strm.to Open in urlscan Pro
54.235.68.37 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://us.umusic-online.com/c/AQjhkg4Q__EhGJ-5_GAg7OThCOBhp67qAaIRLV6HQzFqXHNmzdlMs4XDPI6QHw8JLwoE
Effective URL:
https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Count...
Submission: On August 08 via api (August 8th 2024, 9:56:26 pm UTC) from BE — Scanned from US

Summary HTTP 167 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 45 IPs in 3 countries across 37 domains to perform 167 HTTP transactions. The main IP is 54.235.68.37, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is strm.to.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 14th 2023. Valid for: a year.

This is the only time strm.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.66.0.126 172.66.0.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.235.68.37 54.235.68.37	14618 (AMAZON-AES) (AMAZON-AES)
10	209.85.144.154 209.85.144.154	15169 (GOOGLE) (GOOGLE)
12	13.224.214.111 13.224.214.111	16509 (AMAZON-02) (AMAZON-02)
1	3.166.192.126 3.166.192.126	16509 (AMAZON-02) (AMAZON-02)
13	2600:9000:230... 2600:9000:2305:4e00:14:38a4:2ec0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	3.166.192.19 3.166.192.19	16509 (AMAZON-02) (AMAZON-02)
2 4	18.164.116.57 18.164.116.57	16509 (AMAZON-02) (AMAZON-02)
1	209.85.144.157 209.85.144.157	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c03::84	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.214.43 13.224.214.43	16509 (AMAZON-02) (AMAZON-02)
1	173.194.207.157 173.194.207.157	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:400d:c04::61	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	3.163.245.4 3.163.245.4	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:2800:220... 2606:2800:220:de:468:2285:c1:4a3	15133 (EDGECAST) (EDGECAST)
2	146.75.80.157 146.75.80.157	54113 (FASTLY) (FASTLY)
5	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:20:... 2606:4700:20::681a:216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	23.212.250.200 23.212.250.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:35ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 12	54.68.105.140 54.68.105.140	16509 (AMAZON-02) (AMAZON-02)
2 2	68.67.160.76 68.67.160.76	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.146.5 69.173.146.5	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	209.85.232.157 209.85.232.157	15169 (GOOGLE) (GOOGLE)
2 2	100.28.66.45 100.28.66.45	14618 (AMAZON-AES) (AMAZON-AES)
1	172.240.155.116 172.240.155.116	7979 (SERVERS-COM) (SERVERS-COM)
1 1	69.194.242.12 69.194.242.12	26120 (RHYTHMONE) (RHYTHMONE)
1	69.194.240.13 69.194.240.13	26120 (RHYTHMONE) (RHYTHMONE)
1 1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:c	27630 (AS-XFERNET) (AS-XFERNET)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	51.222.239.232 51.222.239.232	16276 (OVH) (OVH)
2	2607:f8b0:400... 2607:f8b0:400d:c0e::9d	15169 (GOOGLE) (GOOGLE)
2	3.224.22.198 3.224.22.198	14618 (AMAZON-AES) (AMAZON-AES)
5	2607:f8b0:400... 2607:f8b0:400d:c00::8b	15169 (GOOGLE) (GOOGLE)
1	72.21.81.130 72.21.81.130	15133 (EDGECAST) (EDGECAST)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	142.251.163.99 142.251.163.99	15169 (GOOGLE) (GOOGLE)
6	173.194.204.155 173.194.204.155	15169 (GOOGLE) (GOOGLE)
2	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
14	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42:4f:... 2a04:4e42:4f::760	54113 (FASTLY) (FASTLY)
1	209.85.201.156 209.85.201.156	15169 (GOOGLE) (GOOGLE)
2	142.251.163.155 142.251.163.155	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c00::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c07::84	15169 (GOOGLE) (GOOGLE)
1	142.251.163.104 142.251.163.104	15169 (GOOGLE) (GOOGLE)
167	45

1 172.66.0.126 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

us.umusic-online.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.235.68.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-68-37.compute-1.amazonaws.com

strm.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 209.85.144.154 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f154.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.224.214.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-111.phl50.r.cloudfront.net

static.assetlab.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.166.192.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-166-192-126.phl51.r.cloudfront.net

linkstorage.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2305:4e00:14:38a4:2ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

services.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.166.192.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-166-192-19.phl51.r.cloudfront.net

cdn.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.164.116.57 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-57.jfk50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.144.157 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f157.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c03::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

3af8bfaef293ab73c8eb941bb7c308e4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-43.phl50.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.207.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f157.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.245.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:220:de:468:2285:c1:4a3 (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.80.157 (United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.212.250.200 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-250-200.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.68.105.140 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-105-140.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.76 (Colonia, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.113.107 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.146.5 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.85.232.157 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: qt-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.28.66.45 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-28-66-45.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.155.116 (United States)

ASN7979 (SERVERS-COM, US)

sync.colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.194.242.12 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:c (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.239.232 (Canada)

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0e::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.22.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-22-198.compute-1.amazonaws.com

us01.records.in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400d:c00::8b (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.81.130 (United States)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.163.99 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: wv-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 173.194.204.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:4f::760 (United States)

ASN54113 (FASTLY, US)

p.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.201.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f156.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c00::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.104 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 cm.g.doubleclick.net — Cisco Umbrella Rank: 363 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 bid.g.doubleclick.net — Cisco Umbrella Rank: 1443	195 KB
23	ad.gt 1 redirects a.ad.gt — Cisco Umbrella Rank: 2521 p.ad.gt — Cisco Umbrella Rank: 2796 ids.ad.gt — Cisco Umbrella Rank: 2348 id.hadron.ad.gt — Cisco Umbrella Rank: 2328 pixels.ad.gt — Cisco Umbrella Rank: 2702	40 KB
16	linkfire.com linkstorage.linkfire.com — Cisco Umbrella Rank: 182138 services.linkfire.com — Cisco Umbrella Rank: 180201 cdn.linkfire.com — Cisco Umbrella Rank: 186580	193 KB
14	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	10 KB
12	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	243 KB
12	assetlab.io static.assetlab.io — Cisco Umbrella Rank: 147981	402 KB
10	lytics.io c.lytics.io — Cisco Umbrella Rank: 19308	52 KB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10	472 B
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	658 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	23 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 1202 tr6.snapchat.com — Cisco Umbrella Rank: 1340	705 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	81 KB
4	googlesyndication.com 3af8bfaef293ab73c8eb941bb7c308e4.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 203	19 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 278	4 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 646	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 505	2 KB
3	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 19054 undefined.records.in.treasuredata.com Failed us01.records.in.treasuredata.com — Cisco Umbrella Rank: 40137	20 KB
2	scdn.co p.scdn.co — Cisco Umbrella Rank: 32883	352 KB
2	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 1176	761 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 319	1 KB
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 1373	727 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 764	2 KB
2	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2589	23 KB
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	31 KB
2	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 1868 analytics.twitter.com — Cisco Umbrella Rank: 1356	777 B
2	strm.to strm.to	47 KB
1	t.co t.co — Cisco Umbrella Rank: 979	376 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1081	201 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 1537	667 B
1	1rx.io sync.1rx.io — Cisco Umbrella Rank: 741	99 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1995	443 B
1	colossusssp.com sync.colossusssp.com — Cisco Umbrella Rank: 3082	202 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 694	1 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1413	21 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	19 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	2 KB
1	umusic-online.com 1 redirects us.umusic-online.com — Cisco Umbrella Rank: 738985	493 B
167	37

