77.org
5	fonts.gstatic.com	fonts.googleapis.com
3	www.travelandleisure.life	1 redirects
2	travelandleisure.life	2 redirects
1	signals.aimtell.com	s3.amazonaws.com
1	s3.amazonaws.com	brainleangains.com
1	fonts.googleapis.com	brainleangains.com
1	stackpath.bootstrapcdn.com	brainleangains.com
1	wlabashop.com	1 redirects
1	oftenha.com	1 redirects
1	tracking.directtraffic8.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	tracking.directtraffic5.com
0	cdn.aimtell.io Failed	s3.amazonaws.com
51	17

This site contains no links.

Subject Issuer	Validity	Valid
travelandleisure.life cPanel, Inc. Certification Authority	`2022-07-16` - `2022-10-14`	3 months	crt.sh
*.directtraffic5.com GTS CA 1P5	`2022-08-01` - `2022-10-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
brainleangains.com R3	`2022-08-09` - `2022-11-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.cdn77.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
aimtell.com Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-08`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=
Frame ID: 795B24127A40221F45D7DBC7BD9C34F2
Requests: 48 HTTP requests in this frame

Frame: https://tracking.directtraffic5.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663588800
Frame ID: 36D34AC5F5CE1EE27FD9C6D79A485391
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://travelandleisure.life/ HTTP 301
https://travelandleisure.life/ HTTP 302
https://www.travelandleisure.life/im/click.php?c=30&key=74576f7funlssrylbcr99f58 HTTP 302
https://www.travelandleisure.life/im/jump/clk1.php?jl=11618 Page URL
https://www.travelandleisure.life/im/jump/?jl=11618 Page URL
https://tracking.directtraffic5.com/aff_c?offer_id=23796&aff_id=23395 Page URL
https://tracking.directtraffic8.com/aff_c?offer_id=23796&aff_id=23395&aff_sub5=08s9xuf97d0opbvhvxhkxx HTTP 302
https://oftenha.com/?a=16151&c=46269&s2=102c5f4b7ca75c9527776e5f31846c&s4=23395 HTTP 302
https://wlabashop.com/c925890d-a4eb-4f80-b282-1a19a5df76e9?r=38260-728677200&a=16151_23395&bro= HTTP 302
https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f7... Page URL

Detected technologies

Aimtell (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.aimtell\.\w+/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

96 %
HTTPS

67 %
IPv6

16
Domains

17
Subdomains

13
IPs

3
Countries

802 kB
Transfer

1333 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://travelandleisure.life/ HTTP 301
https://travelandleisure.life/ HTTP 302
https://www.travelandleisure.life/im/click.php?c=30&key=74576f7funlssrylbcr99f58 HTTP 302
https://www.travelandleisure.life/im/jump/clk1.php?jl=11618 Page URL
https://www.travelandleisure.life/im/jump/?jl=11618 Page URL
https://tracking.directtraffic5.com/aff_c?offer_id=23796&aff_id=23395 Page URL
https://tracking.directtraffic8.com/aff_c?offer_id=23796&aff_id=23395&aff_sub5=08s9xuf97d0opbvhvxhkxx HTTP 302
https://oftenha.com/?a=16151&c=46269&s2=102c5f4b7ca75c9527776e5f31846c&s4=23395 HTTP 302
https://wlabashop.com/c925890d-a4eb-4f80-b282-1a19a5df76e9?r=38260-728677200&a=16151_23395&bro= HTTP 302
https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://travelandleisure.life/ HTTP 301
https://travelandleisure.life/ HTTP 302
https://www.travelandleisure.life/im/click.php?c=30&key=74576f7funlssrylbcr99f58 HTTP 302
https://www.travelandleisure.life/im/jump/clk1.php?jl=11618

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

clk1.php
www.travelandleisure.life/im/jump/
Redirect Chain

http://travelandleisure.life/
https://travelandleisure.life/
https://www.travelandleisure.life/im/click.php?c=30&key=74576f7funlssrylbcr99f58
https://www.travelandleisure.life/im/jump/clk1.php?jl=11618

414 B
245 B

104ms
104ms

Document
text/html

96.44.182.131
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelandleisure.life/im/jump/clk1.php?jl=11618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 96.44.182.131 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: unassigned.quadranet.com
Software: LiteSpeed / PHP/5.6.40
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 170
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 15:32:52 GMT
p3p: CP="This site does not have a p3p policy."
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/5.6.40

Redirect headers

cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 15:32:52 GMT
location: https://www.travelandleisure.life/im/jump/clk1.php?jl=11618
server: LiteSpeed
x-powered-by: PHP/5.6.40

GET
H2 200 /
www.travelandleisure.life/im/jump/ 443 B
303 B 103ms
103ms Document
text/html 96.44.182.131
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelandleisure.life/im/jump/?jl=11618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 96.44.182.131 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: unassigned.quadranet.com
Software: LiteSpeed / PHP/5.6.40
Resource Hash

Request headers

Referer: https://www.travelandleisure.life/im/jump/clk1.php?jl=11618
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 15:32:52 GMT
p3p: CP="This site does not have a p3p policy."
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/5.6.40

GET
H2 200 aff_c Show response
tracking.directtraffic5.com/ 4 KB
2 KB 521ms
429ms Document
text/html 2606:4700:20::681a:fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.directtraffic5.com/aff_c?offer_id=23796&aff_id=23395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.27

Resource Hash

1f4ecc55e13ed004388dc882a914c7c4a7c50c588d8d8d345ee7383a7dd42cee

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://www.travelandleisure.life/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74d360686f3e09ee-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 15:32:53 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8w%2FjQjKdKaRfSAMTG3ueh1NyHOolgS2vwqYyF3AlCNe0SV%2FuenJRRV50jJZsf7cOuxo86467Svi5NfYRz8oNQg8jcC2nhWQiYhtB8s2kxA%2FSgFi%2B8Fpp61Cll4Xfvyc21DxQTU58Owtpwa8xoPFh%2BlmcUeBIwn2ag%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: DENY
x-powered-by: PHP/7.4.27

GET
H2 200 jquery-3.5.1.min.js Show response
tracking.directtraffic5.com/ 87 KB
32 KB 50ms
50ms Script
application/javascript 2606:4700:20::681a:fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.directtraffic5.com/jquery-3.5.1.min.js

Requested by

Host: tracking.directtraffic5.com
URL: https://tracking.directtraffic5.com/aff_c?offer_id=23796&aff_id=23395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://tracking.directtraffic5.com/aff_c?offer_id=23796&aff_id=23395
Origin: https://tracking.directtraffic5.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:32:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Dec 2020 12:55:58 GMT
server: cloudflare
age: 471
x-frame-options: DENY
etag: W/"15d84-5b68047aad380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3noJHtat4gpXBKaiag%2BihH7BYz9A8tnYodtoQSQ%2BzqawZ11qFokMa1Ux9eAZ9qK1OJ43OtFroEZFY8p2kTYAZcUJZ29YgxfqqhBuDde2n319Y7R9usKJM5oYNEhEowg4ufUjYsFF2eH3jJOUdfmL615e1pA1mNmHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74d3606b4bec09ee-MIA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
73 KB 243ms
102ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M4LTS1W8KM

Requested by

Host: tracking.directtraffic5.com
URL: https://tracking.directtraffic5.com/aff_c?offer_id=23796&aff_id=23395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3caa773544d4e570d6228e747d9001ba189ff01a6b94eab72b0d73fed51dda8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tracking.directtraffic5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:32:53 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74688
x-xss-protection: 0
expires: Mon, 19 Sep 2022 15:32:53 GMT

POST
H2 200 sendLog.php Show response
tracking.directtraffic5.com/ 0
300 B 174ms
173ms XHR
text/html 2606:4700:20::681a:fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.directtraffic5.com/sendLog.php

Requested by

Host: tracking.directtraffic5.com
URL: https://tracking.directtraffic5.com/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.27

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: */*
Referer: https://tracking.directtraffic5.com/aff_c?offer_id=23796&aff_id=23395
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 15:32:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.27
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FZYRLaPmHvAn80mZlKX0TFW8QThf3V8GehpHFM3FiE2KU4p2fzqG9C1yEbY7ttwiib7nB9ZpFTfAV5aMs5dam%2FHtqW%2FXVta9WqdTXsa5r%2FUKOzreu%2FH61J32DaGTN3QBq4ZqV%2FibufbUDKJk7BoiVkxasD2yb6fdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 74d3606bbc9909ee-MIA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 invisible.js Show response
tracking.directtraffic5.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 36D3 39 KB
14 KB 48ms
48ms Script
application/javascript 2606:4700:20::681a:fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.directtraffic5.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663588800
Requested by: Host: www.travelandleisure.life
URL: https://www.travelandleisure.life/im/jump/clk1.php?jl=11618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ff307a9d0ea4eacb71e2f8430eb2e3f6db496d1b9d4e37bf83691b0a566ef1a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:32:53 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0lkX1ggN5wMNjY3sqET7%2FIXtKIw8VC%2F%2FvWdrAABzBunUjremNUwvuKTdDUAwSPNXRxGAyOyMWi2K4kzI61ZtOeC5sSGd8oU954gBGrQ1Ls4HUelW6GyxkzKqSeTyPCU5Oz%2B8yWIbFFieKx6irEthOnYKd58qpYnyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 74d3606bdcbd09ee-MIA

GET
H2 200 pica.js
tracking.directtraffic5.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 36D3 18 KB
7 KB 41ms
41ms Other
application/javascript 2606:4700:20::681a:fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.directtraffic5.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: tracking.directtraffic5.com
URL: https://tracking.directtraffic5.com/aff_c?offer_id=23796&aff_id=23395
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f0ac9b02db03ab8b34d6d67e49adfd7432d82f26dcdedc95ce79901c9b3aedd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:32:53 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4YHsSLJT9AxWUailM227qG8PBjf8oz5U23jUU4kl7MQ7TXsvuwH8ORyKC52mVhoHKbipXqRLxOeKq5ipqQjPvYm5axIlJe8ripm00WJlDBYkCnJplo5g6v6b8GlABLZ5Zf6iJEiGb1NNafVA0QPpIhseIklMEAP%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 74d3606c3d3209ee-MIA