	Domain	Requested by
14	www.facebook.com	strm.to
13	services.linkfire.com	strm.to
12	ids.ad.gt	1 redirects strm.to
12	analytics.tiktok.com	static.assetlab.io analytics.tiktok.com
12	static.assetlab.io	strm.to static.assetlab.io
11	securepubads.g.doubleclick.net	strm.to securepubads.g.doubleclick.net
10	c.lytics.io	static.assetlab.io c.lytics.io strm.to
9	www.google.com	1 redirects strm.to tpc.googlesyndication.com
8	googleads.g.doubleclick.net	www.googleadservices.com strm.to www.googletagmanager.com
8	www.googletagmanager.com	static.assetlab.io www.googletagmanager.com p.ad.gt
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com analytics.tiktok.com
5	a.ad.gt	static.assetlab.io p.ad.gt
4	tr.snapchat.com	sc-static.net
4	connect.facebook.net	static.assetlab.io connect.facebook.net
4	sb.scorecardresearch.com	2 redirects strm.to
3	cm.g.doubleclick.net	2 redirects strm.to
3	pixel.tapad.com	3 redirects
3	match.adsrvr.org	3 redirects
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	bid.g.doubleclick.net	www.googleadservices.com
2	p.scdn.co	strm.to static.assetlab.io
2	pixels.ad.gt	p.ad.gt
2	id.hadron.ad.gt	cdn.hadronid.net
2	us01.records.in.treasuredata.com	cdn.treasuredata.com
2	u.openx.net	2 redirects
2	dpm.demdex.net	2 redirects
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	p.ad.gt	a.ad.gt
2	cdn.hadronid.net	a.ad.gt
2	static.ads-twitter.com	strm.to
2	cdn.linkfire.com	static.assetlab.io
2	strm.to	strm.to
1	pagead2.googlesyndication.com	analytics.tiktok.com
1	analytics.twitter.com	strm.to
1	t.co	strm.to
1	tr6.snapchat.com	sc-static.net
1	onetag-sys.com	strm.to
1	sync.go.sonobi.com	1 redirects
1	sync.1rx.io	strm.to
1	d.turn.com	1 redirects
1	sync.colossusssp.com	strm.to
1	token.rubiconproject.com	strm.to
1	platform.twitter.com	1 redirects
1	sc-static.net	static.assetlab.io
1	www.googleadservices.com	static.assetlab.io
1	cdn.treasuredata.com	static.assetlab.io
1	cdnjs.cloudflare.com	static.assetlab.io
1	3af8bfaef293ab73c8eb941bb7c308e4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	linkstorage.linkfire.com	strm.to
1	us.umusic-online.com	1 redirects
0	undefined.records.in.treasuredata.com Failed	cdn.treasuredata.com
167	52

This site contains links to these domains. Also see Links.

Domain
music.apple.com
music.amazon.com
music.youtube.com
open.spotify.com
www.youtube.com
soundcloud.com
www.deezer.com
play.napster.com
www.tidal.com
www.tiktok.com
www.instagram.com

Subject Issuer	Validity	Valid
strm.to Amazon RSA 2048 M03	`2023-12-14` - `2025-01-11`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
static.assetlab.io Amazon RSA 2048 M03	`2023-09-20` - `2024-10-17`	a year	crt.sh
linkfire.com Amazon RSA 2048 M03	`2024-05-01` - `2025-05-28`	a year	crt.sh
cdn.linkfire.com Amazon RSA 2048 M02	`2023-12-13` - `2025-01-10`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.treasuredata.com Amazon RSA 2048 M03	`2024-06-18` - `2025-07-17`	a year	crt.sh
*.googleadservices.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-18` - `2024-08-16`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
a.ad.gt WE1	`2024-08-07` - `2024-11-05`	3 months	crt.sh
lytics.io WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
hadronid.net WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
p.ad.gt Cloudflare Inc ECC CA-3	`2023-11-09` - `2024-11-07`	a year	crt.sh
*.ad.gt Amazon RSA 2048 M02	`2024-03-10` - `2025-04-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
*.colossusssp.com Go Daddy Secure Certificate Authority - G2	`2023-09-08` - `2024-10-09`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2024-06-13` - `2025-07-14`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.records.in.treasuredata.com Amazon RSA 2048 M02	`2023-11-19` - `2024-12-18`	a year	crt.sh
id.hadron.ad.gt WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-09` - `2024-11-07`	a year	crt.sh
pixels.ad.gt WE1	`2024-07-08` - `2024-10-06`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.scdn.co GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-09` - `2025-05-11`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Frame ID: 773857C3FAF9A84965BC513A76DA276F
Requests: 157 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 4B12DBF105F5C1E3EAA77B5E6BCC47EC
Requests: 1 HTTP requests in this frame

Frame: https://3af8bfaef293ab73c8eb941bb7c308e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6ED31267A4B64AD9CFA4CD6758EA6420
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=a02431f0-2da6-44ed-a557-26ff61410dbf&u_scsid=7e4bf5e1-90a8-4852-bf31-6967b0f6e206&u_sclid=5736a568-ced5-4d8a-9af2-4943feaf8fba
Frame ID: EE2F1FE0C7E2D56D0D80FB0A1067EFAD
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 935625F9FF3A2B45543667CEF7446701
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 4D3F47834D27DA70EDC1F035C10F7B8B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 048ABFC995400EF55A6DC685A343B030
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 53E087DECBD449826EF7081DADD4212C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jordan Davis - I Ain't Sayin'

Page URL History Show full URLs

https://us.umusic-online.com/c/AQjhkg4Q__EhGJ-5_GAg7OThCOBhp67qAaIRLV6HQzFqXHNmzdlMs4XDPI6QHw8JLwoE HTTP 302
https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

167
Requests

89 %
HTTPS

31 %
IPv6

37
Domains

52
Subdomains

45
IPs

3
Countries

2436 kB
Transfer

6641 kB
Size

54
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://music.apple.com/us/album/1757441853?i=1757441854&app=music&at=1010lKma&ct=LFV_7fd17edcd401e4c2bdcf579b6c174fac&itscg=30440&itsct=catchall_p1&lId=210902611&cId=EM&sr=1&src=Linkfire&ls=1
Title: Listen

Search URL Search Domain Scan URL

URL: https://music.amazon.com/albums/B0D9PV7FHJ/?trackAsin=B0D9PWHZD8&do=play&tag=umgnashville-20&ie=UTF8&linkCode=as2&ascsubtag=7fd17edcd401e4c2bdcf579b6c174fac&ref=dmm_acq_soc_us_u_lfire_lp_x_7fd17edcd401e4c2bdcf579b6c174fac&utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1
Title: Listen

Search URL Search Domain Scan URL

URL: https://music.youtube.com/watch?v=e1Jtby_VYME&src=Linkfire&lId=5cdc0f4e-1738-4cff-b370-8de899458243&cId=88171ca4-c325-4454-a8fb-9bc6c38cab7a&utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1
Title: Listen

Search URL Search Domain Scan URL

URL: https://open.spotify.com/track/7lCs3stpWCtAn5Y2lmnPhV?go=1&utm_campaign=fAfTD_96_fmly&utm_source=Owned_Email&utm_medium=Email&utm_content=5cdc0f4e-1738-4cff-b370-8de899458243_none_Jordan%2BDavis_101286136_I%2BAin%2527t%2BSayin%2527_I%2BAin%2527t%2BSayin%2527_20240711_direct_umgn-streaming_US_strm.to%2FIAintSayin&dm_i=4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1
Title: Listen

Search URL Search Domain Scan URL

URL: https://music.apple.com/us/album/1757441853?i=1757441854&app=itunes&at=1010lKma&ct=LFV_7fd17edcd401e4c2bdcf579b6c174fac&itscg=30440&itsct=catchall_p5&lId=210902611&cId=EM&sr=5&src=Linkfire&ls=1
Title: Download

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=XI7FL4P9uvc&src=Linkfire&lId=5cdc0f4e-1738-4cff-b370-8de899458243&cId=88171ca4-c325-4454-a8fb-9bc6c38cab7a&utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1
Title: Watch

Search URL Search Domain Scan URL

URL: https://soundcloud.com/jordandavisofficial/i-aint-sayin?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1
Title: Listen

Search URL Search Domain Scan URL

URL: https://www.deezer.com/track/2896913481?app_id=140685&utm_source=partner_linkfire&utm_campaign=7fd17edcd401e4c2bdcf579b6c174fac&utm_medium=Email&utm_term=umgn-streaming&utm_content=track-2896913481&dm_i=4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1
Title: Listen

Search URL Search Domain Scan URL

URL: https://play.napster.com/track/tra.810686987?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1
Title: Listen

Search URL Search Domain Scan URL

URL: http://www.tidal.com/track/376070993?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1
Title: Listen

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/t/ZTN97nxf5/?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1
Title: Use Sound

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reels/audio/358409680635340?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1
Title: Use Sound

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://us.umusic-online.com/c/AQjhkg4Q__EhGJ-5_GAg7OThCOBhp67qAaIRLV6HQzFqXHNmzdlMs4XDPI6QHw8JLwoE HTTP 302
https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://sb.scorecardresearch.com/cs/9923941/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 43

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 61

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001723154179-9GV8NCCQ-03N7%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&adnxs_id=201908936981589583&gdpr=0

Request Chain 62

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001723154179-9GV8NCCQ-03N7&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001723154179-9GV8NCCQ-03N7&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=d24a178b-b95a-4074-ab56-338bc4d03c38&id=AU1D-0100-001723154179-9GV8NCCQ-03N7