POST
H2 204 collect
analytics.google.com/g/ 0
355 B 322ms
51ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-M4LTS1W8KM&gtm=2oe9e0&_p=978596268&_gaz=1&cid=1802124057.1663601574&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&uid=08s9xuf97d0opbvhvxhkxx&sid=1663601574&sct=1&seg=0&dl=https%3A%2F%2Ftracking.directtraffic5.com%2Faff_c%3Foffer_id%3D23796%26aff_id%3D23395&dr=https%3A%2F%2Fwww.travelandleisure.life%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4LTS1W8KM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tracking.directtraffic5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 15:32:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tracking.directtraffic5.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
346 B 337ms
67ms Ping
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M4LTS1W8KM&cid=1802124057.1663601574&gtm=2oe9e0&aip=1&uid=08s9xuf97d0opbvhvxhkxx
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4LTS1W8KM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tracking.directtraffic5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 15:32:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tracking.directtraffic5.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 74d360686f3e09ee Show response
tracking.directtraffic5.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 36D3 2 B
584 B 89ms
88ms XHR
text/plain 2606:4700:20::681a:fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.directtraffic5.com/cdn-cgi/challenge-platform/h/b/cv/result/74d360686f3e09ee
Requested by: Host: tracking.directtraffic5.com
URL: https://tracking.directtraffic5.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663588800
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Sep 2022 15:32:54 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d360715d0e09ee-MIA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RS%2FmPEeLtQK%2BTLju3OYWodTuYJI08WJbairwXa85WiczGO1%2BOX%2F%2BKgVlILdfql4j%2BzRJiP05y9Hbyv6rsxMHSJCz3ilhqFjgCQJ6Q%2BBlgs10B4172DqIv2r8kGitzfFaSbf0TLbf6p%2BEnFASlOyK%2BjlGT3nRtJTI6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

POST
H2 200 sendLog.php
tracking.directtraffic5.com/ 0
400 B 205ms
205ms XHR
text/html 2606:4700:20::681a:fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.directtraffic5.com/sendLog.php

Requested by

Host: tracking.directtraffic5.com
URL: https://tracking.directtraffic5.com/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.27

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: */*
Referer: https://tracking.directtraffic5.com/aff_c?offer_id=23796&aff_id=23395
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 15:32:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.27
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fZYzWApGC5Q4%2FoQ%2FLy3x%2BhVCCyZOe%2BhURciNhxLnoZ9w2X%2BDOFBnruHKmbokLaKyP88s4DgSbIae4f0HvwRLRaKHOiH6Ok3s7kn0Mi9XLTs3xQS49Oxw9v25yHCkOchtoffhhjT3OIzGgnElk9W7QuApwzJ2jOnMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 74d360718d7709ee-MIA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

Primary Request d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde Show response
brainleangains.com/
Redirect Chain

https://tracking.directtraffic8.com/aff_c?offer_id=23796&aff_id=23395&aff_sub5=08s9xuf97d0opbvhvxhkxx
https://oftenha.com/?a=16151&c=46269&s2=102c5f4b7ca75c9527776e5f31846c&s4=23395
https://wlabashop.com/c925890d-a4eb-4f80-b282-1a19a5df76e9?r=38260-728677200&a=16151_23395&bro=
https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

13 KB
13 KB

574ms
277ms

Document
text/html

2.58.213.99

General

Check archive.org

Show headers Download Go to

Full URL

https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Requested by

Host: tracking.directtraffic5.com
URL: https://tracking.directtraffic5.com/aff_c?offer_id=23796&aff_id=23395

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.58.213.99 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

0eb4bee7ee4dce617815e8bb07ad1bb9e42c62de7a113cdf7ca1d21e25bd4c47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tracking.directtraffic5.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 13400
content-type: text/html;charset=UTF-8
date: Mon, 19 Sep 2022 15:32:56 GMT
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * data:;
date: Mon, 19 Sep 2022 15:32:56 GMT
expect-ct: enforce, max-age=300
location: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=
permissions-policy: geolocation=(*)
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

POST collect
analytics.google.com/g/ 0
0

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ 157 KB
25 KB 127ms
44ms Stylesheet
text/css 2606:4700::6812:acf

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://brainleangains.com/
Origin: https://brainleangains.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 395152
cdn-cachedat: 09/03/2022 05:37:44
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"3afe15e976734d9daac26310110c4594"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ea51fe0ad1bdce289795404c1135e504
cf-ray: 74d3607eddb66dd7-MIA
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 222ms
84ms Stylesheet
text/css 2607:f8b0:4006:820::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

69b00272157fa919ae1f190f3dc2ccb7cbeab3c34e3644d3c9cf22fc590903f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 15:02:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Sep 2022 15:32:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Sep 2022 15:32:56 GMT

GET
H2 200 vivify.min.css
1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/css/ 57 KB
4 KB 226ms
73ms Stylesheet
text/css 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/css/vivify.min.css

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

28c5ab92227b4fb0cf580d4e86bc76392724439b769355c220495eafced845ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-nzt-ray: 9Ztpr+2/iOs
x-77-cache: HIT
x-cache: HIT
x-age: 416078
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBY9VgH/TlkGAA
x-accel-expires: @1664222298
last-modified: Thu, 27 Jan 2022 09:29:26 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: W/"61f265f6-e4be"
strict-transport-security: max-age=63072000
content-type: text/css

GET
H2 200 styles.css
1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/css/ 25 KB
5 KB 233ms
81ms Stylesheet
text/css 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/css/styles.css

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

fd239e62f8e77dee3f2dba4a53db1572b1bbfa88615c13a1d05893a8e51294b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-nzt-ray: zUGg7xXwlck
x-77-cache: HIT
x-cache: HIT
x-age: 416078
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBbDxxH/TlkGAA
x-accel-expires: @1664222298
last-modified: Wed, 23 Mar 2022 15:31:55 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: W/"623b3d6b-62f6"
strict-transport-security: max-age=63072000
content-type: text/css

GET
H2 200 styles_geo.css
1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/css/ 3 KB
947 B 237ms
85ms Stylesheet
text/css 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/css/styles_geo.css

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

3b6f469b4a4c1345615c263628ede7bcaf59566695b2a33dff9eafafd8267328

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-nzt-ray: qp7nUx4qyG0
x-77-cache: HIT
x-cache: HIT
x-age: 416078
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBa8mJ7/TlkGAA
x-accel-expires: @1664222298
last-modified: Thu, 27 Jan 2022 09:29:25 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: W/"61f265f5-c67"
strict-transport-security: max-age=63072000
content-type: text/css

GET
H2 200 phone-blue.png
1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/ 25 KB
25 KB 203ms
200ms Image
image/png 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/phone-blue.png

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

d61ce1c86db16fe4df418aafce754d22b7386d764b9c75562ece9ac243ec4828

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
x-77-nzt-ray: dpOXOEcq/Ts
x-77-cache: HIT
x-cache: HIT
x-age: 879361
content-length: 25702
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBYuJzn/AWsNAA
x-accel-expires: @1663759015
last-modified: Thu, 27 Jan 2022 09:37:03 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: "61f267bf-6466"
strict-transport-security: max-age=63072000
content-type: image/png
accept-ranges: bytes

GET
H2 200 parcel.png
1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/ 17 KB
18 KB 203ms
200ms Image
image/png 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/parcel.png

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

32f804577ed3af1f0ed9e3f8426299d6bb53c2466a49f1ad450c57e3a045e16a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
x-77-nzt-ray: iEBMcFrkgug
x-77-cache: HIT
x-cache: HIT
x-age: 416217
content-length: 17670
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBa+HTr/2VkGAA
x-accel-expires: @1664222159
last-modified: Thu, 27 Jan 2022 12:56:01 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: "61f29661-4506"
strict-transport-security: max-age=63072000
content-type: image/png
accept-ranges: bytes

GET
H2 200 visa.png
1607929107.rsc.cdn77.org/cam/CC/resources/img/ 6 KB
6 KB 204ms
201ms Image
image/png 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/resources/img/visa.png

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

6ed6591f8b92bb2435ef56df2aa9148b2e80c98dc44424335620de31ec36bd09

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
x-77-nzt-ray: 8eD5cEXKu4E
x-77-cache: HIT
x-cache: HIT
x-age: 8118
content-length: 6145
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBYpgiv/th8AAA
x-accel-expires: @1664630258
last-modified: Thu, 11 Apr 2019 08:24:56 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: "5caef9d8-1801"
strict-transport-security: max-age=63072000
content-type: image/png
accept-ranges: bytes

GET
H2 200 master-white2.png
1607929107.rsc.cdn77.org/cam/CC/resources/img/ 6 KB
6 KB 204ms
201ms Image
image/png 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/resources/img/master-white2.png

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

5c6bb9ac40da2f124bd37d843bb029549108e61ddf578eefebdf70af8856206a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
x-77-nzt-ray: NUnnXDmHKxY
x-77-cache: HIT
x-cache: HIT
x-age: 416217
content-length: 5788
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBZ2ovD/2VkGAA
x-accel-expires: @1664222159
last-modified: Tue, 27 Aug 2019 12:34:48 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: "5d652368-169c"
strict-transport-security: max-age=63072000
content-type: image/png
accept-ranges: bytes

GET
H2 200 verified-by-visa.png
1607929107.rsc.cdn77.org/cam/CC/resources/img/ 6 KB
6 KB 224ms
221ms Image
image/png 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/resources/img/verified-by-visa.png

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

b2fa1f1d0a56ae437811f159bd3503508e17b06b2d2ec9c3d0a1992aa4f3a4b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
x-77-nzt-ray: 7fdLeNjgPTg
x-77-cache: HIT
x-cache: HIT
x-age: 8118
content-length: 5906
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBbJ1/X/th8AAA
x-accel-expires: @1664630258
last-modified: Thu, 11 Apr 2019 08:24:56 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: "5caef9d8-1712"
strict-transport-security: max-age=63072000
content-type: image/png
accept-ranges: bytes

GET
H2 200 mastercard.png
1607929107.rsc.cdn77.org/cam/CC/resources/img/ 8 KB
8 KB 225ms
222ms Image
image/png 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/resources/img/mastercard.png

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

a5dc3777a21eb37675f41b55028ee69cd45c840971bf24e176a1d007ed096187

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
x-77-nzt-ray: hoQsorU9m+0
x-77-cache: HIT
x-cache: HIT
x-age: 7104
content-length: 7735
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBYp5ab/wBsAAA
x-accel-expires: @1664631272
last-modified: Thu, 11 Apr 2019 08:24:56 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: "5caef9d8-1e37"
strict-transport-security: max-age=63072000
content-type: image/png
accept-ranges: bytes

GET
H2 200 icon1.png
1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/ 3 KB
3 KB 225ms
222ms Image
image/png 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/icon1.png

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

ce8f8a05d56c239f39c67aed22e0172f500ae6b52bd64da6bc666b7a489bdaf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
x-77-nzt-ray: P1yigTCiFfs
x-77-cache: HIT
x-cache: HIT
x-age: 879361
content-length: 2984
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBbTl4D/AWsNAA
x-accel-expires: @1663759015
last-modified: Thu, 27 Jan 2022 09:29:27 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: "61f265f7-ba8"
strict-transport-security: max-age=63072000
content-type: image/png
accept-ranges: bytes

GET
H2 200 icon2.png
1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/ 3 KB
3 KB 225ms
223ms Image
image/png 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/icon2.png

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

8258a3313b25e614cfc89e32ff214c7fe0d6486c4c70eaea3956117c9839289e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
x-77-nzt-ray: zHzI/cZ8FAs
x-77-cache: HIT
x-cache: HIT
x-age: 976327
content-length: 2797
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBb9//j/x+UOAA
x-accel-expires: @1663662049
last-modified: Thu, 27 Jan 2022 09:29:28 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: "61f265f8-aed"
strict-transport-security: max-age=63072000
content-type: image/png
accept-ranges: bytes