Request Chain 63

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001723154179-9GV8NCCQ-03N7 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001723154179-9GV8NCCQ-03N7 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=D30A563B-E0BD-4602-AC53-F5E87C092574&id=AU1D-0100-001723154179-9GV8NCCQ-03N7

Request Chain 65

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001723154179-9GV8NCCQ-03N7&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723154179-9GV8NCCQ-03N7%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001723154179-9GV8NCCQ-03N7&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723154179-9GV8NCCQ-03N7%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=320b226d-0cb1-4a43-837e-d9f7a3b5eeb3%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001723154179-9GV8NCCQ-03N7%252526tapad_id%25253D320b226d-0cb1-4a43-837e-d9f7a3b5eeb3%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d24a178b-b95a-4074-ab56-338bc4d03c38&ttd_puid=320b226d-0cb1-4a43-837e-d9f7a3b5eeb3%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001723154179-9GV8NCCQ-03N7%2526tapad_id%253D320b226d-0cb1-4a43-837e-d9f7a3b5eeb3%2C HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&tapad_id=320b226d-0cb1-4a43-837e-d9f7a3b5eeb3

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001723154179-9GV8NCCQ-03N7 HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&google_error=15

Request Chain 67

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001723154179-9GV8NCCQ-03N7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzE1NDE3OS05R1Y4TkNDUS0wM043

Request Chain 68

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001723154179-9GV8NCCQ-03N7&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001723154179-9GV8NCCQ-03N7 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001723154179-9GV8NCCQ-03N7&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001723154179-9GV8NCCQ-03N7 HTTP 302
https://ids.ad.gt/api/v1/adb_match?adb=20496042990391325784049842422866575213&id=AU1D-0100-001723154179-9GV8NCCQ-03N7

Request Chain 70

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001723154179-9GV8NCCQ-03N7 HTTP 302
https://ids.ad.gt/api/v1/amo_match?turn_id=2479847006180784417&id=AU1D-0100-001723154179-9GV8NCCQ-03N7

Request Chain 74

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&uid=[UID]&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&uid=c3e8a5ab-9977-4bb6-a8e7-a65d68b49f28&gdpr=0

Request Chain 75

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001723154179-9GV8NCCQ-03N7%26auid%3DAU1D-0100-001723154179-9GV8NCCQ-03N7 HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001723154179-9GV8NCCQ-03N7%26auid%3DAU1D-0100-001723154179-9GV8NCCQ-03N7 HTTP 302
https://ids.ad.gt/api/v1/openx?openx_id=8b91897c-fa6f-479e-afa8-58b6c803665b&id=AU1D-0100-001723154179-9GV8NCCQ-03N7&auid=AU1D-0100-001723154179-9GV8NCCQ-03N7

Request Chain 79

https://sb.scorecardresearch.com/b?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723154179381&ns_c=UTF-8&cs_fpid=7fd17edcd401e4c2bdcf579b6c174fac&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscorekw=umg&c7=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&c8=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723154179381&ns_c=UTF-8&cs_fpid=7fd17edcd401e4c2bdcf579b6c174fac&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscorekw=umg&c7=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&c8=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&c9=

Request Chain 100

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=40768864.1723154180&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM&dma=0&npa=0&gtm=45be4851v896291560za200&auid=822864404.1723154180&frm=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=40768864.1723154180&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM&dma=0&npa=0&gtm=45be4851v896291560za200&auid=822864404.1723154180&frm=0

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_cm&google_nid=lytics&google_hm=ZDY4MGFjYmMtYTY1My00MTY4LWJkN2QtZDQxNTdjODg0Y2U3 HTTP 302
https://c.lytics.io/c/provider/google?google_error=15

167 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request IAintSayinEM Show response
strm.to/
Redirect Chain

https://us.umusic-online.com/c/AQjhkg4Q__EhGJ-5_GAg7OThCOBhp67qAaIRLV6HQzFqXHNmzdlMs4XDPI6QHw8JLwoE
https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

131 KB
46 KB

489ms
220ms

Document
text/html

54.235.68.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.235.68.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-68-37.compute-1.amazonaws.com
Software: /
Resource Hash: ec4cd8b2a45a66e023d00fbf577fcb9866ec77d3ea9331524c1506191fa88138

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 08 Aug 2024 21:56:17 GMT
vary: Accept-Encoding
x-redirector-version: redirector-v3

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8b02c166f88a6a28-LAX
content-length: 0
date: Thu, 08 Aug 2024 21:56:17 GMT
location: https://strm.to:443/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
32 KB 384ms
136ms Script
text/javascript 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

6f66685b7a74bfd2bacaf0d7af4ca5b3fa10c3b459db45cf8344fcbd533b6980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32257
x-xss-protection: 0
server: cafe
etag: 198 / 19943 / 31086023 / config-hash: 16128897725172630884
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 08 Aug 2024 21:56:18 GMT

GET
H2 200 release-refresh.css
static.assetlab.io/redirector-prod/3.163.0/ 49 KB
6 KB 399ms
135ms Stylesheet
text/css 13.224.214.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.css
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-111.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0988674dcbae9072417b073f69fcb0a2f8b887dc6609a353bf51dbc9505e2d5f

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 12:34:28 GMT
x-amz-version-id: 108rjdIZSp7lYRsix09u5QNjgBynhQ.h
content-encoding: gzip
last-modified: Tue, 06 Aug 2024 12:23:26 GMT
server: AmazonS3
via: 1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
etag: W/"cdc728bfd57522ca777cf61f2773ea51"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 33711
x-amz-cf-id: DowEKjQGBEzIs7OKR684a--UjpfBYbZYxM4MepcGt_0a31ITsYDWlw==

GET
H2 200 release-refresh-light.css
static.assetlab.io/redirector-prod/3.163.0/ 22 KB
5 KB 404ms
140ms Stylesheet
text/css 13.224.214.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh-light.css
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-111.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a526e6f162cefdb6a60ba47786e531e20c92c97c92347f8dbfe262d3ece1f131

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: U_HwKyWj9zCvS5dLo.GjRN2FiBeoJ7WW
content-encoding: gzip
via: 1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
date: Thu, 08 Aug 2024 12:39:44 GMT
last-modified: Tue, 06 Aug 2024 12:23:26 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 33395
x-amz-server-side-encryption: AES256
etag: W/"ad144af8777be86b574e81fd0fcb7025"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: dxw6hF0sMNfwXMGXR5gBto1NlFrnvjkn-3RbQT3xTSBlGg7cnr0utA==

GET
H2 200 release-refresh.js Show response
static.assetlab.io/redirector-prod/3.163.0/ 501 KB
152 KB 429ms
165ms Script
application/javascript 13.224.214.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.js
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-111.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76d34322c9421b38b3283c824e51a24302389a9b2084110ec94d887a467e949d

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: UHVKlvq.wCl6Wy4Rhhcxq5QpRnQbd4Oj
content-encoding: gzip
via: 1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
date: Thu, 08 Aug 2024 12:39:45 GMT
last-modified: Tue, 06 Aug 2024 12:23:26 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 33394
x-amz-server-side-encryption: AES256
etag: W/"2bfe7e227ddc1ee9a1ddee67c946a344"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: mTxP_qJ8zf9FsV-DMlcm3B0_KlgHR8-VoKyO2mYKvyTxF5LvucMZ7Q==

GET
H2 200 artwork-440x440.jpg
linkstorage.linkfire.com/medialinks/images/70eace9d-b303-4472-807a-287758b21af4/ 55 KB
56 KB 455ms
146ms Image
image/jpeg 3.166.192.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linkstorage.linkfire.com/medialinks/images/70eace9d-b303-4472-807a-287758b21af4/artwork-440x440.jpg

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.166.192.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-166-192-126.phl51.r.cloudfront.net

Software

The Great Gig In The Sky / Master of Puppets

Resource Hash

cf6d6f80e954f25f50c1d0567f544cd87988372bb8927b9be60eda9ee6ca25f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: K2V9ST2_.sCfgcZdUuYijb2POd.vJ5n.
strict-transport-security: max-age=10368000; includeSubdomains; preload
x-content-type-options: nosniff
date: Thu, 08 Aug 2024 17:09:06 GMT
via: 1.1 2210e9afbcd8d797188be728cde2bece.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P2
age: 17233
x-amz-server-side-encryption: AES256
x-powered-by: Master of Puppets
x-cache: Hit from cloudfront
content-length: 56681
x-xss-protection: 1; mode=block
x-linkfire-security: security@linkfire.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Jul 2024 16:20:49 GMT
server: The Great Gig In The Sky
etag: "547cc8c5e5682f4b2787a2d82c278c6d"
expect-ct: max-age=0
x-frame-options: DENY
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: -VfUKEqkCwZY54s_uXB-1PMlU8UIJSRSqT-GVyk-kAOE_Xhsx6hmPA==