GET
H2 200 icon3.png
1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/ 3 KB
3 KB 225ms
223ms Image
image/png 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/icon3.png

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

3eddbbc525a594b28f590a606c3cd34760e23a7b11026738444fdbb946725f41

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
x-77-nzt-ray: MJp1XdXhWnY
x-77-cache: HIT
x-cache: HIT
x-age: 416217
content-length: 3091
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBapgFD/2VkGAA
x-accel-expires: @1664222159
last-modified: Thu, 27 Jan 2022 09:29:28 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: "61f265f8-c13"
strict-transport-security: max-age=63072000
content-type: image/png
accept-ranges: bytes

GET
H2 200 icon4.png
1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/ 2 KB
3 KB 225ms
223ms Image
image/png 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/icon4.png

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

c58253d7d16a8f29cc51b4892fa0ee858960df9834bfd5e66094a080ab984b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
x-77-nzt-ray: dv+nkQ3dUXE
x-77-cache: HIT
x-cache: HIT
x-age: 879361
content-length: 2427
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBaIWfT/AWsNAA
x-accel-expires: @1663759015
last-modified: Thu, 27 Jan 2022 09:29:28 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: "61f265f8-97b"
strict-transport-security: max-age=63072000
content-type: image/png
accept-ranges: bytes

GET
H2 200 bg2.png
1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/ 111 KB
112 KB 225ms
224ms Image
image/png 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/bg2.png

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

d19eb445a6af98fcaa6bd29403bdeba578c100a18e150613c52050aa01a2c2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
x-77-nzt-ray: JK/V5YNNy3U
x-77-cache: HIT
x-cache: HIT
x-age: 416217
content-length: 113670
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBYs71T/2VkGAA
x-accel-expires: @1664222159
last-modified: Thu, 27 Jan 2022 11:48:39 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: "61f28697-1bc06"
strict-transport-security: max-age=63072000
content-type: image/png
accept-ranges: bytes

GET
H2 200 icon_photographic.jpg
1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/ 2 KB
2 KB 226ms
224ms Image
image/jpeg 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/icon_photographic.jpg

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

03e21e3cd2c5bf2699567c5cf445d9c0c20c0c4e25c84f01c046f368bb8204ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
x-77-nzt-ray: 6IwIzwY4pII
x-77-cache: HIT
x-cache: HIT
x-age: 879361
content-length: 2061
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBbHTEX/AWsNAA
x-accel-expires: @1663759015
last-modified: Thu, 27 Jan 2022 09:29:29 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: "61f265f9-80d"
strict-transport-security: max-age=63072000
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 bg3.png
1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/ 238 KB
238 KB 226ms
224ms Image
image/png 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/bg3.png

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

270c9ed9a11c458857eb55b0fe7c495c276d7ff598d8385ec3e1606e31d4df8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
x-77-nzt-ray: dFbbbXUcmmg
x-77-cache: HIT
x-cache: HIT
x-age: 416217
content-length: 243366
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBZNOgD/2VkGAA
x-accel-expires: @1664222159
last-modified: Thu, 27 Jan 2022 09:29:26 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: "61f265f6-3b6a6"
strict-transport-security: max-age=63072000
content-type: image/png
accept-ranges: bytes

GET
H2 200 bg4.png
1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/ 56 KB
57 KB 226ms
225ms Image
image/png 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/bg4.png

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

6c39509ded3ba05e0baafa6ff82425e87c8f2228679d2ff50b380f6e8ff7c575

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
x-77-nzt-ray: cUaqkDP4Ldk
x-77-cache: HIT
x-cache: HIT
x-age: 879361
content-length: 57830
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBadb/L/AWsNAA
x-accel-expires: @1663759015
last-modified: Thu, 27 Jan 2022 11:55:37 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: "61f28839-e1e6"
strict-transport-security: max-age=63072000
content-type: image/png
accept-ranges: bytes

GET
H2 200 phones.jpg
1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/ 10 KB
10 KB 227ms
225ms Image
image/jpeg 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/phones.jpg

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

840898f72c4ab58c5ca826688cadda4661eab5482647ff5d8f858ec3950dd129

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
x-77-nzt-ray: Qqh1BzPIP84
x-77-cache: HIT
x-cache: HIT
x-age: 416217
content-length: 9883
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBbWXf7/2VkGAA
x-accel-expires: @1664222159
last-modified: Thu, 24 Mar 2022 10:23:21 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: "623c4699-269b"
strict-transport-security: max-age=63072000
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 display.jpg
1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/ 7 KB
7 KB 227ms
225ms Image
image/jpeg 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/img/display.jpg

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

ace0b5126bcfba77bc4e4fbd0dd7f55b2024385193307087a0a491aaa5cc2b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
x-77-nzt-ray: zvofiTqaOqI
x-77-cache: HIT
x-cache: HIT
x-age: 416217
content-length: 7241
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBZV1jH/2VkGAA
x-accel-expires: @1664222159
last-modified: Thu, 27 Jan 2022 09:29:27 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: "61f265f7-1c49"
strict-transport-security: max-age=63072000
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 scripts.js Show response
1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/js/ 4 KB
2 KB 225ms
86ms Script
application/javascript 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to

Full URL

https://1607929107.rsc.cdn77.org/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/js/scripts.js