GET
H2 200 logo_applemusic_onlight.svg
services.linkfire.com/ 7 KB
4 KB 401ms
125ms Image
image/svg+xml 2600:9000:2305:4e00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_applemusic_onlight.svg
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:4e00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:03:13 GMT
x-amz-version-id: nGo7v092Ub92VgXy.O3WmDeRgTKJPui3
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 11:13:55 GMT
server: AmazonS3
via: 1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"3d4894f0254dc9d917c86fffd766046a"
age: 269586
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: Mt7LXNoPLakz1DyhpOZjGI7qd-qz03_FNNfCguKT4JX2nZLCp7cwIQ==

GET
H2 200 logo_amazonmusic_onlight.svg
services.linkfire.com/ 13 KB
6 KB 135ms
132ms Image
image/svg+xml 2600:9000:2305:4e00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_amazonmusic_onlight.svg
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:4e00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 975f93c89036852225cae57756ec08a8a54b479e5084889dd5b7c1c5c4ea3533

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:03:13 GMT
x-amz-version-id: t.6xwhzUsEMabMOAcrU_ahq8gb2zQE2F
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 12:43:26 GMT
server: AmazonS3
via: 1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"8431baffada660f88a05cf5c64654842"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 269586
x-amz-cf-id: wYJwIOGrozBE8Hnfhx1NvvUZXRA8JYzhFfts4d8OWeYhuCo9_gkELQ==

GET
H2 200 logo_youtubemusic_onlight.svg
services.linkfire.com/ 5 KB
2 KB 136ms
133ms Image
image/svg+xml 2600:9000:2305:4e00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_youtubemusic_onlight.svg
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:4e00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ce9c869d01258f4e024478cbb35d9c6d905e247fe95a11984e5277a96dde0fd

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:03:13 GMT
x-amz-version-id: G1rOQPF3JpQef3z0Vi5fsLBWAO__tg2E
content-encoding: gzip
last-modified: Fri, 23 Jun 2023 08:30:20 GMT
server: AmazonS3
via: 1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"d074b492d1d7017ee94ac92a3891a8c7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 269586
x-amz-cf-id: aWUOoGczyBi38g15wWS_DYwJhsWBEQzHK6L7rx0tuG5hjD1-S9x3uQ==

GET
H2 200 logo_spotify_onlight.svg
services.linkfire.com/ 6 KB
3 KB 142ms
139ms Image
image/svg+xml 2600:9000:2305:4e00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_spotify_onlight.svg
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:4e00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:03:13 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 02 Nov 2016 12:14:43 GMT
server: AmazonS3
via: 1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"10ebad8fc307d85d6ed34e9fa95a7577"
age: 269586
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 5TWyvOvVU7rfNdAUCmzfMGh1vwBP5Pbhayp3OzLqQxY8aix7TPvUIw==

GET
H2 200 logo_itunes_onlight.svg
services.linkfire.com/ 19 KB
5 KB 150ms
147ms Image
image/svg+xml 2600:9000:2305:4e00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_itunes_onlight.svg
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:4e00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:03:13 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 23 Mar 2018 08:26:33 GMT
server: AmazonS3
via: 1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"db14889932940c59c989f46bcff71c80"
age: 269586
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: lluA2YE8w0ItoyAuunBQbrpYhO4nJkTI4Ac4O627xODtK_EqQ9TwKA==

GET
H2 200 logo_youtube_onlight.svg
services.linkfire.com/ 5 KB
2 KB 153ms
151ms Image
image/svg+xml 2600:9000:2305:4e00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_youtube_onlight.svg
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:4e00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd81b461460be294f5f898a95bc4cca37ea71adc49be0752e8ef61d949b99187

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:03:13 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 05 Sep 2017 06:21:42 GMT
server: AmazonS3
via: 1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"3494584b9c841fca921d798912531d4d"
age: 269586
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: xOHJTGNTQNbxZpvd66wAneRdXWY4fShTXS5OAzIuwz8my2EchZnnzg==

GET
H2 200 logo_soundcloud_onlight.svg
services.linkfire.com/ 7 KB
3 KB 156ms
153ms Image
image/svg+xml 2600:9000:2305:4e00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_soundcloud_onlight.svg
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:4e00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fdaf641251a8854b64e807fef8f115f1e47cf644cfe6c76e0e36d067962bb9a3

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:04:53 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 10 Aug 2016 15:03:55 GMT
server: AmazonS3
via: 1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"dfe6031f9e194784911a4fcc715b8471"
age: 269486
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: OqdNf6qFmsmEfnYYrD3FW0NdyD3qV__6FMoNFL_M3yVrqqE_mCHAew==

GET
H2 200 logo_deezer_onlight.svg
services.linkfire.com/ 4 KB
2 KB 158ms
156ms Image
image/svg+xml 2600:9000:2305:4e00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_deezer_onlight.svg
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:4e00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40039e484599ff9d06a8b426c17036fd4808e27f9f80f36857f0dd43e398df35

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:03:13 GMT
x-amz-version-id: WvAwStsf6xWaBuT2.jFQmXhqB6pMNhyj
content-encoding: gzip
last-modified: Wed, 29 Nov 2023 08:40:03 GMT
server: AmazonS3
via: 1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"4b2c962216daeabe96dfaf3d2a6c8eb8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 269586
x-amz-cf-id: X5fhGkyE_DLz9xTaVsLA6_57TfTdmyA_IZZd0q4DejKkY4hXFF1hhg==

GET
H2 200 logo_napster_onlight.svg
services.linkfire.com/ 5 KB
3 KB 220ms
218ms Image
image/svg+xml 2600:9000:2305:4e00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_napster_onlight.svg
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:4e00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b2acb074dcb1812659d1b287a9d6dd4672dce0a19b0599fb07d347fbe019145

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:13:11 GMT
x-amz-version-id: ZT6UTvKLbJ2HF96NJQs65pRp4bzo6uTG
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 12:42:42 GMT
server: AmazonS3
via: 1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"578e4766a62a65fb64b8c01774f3e0ca"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 268988
x-amz-cf-id: 85JibPAiy2RZrUKzPaf43bYci7ISCKtt4jNsGqcUK5JF7jB_LL2oTw==

GET
H2 200 logo_tidal_onlight.svg
services.linkfire.com/ 4 KB
2 KB 220ms
218ms Image
image/svg+xml 2600:9000:2305:4e00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_tidal_onlight.svg
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:4e00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 763c09aa56110b05ed4d4d716ba81736b6fe696c57d66cbef6d850d9bfe35782

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:03:13 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 10 Aug 2016 15:07:49 GMT
server: AmazonS3
via: 1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"2fd0abb508ea5e93eec3ad5a5d46141c"
age: 269586
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: vbfkBkbB250eVRjFQRNW7NB8adrSL6ovpLp_exH8elFOrHnc8g1nsA==

GET
H2 200 logo_tiktokusemysound_onlight.svg
services.linkfire.com/ 8 KB
4 KB 227ms
226ms Image
image/svg+xml 2600:9000:2305:4e00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_tiktokusemysound_onlight.svg
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:4e00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cf55a87b7f1fa76861a1df2471f1686d79cbb7a6f0f94eb1de32b6bfe493fdb

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:33:50 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 08:19:29 GMT
server: AmazonS3
via: 1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"e0e732a5c24832495ed1c5fae373e955"
age: 300149
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: kToxA2ITRcScw5ELw0utVJk1eT4_8X9sF8gvZdKSwB6_ktDS6aLwzA==

GET
H2 200 logo_igreelsuseaudio_onlight.svg
services.linkfire.com/ 122 KB
50 KB 251ms
249ms Image
image/svg+xml 2600:9000:2305:4e00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_igreelsuseaudio_onlight.svg
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:4e00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ff7d694e3edea78d3f09ea490a73896751cb3f6781e5d18ed14da124fd46d2f

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:16:02 GMT
x-amz-version-id: mOuCMEh8142sPKgj1MMJvXOCz05bTivx
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 09:16:16 GMT
server: AmazonS3
via: 1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"1def77cc85752c1df79299ecc44a047e"
age: 301216
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: qVqiAgpu0CpdCHextiau7kPwEzBuqTqLKOmbQi884bp7BiMPmffumw==

GET
H2 200 logo_emailsignup_onlight.svg
services.linkfire.com/ 1 KB
1 KB 227ms
226ms Image
image/svg+xml 2600:9000:2305:4e00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_emailsignup_onlight.svg
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:4e00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d75816b9dece5518f15df8feeaad5db22bc529345ad130f042beb6be6d9afba