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

ea909cdab5f95bd4981e661532b127b9fba294d88bbfba6d6bbf6d043e031c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-nzt-ray: YB6LsW+JLzY
x-77-cache: HIT
x-cache: HIT
x-age: 416217
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBa3ibL/2VkGAA
x-accel-expires: @1664222159
last-modified: Thu, 27 Jan 2022 10:23:18 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: W/"61f27296-1050"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8

GET
H2 200 script.js Show response
1607929107.rsc.cdn77.org/ci/cc_tl_script/ 43 KB
15 KB 337ms
199ms Script
application/javascript 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to

Full URL

https://1607929107.rsc.cdn77.org/ci/cc_tl_script/script.js

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

1d74d49139afa45dc87701a1ad71b2b51d02f119892766600345a5f9f4c1003b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-nzt-ray: JSp7MRBtBws
x-77-cache: HIT
x-cache: HIT
x-age: 193717
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBYmZvL/tfQCAA
x-accel-expires: @1664444659
last-modified: Tue, 26 Apr 2022 09:33:45 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: W/"6267bc79-acdf"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8

GET
H2 200 main.js Show response
1607929107.rsc.cdn77.org/ci/cc_script/ 61 KB
22 KB 300ms
161ms Script
application/javascript 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to

Full URL

https://1607929107.rsc.cdn77.org/ci/cc_script/main.js

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

45058cd811432ce869ffe591102337d62dbc6041f4a31ff5a57a7c22322141d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 19 Sep 2022 15:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-nzt-ray: tBhPpC0sL5g
x-77-cache: HIT
x-cache: HIT
x-age: 967729
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBafmx//McQOAA
x-accel-expires: @1663670647
last-modified: Tue, 05 Apr 2022 10:22:34 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: W/"624c186a-f295"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8

GET
H2 200 push.js Show response
brainleangains.com/ 535 B
697 B 142ms
139ms Script
application/javascript 2.58.213.99

General

Check archive.org

Show headers Download Go to

Full URL: https://brainleangains.com/push.js
Requested by: Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.58.213.99 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b4e711d8fcc6b1ba70852ac681a7d0570f33e4694b01401f2cbbe10c9e313138

Request headers

Referer: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=
Origin: https://brainleangains.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:32:56 GMT
last-modified: Tue, 09 Mar 2021 10:43:54 GMT
server: nginx
etag: "6047516a-217"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 535

GET
H2 200 script.js Show response
brainleangains.com/ci/sr-events/ 17 KB
17 KB 143ms
140ms Script
application/javascript 2.58.213.99

General

Check archive.org

Show headers Download Go to

Full URL

https://brainleangains.com/ci/sr-events/script.js

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.58.213.99 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

668f54fa61854a580fe91864d7e59ae5d379e171b3b6b986ce7a862969d8bc36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:32:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Mar 2021 16:04:10 GMT
server: nginx
etag: "6042567a-4329"
x-frame-options: sameorigin
content-type: application/javascript; charset=utf-8
strict-transport-security: max-age=63072000
accept-ranges: bytes
content-length: 17193
x-xss-protection: 1; mode=block

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 337ms
66ms Font
font/woff2 2607:f8b0:4006:820::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://brainleangains.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 05:14:26 GMT
x-content-type-options: nosniff
age: 37111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 05:14:26 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 389ms
128ms Font
font/woff2 2607:f8b0:4006:820::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://brainleangains.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 17:23:51 GMT
x-content-type-options: nosniff
age: 338946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 17:23:51 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 325ms
75ms Font
font/woff2 2607:f8b0:4006:820::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://brainleangains.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 03:51:42 GMT
x-content-type-options: nosniff
age: 560475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 03:51:42 GMT

GET
H2 200 en.json Show response
brainleangains.com/ci/cc_tl/ 4 KB
4 KB 140ms
139ms XHR
application/json 2.58.213.99

General

Check archive.org

Show headers Download Go to

Full URL

https://brainleangains.com/ci/cc_tl/en.json

Requested by

Host: 1607929107.rsc.cdn77.org
URL: https://1607929107.rsc.cdn77.org/ci/cc_tl_script/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.58.213.99 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

901718336d27acffa709fad9830bb44805108c2181e48aaa93035ec5a6d639dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:32:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 May 2022 09:55:04 GMT
server: nginx
etag: "62909ff8-fb6"
x-frame-options: sameorigin
content-type: application/json
strict-transport-security: max-age=63072000
accept-ranges: bytes
content-length: 4022
x-xss-protection: 1; mode=block

GET
H2 200 en.json Show response
brainleangains.com/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/translations/ 3 KB
3 KB 140ms
140ms XHR
application/json 2.58.213.99

General

Check archive.org

Show headers Download Go to

Full URL

https://brainleangains.com/cam/CC/GS/iPhone_13_Pro_Gotzha_Exclusive/translations/en.json

Requested by

Host: 1607929107.rsc.cdn77.org
URL: https://1607929107.rsc.cdn77.org/ci/cc_tl_script/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.58.213.99 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

b96db0025ba3ad2e422dd760df14f5b03a14b887c984d2e6fb1914603aae83eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:32:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Mar 2022 10:27:21 GMT
server: nginx
etag: "623c4789-c34"
x-frame-options: sameorigin
content-type: application/json
strict-transport-security: max-age=63072000
accept-ranges: bytes
content-length: 3124
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK trackpush.min.js Show response
s3.amazonaws.com/cdn.aimtell.com/trackpush/ 47 KB
13 KB 223ms
78ms Script
text/javascript 52.217.165.24