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:27:52 GMT
x-amz-version-id: QtzcHOhqJYjRDAOC68hH28rd5jeMRg37
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 13:33:58 GMT
server: AmazonS3
via: 1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"84a83713da204bddd8f28bd52beaf716"
age: 268107
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: LrR280kUcdjur7p-q1Th3vhXMVuOFemB6i2GJybWJZtK59HvqCp7Gw==

GET
H2 200 skin.js Show response
static.assetlab.io/redirector-prod/3.163.0/ 558 KB
163 KB 325ms
321ms Script
application/javascript 13.224.214.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.163.0/skin.js
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-111.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c554840debebb1ab92ddae039e500fb187996ee010f6a623cf7e801ab9f37b5

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: ogQBCCJvponUxOyXyJe0vhliPRW5g3lH
content-encoding: gzip
via: 1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
date: Thu, 08 Aug 2024 12:34:28 GMT
last-modified: Tue, 06 Aug 2024 12:23:26 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 33711
x-amz-server-side-encryption: AES256
etag: W/"d02b561bf25f766a437b98064c5fbe00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: QGGowNwMRwe5n3lETrgceDolb54cI5OSSm5eRn0r-A3bwT04XYjlLA==

GET
H2 200 legacy-scripts.js Show response
static.assetlab.io/redirector-prod/3.163.0/ 151 KB
48 KB 439ms
438ms Script
application/javascript 13.224.214.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.163.0/legacy-scripts.js
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-111.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da0c5870836a5450370f318edf8fd417c62ae42447d6c86c422017f2a3f56ee7

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 09:48:09 GMT
x-amz-version-id: _vjgE_Y.BLG_mJbZTe7jcNCtJYg53gWj
content-encoding: gzip
last-modified: Tue, 06 Aug 2024 12:23:26 GMT
server: AmazonS3
via: 1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
etag: W/"97c8f7647ac11b9a125aa49c72a928f5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 43690
x-amz-cf-id: qWVOptKJRKnqLjikj7oVaCN8l7ecFRrhmKDXVJnnhCUE88APoMkIEw==

GET
H2 200 consent.js Show response
static.assetlab.io/consent/1.11.5/ 53 KB
17 KB 467ms
466ms Script
application/javascript 13.224.214.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.11.5/consent.js
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-111.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34078200e60ca43461630face48ad447b8f0b168fb47690f478072e2c1a9e5f5

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: ju_8K.PDZRV094KIBbbtKu8mQZRT_cL7
content-encoding: gzip
via: 1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
date: Thu, 08 Aug 2024 12:06:48 GMT
last-modified: Thu, 09 Nov 2023 11:02:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 35375
x-amz-server-side-encryption: AES256
etag: W/"f936b19d6eee687f4d908c31b9ca592d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: WBCb39wfgkYWezJVhdErfR4D2-V-nh95m8z5WSvhLjuAa3uYo2UgnA==

GET
H2 200 IBMPlexSans-SemiBold.woff
cdn.linkfire.com/fonts/ 25 KB
26 KB 436ms
146ms Font
application/font-woff 3.166.192.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkfire.com/fonts/IBMPlexSans-SemiBold.woff
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh-light.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.166.192.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-166-192-19.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48442a68a245429c0b9e568a6aa953928ddfa30d565551ecf09fe2420479f2af

Request headers

Referer: https://static.assetlab.io/
Origin: https://strm.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 6QfHoSLi8D0hZ8GH.358xmsYXPD21ebG
date: Thu, 08 Aug 2024 12:16:00 GMT
via: 1.1 90387ae1c8647ff5d9cc7597b468249a.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P2
age: 34823
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 25840
last-modified: Thu, 07 Dec 2023 15:19:56 GMT
server: AmazonS3
etag: "cc3d30a6545d5217e219fa6e9b17d708"
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: PCKKKOCc49QxjvbDPFxTf0qg3Kya-_ESCpLPus4259CIyQMoKSqWrQ==

GET
H2 200 IBMPlexSans-Regular.woff
cdn.linkfire.com/fonts/ 24 KB
24 KB 551ms
261ms Font
application/font-woff 3.166.192.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkfire.com/fonts/IBMPlexSans-Regular.woff
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh-light.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.166.192.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-166-192-19.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1df9c953053965fc56c34399bc55ac59f6ab462e6027ce3cb0643d8028319ab3

Request headers

Referer: https://static.assetlab.io/
Origin: https://strm.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Ook11omPFO9UPvfXfjgVP61zDIApcoGC
date: Thu, 08 Aug 2024 06:47:34 GMT
via: 1.1 90387ae1c8647ff5d9cc7597b468249a.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P2
age: 54544
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24448
last-modified: Thu, 07 Dec 2023 15:19:57 GMT
server: AmazonS3
etag: "c0caf3a69092fc5c08443b413ea38896"
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: vox8NRk_v1UrAjDsZriZtG5S00xf2dLJZzSw99sz0DjVopfdZhWB8w==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/ 473 KB
148 KB 124ms
123ms Script
text/javascript 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31086023

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

3a26214bd1e8719fc7fba6929bdaab7d7f6971af5336aa013606160d1a580929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 10:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40771
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151235
x-xss-protection: 0
server: cafe
etag: 7729326465989859830
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 08 Aug 2025 10:36:47 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 55 B
67 B 421ms
174ms XHR
application/json 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=strm.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

06392de0d85cd6345b58a53908bfaa7b3386a9b81703d1bc802130bf37deddbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Thu, 08 Aug 2024 21:56:18 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/9923941/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

126ms
126ms

Script
application/javascript

18.164.116.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Server: 18.164.116.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-57.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 10:56:35 GMT
content-encoding: gzip
via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:02:23 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 39585
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: cXJapV8srIYx2bjzu4ZeLCt2esNwI9qN07zbYdhJSsKHrK1WsIl9eQ==

Redirect headers

date: Thu, 08 Aug 2024 21:56:19 GMT
via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: oeWcz2LU4FGcNB8sCWaxOOtgrJjJHYgzAtk0L5CGIEPSlbVu9VH1Pw==

POST
H2 200 / Show response
strm.to/~/tr/visit/ 70 B
229 B 222ms
220ms XHR
application/json 54.235.68.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://strm.to/~/tr/visit/
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.235.68.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-68-37.compute-1.amazonaws.com
Software: /
Resource Hash: 4175f5b19e7944037041939fd68f239627bb64a1601ec501f3962a8007c29fe3

Request headers

Referer: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 08 Aug 2024 21:56:18 GMT
x-redirector-version: redirector-v3
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=UTF-8

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 4B12 0
0 365ms
123ms Document
text/html 209.85.144.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31086023

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f157.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28915
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Aug 2024 21:35:09 GMT
expires: Thu, 08 Aug 2024 22:25:09 GMT
last-modified: Mon, 05 Aug 2024 19:44:26 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
592 B 156ms
156ms Fetch
text/plain 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4025093137154193&correlator=268244208062281&eid=31086023%2C31084181%2C21065724%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408070101&ptt=17&impl=fif&iu_parts=22051246401%2CHeader_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1723154178911&lmt=1723154178&adxs=0&adys=-160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723154177891&idt=954&cust_params=explicit%3Dno%26artist%3Djordan%2520davis%26album%3DI%2520Aint%2520Sayin%26linkid%3D5cdc0f4e-1738-4cff-b370-8de899458243%26boardid%3D8fd5c46c-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6efa2b56-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DUS%26city%3DEl%2520Segundo%26days%3D0%2520days%252C7%2520days%252C12%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=2736067097&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31086023

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

04602900f4083a252b65488d778d59162e4a42880d2aafcece255da8e0d3c6bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 562
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://strm.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 776 B
379 B 172ms
171ms Fetch
text/plain 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4025093137154193&correlator=268244208062281&eid=31086023%2C31084181%2C21065724%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408070101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-Click_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1723154178920&lmt=1723154178&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723154177891&idt=954&cust_params=explicit%3Dno%26artist%3Djordan%2520davis%26album%3DI%2520Aint%2520Sayin%26linkid%3D5cdc0f4e-1738-4cff-b370-8de899458243%26boardid%3D8fd5c46c-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6efa2b56-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DUS%26city%3DEl%2520Segundo%26days%3D0%2520days%252C7%2520days%252C12%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=1338496054&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31086023