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Requested by: Host: brainleangains.com
URL: https://brainleangains.com/push.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.165.24 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84539a57764fd40a7604197b8a0efe82113dc5d755f147a8ab6bd769417ff2ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 15:32:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Jun 2022 15:52:31 GMT
Server: AmazonS3
x-amz-request-id: ZWFZTHHGY1SKB01T
ETag: "7f1f0c2240af490b88a7cf1bc3834e44"
Content-Type: text/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 13310
x-amz-id-2: W01lEQi4oBHgQ5MM+2VGcrmDKmhGUrcUcbAzsTkYWMlKq8i4Lm1gNd3ZaGZFCzCkLAm5SO/B7t4=

POST
H2 200 open Show response
brainleangains.com/session/0aba7e3b-fe10-47e0-b30e-90ecb2c0f725/event/ 2 B
169 B 192ms
191ms XHR
application/json 2.58.213.99

General

Check archive.org

Show headers Download Go to

Full URL

https://brainleangains.com/session/0aba7e3b-fe10-47e0-b30e-90ecb2c0f725/event/open

Requested by

Host: brainleangains.com
URL: https://brainleangains.com/ci/sr-events/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.58.213.99 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain
Referer: https://brainleangains.com/d1da0c91-39bf-4cc6-8ede-2dfcfe9e1bde?ssid=0aba7e3b-fe10-47e0-b30e-90ecb2c0f725&r=38260-728677200&a=16151_23395&bro=
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:32:57 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: sameorigin
content-type: application/json
strict-transport-security: max-age=63072000
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 225ms
85ms Font
font/woff2 2607:f8b0:4006:820::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://brainleangains.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 22:08:47 GMT
x-content-type-options: nosniff
age: 581050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 22:08:47 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJnecmNE.woff2
fonts.gstatic.com/s/poppins/v20/ 5 KB
6 KB 114ms
114ms Font
font/woff2 2607:f8b0:4006:820::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://brainleangains.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 05:26:45 GMT
x-content-type-options: nosniff
age: 554772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5544
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 05:26:45 GMT

POST
H2 200 pageview Show response
signals.aimtell.com/ 43 B
360 B 136ms
42ms XHR
image/gif 2606:4700::6812:1f97

General

Check archive.org

Show headers Download Go to

Full URL: https://signals.aimtell.com/pageview?id_site=23271&v=3.972&support=1&state=default&wl=0
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://brainleangains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:32:57 GMT
access-control-allow-methods: GET,HEAD,OPTIONS
aimtell-hash-exists: 0
server: cloudflare
vary: Accept-Encoding
aimtell-traverse: 0
content-type: image/gif
access-control-allow-origin: https://brainleangains.com
access-control-expose-headers: Aimtell-Hash-Exists, Aimtell-Traverse
access-control-allow-credentials: true
cf-ray: 74d36082ab95da93-MIA
access-control-allow-headers: Content-Type, *
content-length: 43

GET 23271-161906366efd.json
cdn.aimtell.io/config/optin/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.google.com
URL: https://analytics.google.com/g/collect?v=2&tid=G-M4LTS1W8KM&gtm=2oe9e0&_p=978596268&cid=1802124057.1663601574&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&uid=08s9xuf97d0opbvhvxhkxx&sid=1663601574&sct=1&seg=1&dl=https%3A%2F%2Ftracking.directtraffic5.com%2Faff_c%3Foffer_id%3D23796%26aff_id%3D23395&dr=https%3A%2F%2Fwww.travelandleisure.life%2F&dt=&_s=2

Domain: cdn.aimtell.io
URL: https://cdn.aimtell.io/config/optin/23271-161906366efd.json

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
travelandleisure.life/	1970-01-20 06:08:07	Name: ip2location_redirection_first_visit Value: 1663601570
.www.travelandleisure.life/	1970-01-20 06:08:29	Name: IMT1663601571565 Value: KeEANbtO1Nd30faVn%2BHMQg%3D%3DuAAyt9BP5T1QFMbK%2BpZxGQ%3D%3D
tracking.directtraffic5.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: aj34db6g1q6dh9ais50np7urjr
.directtraffic5.com/	1970-01-20 15:42:41	Name: _ga Value: GA1.1.1802124057.1663601574
.directtraffic5.com/	1970-01-20 06:06:43	Name: __cf_bm Value: kCsM01GKGdc7xw16W2qMpZCUwWxtru1sam2ffwMg3DE-1663601574-0-Ab6ZnYWlofZm7w9cCCflJ1Jx6QEzIEKOv4LnONtxNOUvKqbqZ/cTZOlmmgKKe7l7RB7htP91ZoqyLOMoYzzYX753avcNsuAg2MOhy5WvKottFJkBiPZBLye7HkCf1J4gsQ==
tracking.directtraffic8.com/	1970-01-20 07:34:31	Name: enc_aff_session_23796 Value: ENC0382c605a52951e7492d8ef9ac17eeab0ee216a6a7a6adf0aea14bbd49de9680916e9f0a7d2c49506dda98a5927efb068b187509c3345de29915152cc5f831069c7f540497dfbc05b14c7193b9f56439b1f9bd634cc6bac7fbb090405d988dd2bf6013f81eb88dd539ecb399c47e627769ae4913213bf258f5d9e9ae81ac9979cf115f33829f9f968a0e4dd8e85cc751103ad2123fa9bb0014b539c5e2ec957fcc5624334353b3e9aafcc9922b830a2cc48f22372516f56d79c42252e6477db41701140fe3
tracking.directtraffic8.com/	1970-01-20 15:42:41	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
.oftenha.com/	1969-12-31 23:59:59	Name: sid Value: gHTD05/gop22YlrjJXZqiq17Jms9jrNBSMeuTLnSitnciVM+ZeL03w==
.oftenha.com/	1970-01-20 15:42:41	Name: trk Value: zDK6MHpf0wt9daoGg/NwCa17Jms9jrNBSMeuTLnSitnciVM+ZeL03w==
.oftenha.com/	1970-01-20 06:49:53	Name: c38260 Value: gHTD05/gop0WH6wMueQWNRXb30i2bQZ7PkHsHvhsKgdMCJrnWyGnZw==
.directtraffic5.com/	1970-01-20 15:42:41	Name: _ga_M4LTS1W8KM Value: GS1.1.1663601574.1.1.1663601576.58.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1607929107.rsc.cdn77.org
analytics.google.com
brainleangains.com
cdn.aimtell.io
fonts.googleapis.com
fonts.gstatic.com
oftenha.com
s3.amazonaws.com
signals.aimtell.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
tracking.directtraffic5.com
tracking.directtraffic8.com
travelandleisure.life
wlabashop.com
www.googletagmanager.com
www.travelandleisure.life
analytics.google.com
cdn.aimtell.io
2.58.213.99
2001:4860:4802:38::181
2606:4700:20::681a:fa6
2606:4700:3035::6815:3ca
2606:4700::6812:1f97
2606:4700::6812:acf
2607:f8b0:4004:c09::9b
2607:f8b0:4006:80e::2008
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::200a
2a02:6ea0:c400::11
34.246.234.151
5.2.73.214
52.217.165.24
96.44.182.131
03e21e3cd2c5bf2699567c5cf445d9c0c20c0c4e25c84f01c046f368bb8204ae
0eb4bee7ee4dce617815e8bb07ad1bb9e42c62de7a113cdf7ca1d21e25bd4c47
0f0ac9b02db03ab8b34d6d67e49adfd7432d82f26dcdedc95ce79901c9b3aedd
1d74d49139afa45dc87701a1ad71b2b51d02f119892766600345a5f9f4c1003b
1f4ecc55e13ed004388dc882a914c7c4a7c50c588d8d8d345ee7383a7dd42cee
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
270c9ed9a11c458857eb55b0fe7c495c276d7ff598d8385ec3e1606e31d4df8c
28c5ab92227b4fb0cf580d4e86bc76392724439b769355c220495eafced845ce
32f804577ed3af1f0ed9e3f8426299d6bb53c2466a49f1ad450c57e3a045e16a
3b6f469b4a4c1345615c263628ede7bcaf59566695b2a33dff9eafafd8267328
3caa773544d4e570d6228e747d9001ba189ff01a6b94eab72b0d73fed51dda8e
3eddbbc525a594b28f590a606c3cd34760e23a7b11026738444fdbb946725f41
45058cd811432ce869ffe591102337d62dbc6041f4a31ff5a57a7c22322141d5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c6bb9ac40da2f124bd37d843bb029549108e61ddf578eefebdf70af8856206a
668f54fa61854a580fe91864d7e59ae5d379e171b3b6b986ce7a862969d8bc36
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
69b00272157fa919ae1f190f3dc2ccb7cbeab3c34e3644d3c9cf22fc590903f8
6c39509ded3ba05e0baafa6ff82425e87c8f2228679d2ff50b380f6e8ff7c575
6ed6591f8b92bb2435ef56df2aa9148b2e80c98dc44424335620de31ec36bd09
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8258a3313b25e614cfc89e32ff214c7fe0d6486c4c70eaea3956117c9839289e
840898f72c4ab58c5ca826688cadda4661eab5482647ff5d8f858ec3950dd129
84539a57764fd40a7604197b8a0efe82113dc5d755f147a8ab6bd769417ff2ae
8ff307a9d0ea4eacb71e2f8430eb2e3f6db496d1b9d4e37bf83691b0a566ef1a
901718336d27acffa709fad9830bb44805108c2181e48aaa93035ec5a6d639dd
a5dc3777a21eb37675f41b55028ee69cd45c840971bf24e176a1d007ed096187
ace0b5126bcfba77bc4e4fbd0dd7f55b2024385193307087a0a491aaa5cc2b97
b2fa1f1d0a56ae437811f159bd3503508e17b06b2d2ec9c3d0a1992aa4f3a4b2
b4e711d8fcc6b1ba70852ac681a7d0570f33e4694b01401f2cbbe10c9e313138
b96db0025ba3ad2e422dd760df14f5b03a14b887c984d2e6fb1914603aae83eb
c58253d7d16a8f29cc51b4892fa0ee858960df9834bfd5e66094a080ab984b70
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce8f8a05d56c239f39c67aed22e0172f500ae6b52bd64da6bc666b7a489bdaf3
d19eb445a6af98fcaa6bd29403bdeba578c100a18e150613c52050aa01a2c2ab
d61ce1c86db16fe4df418aafce754d22b7386d764b9c75562ece9ac243ec4828
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea909cdab5f95bd4981e661532b127b9fba294d88bbfba6d6bbf6d043e031c4e
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd239e62f8e77dee3f2dba4a53db1572b1bbfa88615c13a1d05893a8e51294b6

brainleangains.com Open in urlscan Pro 2.58.213.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

96 %HTTPS

67 %IPv6

16 Domains

17 Subdomains

13 IPs

3 Countries

802 kBTransfer

1333 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

brainleangains.com Open in urlscan Pro
2.58.213.99 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

96 %
HTTPS

67 %
IPv6

16
Domains

17
Subdomains

13
IPs

3
Countries

802 kB
Transfer

1333 kB
Size

11
Cookies

51 HTTP transactions
0 data transactions