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

5993055e40952fd858a461a048a4e0eff9979998c36bb4a0df52ec647605e354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 349
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://strm.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 783 B
384 B 162ms
161ms Fetch
text/plain 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4025093137154193&correlator=268244208062281&eid=31086023%2C31084181%2C21065724%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408070101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-amazon-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1723154178924&lmt=1723154178&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723154177891&idt=954&cust_params=explicit%3Dno%26artist%3Djordan%2520davis%26album%3DI%2520Aint%2520Sayin%26linkid%3D5cdc0f4e-1738-4cff-b370-8de899458243%26boardid%3D8fd5c46c-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6efa2b56-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DUS%26city%3DEl%2520Segundo%26days%3D0%2520days%252C7%2520days%252C12%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=1902184223&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31086023

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

0cf708c7f214501f9b32c83f757cc1c4b05a960a515d53583a180f75bf0e0ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 354
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://strm.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 784 B
386 B 195ms
194ms Fetch
text/plain 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4025093137154193&correlator=268244208062281&eid=31086023%2C31084181%2C21065724%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408070101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-spotify-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1723154178928&lmt=1723154178&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723154177891&idt=954&cust_params=explicit%3Dno%26artist%3Djordan%2520davis%26album%3DI%2520Aint%2520Sayin%26linkid%3D5cdc0f4e-1738-4cff-b370-8de899458243%26boardid%3D8fd5c46c-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6efa2b56-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DUS%26city%3DEl%2520Segundo%26days%3D0%2520days%252C7%2520days%252C12%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=4288002596&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31086023

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

f294a346cf7518e89871ff28ee479c032fe1e6031981da8914bcecc9f522d34b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://strm.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 782 B
381 B 164ms
163ms Fetch
text/plain 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4025093137154193&correlator=268244208062281&eid=31086023%2C31084181%2C21065724%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408070101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-tidal-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1723154178930&lmt=1723154178&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723154177891&idt=954&cust_params=explicit%3Dno%26artist%3Djordan%2520davis%26album%3DI%2520Aint%2520Sayin%26linkid%3D5cdc0f4e-1738-4cff-b370-8de899458243%26boardid%3D8fd5c46c-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6efa2b56-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DUS%26city%3DEl%2520Segundo%26days%3D0%2520days%252C7%2520days%252C12%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=3635752911&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31086023

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

2405e8aff635ceb047765ec151669013605d829556db1a33a03de2c336d5f76d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 351
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://strm.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 788 B
381 B 164ms
163ms Fetch
text/plain 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4025093137154193&correlator=268244208062281&eid=31086023%2C31084181%2C21065724%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408070101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-apple-music-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=6&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1723154178934&lmt=1723154178&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723154177891&idt=954&cust_params=explicit%3Dno%26artist%3Djordan%2520davis%26album%3DI%2520Aint%2520Sayin%26linkid%3D5cdc0f4e-1738-4cff-b370-8de899458243%26boardid%3D8fd5c46c-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6efa2b56-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DUS%26city%3DEl%2520Segundo%26days%3D0%2520days%252C7%2520days%252C12%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=3334755453&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31086023

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

fd75f3420fc054847d93826cadf7aa5aa56f398f489a9ec17317be2dc395a773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 351
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://strm.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 776 B
378 B 169ms
168ms Fetch
text/plain 209.85.144.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4025093137154193&correlator=268244208062281&eid=31086023%2C31084181%2C21065724%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408070101&ptt=17&impl=fif&iu_parts=22051246401%2CFooter_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x100%7C300x250%7C320x50%7C320x100%7C320x120&ifi=7&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1723154178936&lmt=1723154178&adxs=650&adys=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&vis=1&psz=300x0&msz=300x0&fws=4&ohw=400&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723154177891&idt=954&cust_params=explicit%3Dno%26artist%3Djordan%2520davis%26album%3DI%2520Aint%2520Sayin%26linkid%3D5cdc0f4e-1738-4cff-b370-8de899458243%26boardid%3D8fd5c46c-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6efa2b56-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DUS%26city%3DEl%2520Segundo%26days%3D0%2520days%252C7%2520days%252C12%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=309253681&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31086023

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f154.1e100.net

Software

cafe /

Resource Hash

5924d27bc4f91d1da75134621911dcc3409619020cec52a456b9e023a5e9c322

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 348
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://strm.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
3af8bfaef293ab73c8eb941bb7c308e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6ED3 0
0 380ms
124ms Document
text/html 2607:f8b0:400d:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3af8bfaef293ab73c8eb941bb7c308e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31086023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Aug 2024 21:56:19 GMT
expires: Thu, 08 Aug 2024 21:56:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 consent.css
static.assetlab.io/consent/1.11.5/ 26 KB
5 KB 129ms
129ms Stylesheet
text/css 13.224.214.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.11.5/consent.css
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.5/consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-111.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05a5fac03580933e0a88b0749020180b52b3f53580684264a0cae62686739071

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 07:02:14 GMT
x-amz-version-id: WTvuGC2z1ERFXKMCLZ9XULrgIJWRlKQX
content-encoding: gzip
last-modified: Thu, 09 Nov 2023 11:02:44 GMT
server: AmazonS3
via: 1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
etag: W/"a92b7b63d3b8f97456c3cb33d63a5e8b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 53646
x-amz-cf-id: mWDb_6XdCyO5xJDUgN_7axs9WCzMmJ_S9RAx4mLFfk7iS0Ek2PuvOg==

GET
H3 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/ 3 KB
2 KB 170ms
94ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js?_=1723154178962

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/legacy-scripts.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 19218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1065
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UydbDGVbaMWWftbWpm7l2160MFaAUENonkPpx7hCopWVtC4rkaKE4GhDXSkopnjbdrM4RCTuDpuAqmMFpnYe1MZtq5BxdhOPWQE5gLjp1bLmtJO5syk1thOeqfcDHYHpXGQ29HsN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b02c1734c1efaa2-SJC
expires: Tue, 29 Jul 2025 21:56:19 GMT

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/4.0/ 58 KB
20 KB 423ms
147ms Script
text/javascript 13.224.214.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/4.0/td.min.js
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-43.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2953217b5e320afbe57db90ecb6b3081e7eeae485330fe325b8b1ff17519f3c4

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 20:26:09 GMT
Content-Encoding: gzip
Via: 1.1 e2aea636b5bbfa67100e8bdb9eda1cf6.cloudfront.net (CloudFront)
Age: 610211
X-Amz-Cf-Pop: PHL50-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Thu, 25 Jul 2024 04:38:21 GMT
Server: AmazonS3
Etag: W/"e3df5edbe80dfeefb99eba311109e1ee"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: LUkIXIkPsY38PHPLJ8GBHi37H7qrmI4TPB2et1stjR6jB4MeUxILnw==

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 53 KB
19 KB 264ms
134ms Script
text/javascript 173.194.207.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.207.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f157.1e100.net

Software

cafe /

Resource Hash

ecfca7ea4d18b39b63c590e37c8665231fcba643fd84ebccd9331db413805fc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19614
x-xss-protection: 0
server: cafe
etag: 10320406913158679654
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 08 Aug 2024 21:56:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
85 KB 628ms
379ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-990257368

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42a699b5378af2c4d65058e57a5fefcfc5b65167d914851d3128787c1bb6a27e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87084
x-xss-protection: 0
last-modified: Thu, 08 Aug 2024 21:35:45 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Aug 2024 21:56:19 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 364ms
121ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 08 Aug 2024 21:56:19 GMT
document-policy: force-load-at-top
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=12, mss=1297, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 5dN/nKYGa14NYRD45Q87PZqaeAw233PasLAAEa6hdYegUNwxPDsBEsjyD7Rj/UTKIHIkaU9PIyMpRVm/azfFaw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 49 KB
21 KB 274ms
126ms Script
application/javascript 3.163.245.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.245.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 03e7e541339010449880241ca98364eb07fe42742a792c1fe6795e950500696d

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: gzip
via: 1.1 0bb718701d18fa15e55d41332dc987fe.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LAX54-P1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 21283
x-amz-cf-id: ZEcss-d9O5mOc5Ki-IVscuGKnONapAvY3da6kxlR7ExG_Poyz-Mx0g==

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

56 KB
15 KB

389ms
111ms

Script
application/javascript

146.75.80.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Server: 146.75.80.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 00:26:35 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000048-IAD, cache-chi-klot8100177-CHI

Redirect headers

Date: Thu, 08 Aug 2024 21:56:19 GMT
Server: ECS (laa/7BD7)
x-tw-cdn: VZ
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Location: https://static.ads-twitter.com/oct.js
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= ,x-tw-cdn;desc=VZ
Content-Length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 379ms
131ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-54175133-1

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6a50c1961b1750b21af3ec16fbb9cd604c24dd118d189e9272af565a21b8437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76829
x-xss-protection: 0
last-modified: Thu, 08 Aug 2024 21:10:17 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Aug 2024 21:56:19 GMT

GET
H2 200 28 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 287ms
152ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/28?url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&metadata=linkfire
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59dc63f394b7bc087a6c62cca998f2a31c5c234ee0fb6ce21e909c0993ea617a

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 08 Aug 2024 21:56:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 8b02c173df622ad0-LAX

GET
H2 200 99 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 151ms
144ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/99?url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&metadata=linkfire
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6ae0449e17adbb715e23334ea489b68d11d70e37f4e214c54022f9d488eee4b

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 08 Aug 2024 21:56:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 8b02c173df662ad0-LAX

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
83 KB 538ms
536ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N3L75Q

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77210821fc78e28d21bcf4b944c751d466e20987219db76428eeb8900cea55ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85313
x-xss-protection: 0
last-modified: Thu, 08 Aug 2024 21:35:45 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Aug 2024 21:56:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
65 KB 484ms
483ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTZKRN

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

294754ccd9c7dc68ea30c7fda66bba123771938182e5ff8285c7061b9120df1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66471
x-xss-protection: 0
last-modified: Thu, 08 Aug 2024 21:35:45 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Aug 2024 21:56:19 GMT

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/ 66 KB
23 KB 205ms
76ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/latest.min.js

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff362590942cd8bb93423aefea52b6f7c6cdabbc9e43e8e8833d6b3164959133

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592
last-modified: Thu, 08 Aug 2024 21:46:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8clTNVzT35exxWptR9drsG4%2FPn8Qzt%2BJAWCQwA88bQ%2BDPMoUsF%2FSD%2FuQ%2FDG0WJ7ganFJOXU7w41U%2FGeWGh4bpDcWZYTffau%2BdSysMVZmOyYPUMYnwq58NvB32K1xtZQV9EbeD1KxL0sp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
x-lytics-trace: 5b65e3f3cff8b1b457553ee5fc9f1edf
cf-ray: 8b02c1758eba5367-LAX

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 564ms
182ms Script
application/javascript 23.212.250.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2K14HSST06BEPRUJFA0&lib=ttq
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 431bfdc230e09259e9330bb7803bd6a88180ae3f067b7eccdc74cd9dbaf0a8b4

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 4ae2fbbc
date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240808215619792271ED8F9EED7910DD-7AF2CA49AB93B302-00
x-cache: TCP_MISS from a23-220-106-200.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=2, origin; dur=26
content-length: 1852
pragma: no-cache
server: nginx
x-tt-logid: 20240808215619792271ED8F9EED7910DD
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.220.106.200
x-tt-trace-host: 016cc988764925f3f50455469c7fbe91aeb48def40adf67fd3534affaaee994df88b350841e25a40446bcfc88ee88f5baed61a3be53be93d2be27eb9a0df6de717d97b7e280a06a89a98854acce20800d3ff956146456bb1629a6d94122c245087
expires: Thu, 08 Aug 2024 21:56:19 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 606ms
231ms Script
application/javascript 23.212.250.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BV8MGVGHEMJP3CGOMIPG&lib=ttq
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ff5a96a06a54d25d0519b4829dc150a5db17b3ea4e8625769b7bc795d87e54d7

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 4ae2fbbd
date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240808215619699612F70E1072A34AC0-7954E7CD98F2EB2A-00
x-cache: TCP_MISS from a23-220-106-200.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=4, origin; dur=51
content-length: 1672
pragma: no-cache
server: nginx
x-tt-logid: 20240808215619699612F70E1072A34AC0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 51,23.220.106.200
x-tt-trace-host: 016cc988764925f3f50455469c7fbe91aeb48def40adf67fd3534affaaee994df8a9814c142446c98075ee76c95fab73b42832d44703f467b62a31c9c6ec59763bef5cdcdb67cfbe02bb768ce5f4a479982828491d1256af4a0c717c4318fcb013
expires: Thu, 08 Aug 2024 21:56:19 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 578ms
222ms Script
application/javascript 23.212.250.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C56BFVO00UN7QUNFQJP0&lib=ttq
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b29d73e465fae0032e94f7ee9984fad9136cd06b320accaba9f985e4025171e

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 4ae2fbbf
date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240808215619B73AA54A2CE83A7B8FF7-020A5BACA04710E7-00
x-cache: TCP_MISS from a23-220-106-200.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=3, origin; dur=56
content-length: 2171
pragma: no-cache
server: nginx
x-tt-logid: 20240808215619B73AA54A2CE83A7B8FF7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 56,23.220.106.200
x-tt-trace-host: 016cc988764925f3f50455469c7fbe91aeb48def40adf67fd3534affaaee994df89e18bc0f85496f6a3180cc3550f8720850415b65a19c70357aa908f4c495a171f68b9fc2fa656f320a99cb97d65ac65f1f115d800b298c2679bf8f09d4302097
expires: Thu, 08 Aug 2024 21:56:19 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 7 KB
3 KB 474ms
177ms Script
application/javascript 23.212.250.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C56DKSBG5HFBPDLO1D50&lib=ttq
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d53dcc6a8f6d3cf804b4752d41c018bf9d6dc6b7aead91df587fd0f9cdf0fbf2

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 4ae2fbc0
date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240808215619F21A8175E47FD96393A6-3523E53BCB75CEBF-00
x-cache: TCP_MISS from a23-220-106-200.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=2, origin; dur=27
content-length: 2539
pragma: no-cache
server: nginx
x-tt-logid: 20240808215619F21A8175E47FD96393A6
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.220.106.200
x-tt-trace-host: 016cc988764925f3f50455469c7fbe91aeb48def40adf67fd3534affaaee994df826a2ca8ac33912dc03d19297a67f819a6522d1450e58ba3d33fe60a5429ed07b020e39a94a82b8155ae89c7ea1243647b314e7c36269c4a2b487b97aa28d98d4
expires: Thu, 08 Aug 2024 21:56:19 GMT

GET
H2 200 ic-shield-blue.svg
static.assetlab.io/consent/1.11.5/assets/ 1 KB
1 KB 128ms
128ms Image
image/svg+xml 13.224.214.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/consent/1.11.5/assets/ic-shield-blue.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.5/consent.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-111.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d

Request headers

Referer: https://static.assetlab.io/consent/1.11.5/consent.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 09:15:50 GMT
x-amz-version-id: FErtI0gzNDEeWzVCQ3e9MVmPMLaJLitq
content-encoding: gzip
last-modified: Thu, 09 Nov 2023 11:02:44 GMT
server: AmazonS3
via: 1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
etag: W/"560dd3386ebf80f78c934aeff4a6a82c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 45630
x-amz-cf-id: v4gCIjuyY7v7AFyJ2GiHjC3kdOXQTgB4OUp1qTGnCWDUT_btXlTkEA==

GET
H2 200 ic-close-s.svg
static.assetlab.io/consent/1.11.5/assets/ 351 B
757 B 130ms
130ms Image
image/svg+xml 13.224.214.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/consent/1.11.5/assets/ic-close-s.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.5/consent.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-111.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68

Request headers

Referer: https://static.assetlab.io/consent/1.11.5/consent.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 5joISQP4Yz0J9BIQ9cfsXECmH7OtFwmP
date: Thu, 08 Aug 2024 13:02:06 GMT
via: 1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
last-modified: Thu, 09 Nov 2023 11:02:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 32054
x-amz-server-side-encryption: AES256
etag: "d303b6c7d844d91101e1e4c63156cfec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 351
x-amz-cf-id: 3yCsWe4hb_N0edidhsuhwznLJ0RS1XJ9Mkeuda5fACdxdH4KNu4BvA==

GET
H2 200 a02431f0-2da6-44ed-a557-26ff61410dbf.json Show response
tr.snapchat.com/config/to/ 103 B
381 B 301ms
156ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/to/a02431f0-2da6-44ed-a557-26ff61410dbf.json?v=3.25.0-2408072327

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

eeba3ace9cbfefe01391c267ac236776ebe26bf6cd629ea90a9fb07f7253042b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept: application/json
Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
observe-browsing-topics: ?1
content-type: application/json
access-control-allow-origin: https://strm.to
x-envoy-upstream-service-time: 42
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103

GET
H2 200 i
tr.snapchat.com/cm/ Frame EE2F 0
0 254ms
113ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=a02431f0-2da6-44ed-a557-26ff61410dbf&u_scsid=7e4bf5e1-90a8-4852-bf31-6967b0f6e206&u_sclid=5736a568-ced5-4d8a-9af2-4943feaf8fba

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://strm.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Thu, 08 Aug 2024 21:56:19 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
12 KB 218ms
72ms Script
application/javascript 2606:4700:10::6816:35ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?partner_id=99&sync=1&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/99?url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&metadata=linkfire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
server: cloudflare
x-amz-request-id: 4GNMNHQXA94JVW78
age: 22
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=432000
cf-ray: 8b02c1768b762b8a-LAX
x-amz-id-2: FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
expires: Tue, 13 Aug 2024 21:56:19 GMT

GET
H2 200 99 Show response
p.ad.gt/api/v1/p/ 42 KB
14 KB 252ms
72ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/99
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/99?url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&metadata=linkfire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 047f4d701bf8b33cf7a9bb1b2511ea4a0a462c0f6d6f46f284770b25df54238b

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 21:47:42 GMT
server: cloudflare
age: 226
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b02c1772dad7d59-LAX

GET
H2 200 ip_match
ids.ad.gt/api/v1/ 0
192 B 285ms
89ms Image
text/html 54.68.105.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.105.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-105-140.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
server: nginx/1.24.0
content-length: 0
content-type: text/html; charset=utf-8

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001723154179-9GV8NCCQ-03N7%26adnxs_id%3D%24UID%26gdpr%3D0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&adnxs_id=201908936981589583&gdpr=0

43 B
143 B

91ms
91ms

Image
image/gif

54.68.105.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&adnxs_id=201908936981589583&gdpr=0
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Server: 54.68.105.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-105-140.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:20 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:20 GMT
an-x-request-uuid: 20e9161b-f105-4804-a76c-f89b56ccf661
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&adnxs_id=201908936981589583&gdpr=0
x-proxy-origin: 162.245.206.247; 162.245.206.247; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001723154179-9GV8NCCQ-03N7&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001723154179-9GV8NCCQ-03N7&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=d24a178b-b95a-4074-ab56-338bc4d03c38&id=AU1D-0100-001723154179-9GV8NCCQ-03N7

43 B
143 B

91ms
91ms

Image
image/gif

54.68.105.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=d24a178b-b95a-4074-ab56-338bc4d03c38&id=AU1D-0100-001723154179-9GV8NCCQ-03N7
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Server: 54.68.105.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-105-140.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:20 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/t_match?tdid=d24a178b-b95a-4074-ab56-338bc4d03c38&id=AU1D-0100-001723154179-9GV8NCCQ-03N7
date: Thu, 08 Aug 2024 21:56:19 GMT
server: Kestrel
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001723154179-9GV8NCCQ-03N7
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001723154179-9GV8NCCQ-03N7
https://ids.ad.gt/api/v1/pbm_match?pbm=D30A563B-E0BD-4602-AC53-F5E87C092574&id=AU1D-0100-001723154179-9GV8NCCQ-03N7

43 B
143 B

91ms
91ms

Image
image/gif

54.68.105.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=D30A563B-E0BD-4602-AC53-F5E87C092574&id=AU1D-0100-001723154179-9GV8NCCQ-03N7
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Server: 54.68.105.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-105-140.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:20 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=D30A563B-E0BD-4602-AC53-F5E87C092574&id=AU1D-0100-001723154179-9GV8NCCQ-03N7
date: Thu, 08 Aug 2024 21:56:19 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
1 KB 365ms
120ms Image
text/plain 69.173.146.5
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001723154179-9GV8NCCQ-03N7&gdpr=0
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.146.5 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 944e95ee0f10c9f2b2e7c77cc54a9a4a
Expires: 0

GET
H2

200

tapad_match
ids.ad.gt/api/v1/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001723154179-9GV8NCCQ-03N7&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723154179...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001723154179-9GV8NCCQ-03N7&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=320b226d-0cb1-4a43-837e-d9f7a3b5eeb3%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d24a178b-b95a-4074-ab56-338bc4d03c38&ttd_puid=320b226d-0cb1-4a43-837e-d9f7a3b5eeb3%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&tapad_id=320b226d-0cb1-4a43-837e-d9f7a3b5eeb3

43 B
143 B

581ms
581ms

Image
image/gif

54.68.105.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&tapad_id=320b226d-0cb1-4a43-837e-d9f7a3b5eeb3
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Server: 54.68.105.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-105-140.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:20 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

date: Thu, 08 Aug 2024 21:56:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&tapad_id=320b226d-0cb1-4a43-837e-d9f7a3b5eeb3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001723154179-9GV8NCCQ-03N7
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&google_error=15

43 B
143 B

90ms
90ms

Image
image/gif

54.68.105.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&google_error=15
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Server: 54.68.105.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-105-140.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:20 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001723154179-9GV8NCCQ-03N7
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzE1NDE3OS05R1Y4TkNDUS0wM043

170 B
243 B

263ms
126ms

Image
image/png

209.85.232.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzE1NDE3OS05R1Y4TkNDUS0wM043

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Server

209.85.232.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzE1NDE3OS05R1Y4TkNDUS0wM043
date: Thu, 08 Aug 2024 21:56:19 GMT
server: nginx/1.24.0
content-length: 453
content-type: text/html; charset=utf-8

GET
H2

200

adb_match
ids.ad.gt/api/v1/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001723154179-9GV8NCCQ-03N7&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001723154179-9GV8NC...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001723154179-9GV8NCCQ-03N7&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-01...
https://ids.ad.gt/api/v1/adb_match?adb=20496042990391325784049842422866575213&id=AU1D-0100-001723154179-9GV8NCCQ-03N7

43 B
143 B

179ms
178ms

Image
image/gif

54.68.105.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/adb_match?adb=20496042990391325784049842422866575213&id=AU1D-0100-001723154179-9GV8NCCQ-03N7
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Server: 54.68.105.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-105-140.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:20 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

dcs: dcs-prod-va6-1-v062-0c5d64612.edge-va6.demdex.com 11 ms
pragma: no-cache
date: Thu, 08 Aug 2024 21:56:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: tFLlOcOTRlU=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://ids.ad.gt/api/v1/adb_match?adb=20496042990391325784049842422866575213&id=AU1D-0100-001723154179-9GV8NCCQ-03N7
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 204
No Content ebfa23da174faa55634171c5e49d0152.gif
sync.colossusssp.com/ 0
202 B 376ms
126ms Image
text/plain 172.240.155.116
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001723154179-9GV8NCCQ-03N7&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-001723154179-9GV8NCCQ-03N7

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.240.155.116 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 08 Aug 2024 21:56:20 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Connection: keep-alive
Content-Type: text/plain

GET
H2

200

amo_match
ids.ad.gt/api/v1/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001723154179-9GV8NCCQ-03N7
https://ids.ad.gt/api/v1/amo_match?turn_id=2479847006180784417&id=AU1D-0100-001723154179-9GV8NCCQ-03N7

43 B
143 B

97ms
96ms

Image
image/gif

54.68.105.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/amo_match?turn_id=2479847006180784417&id=AU1D-0100-001723154179-9GV8NCCQ-03N7
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Server: 54.68.105.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-105-140.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:20 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/amo_match?turn_id=2479847006180784417&id=AU1D-0100-001723154179-9GV8NCCQ-03N7
pragma: no-cache
date: Thu, 08 Aug 2024 21:56:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
11 KB 71ms
70ms Script
application/javascript 2606:4700:10::6816:35ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?partner_id=28&sync=1&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/28?url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&metadata=linkfire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
server: cloudflare
x-amz-request-id: 4GNMNHQXA94JVW78
age: 22
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=432000
cf-ray: 8b02c178ade02b8a-LAX
x-amz-id-2: FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
expires: Tue, 13 Aug 2024 21:56:19 GMT

GET
H2 200 28 Show response
p.ad.gt/api/v1/p/ 47 KB
15 KB 77ms
77ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/28
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/28?url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&metadata=linkfire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c690c5c6a92b09f05ee624f3e114e1146ab1cd0ea0343bd2f20c5c0633ff8b64

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 21:52:15 GMT
server: cloudflare
age: 69
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b02c178af547d59-LAX

GET
H2 204 0
sync.1rx.io/usersync/audigent/ 0
99 B 375ms
123ms Image
text/plain 69.194.240.13
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001723154179-9GV8NCCQ-03N7%26unruly_id%3D%5BRX_UUID%5D
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:19 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2

200

son_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&uid=[UID]&gdpr=0
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&uid=c3e8a5ab-9977-4bb6-a8e7-a65d68b49f28&gdpr=0

43 B
143 B

107ms
107ms

Image
image/gif

54.68.105.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&uid=c3e8a5ab-9977-4bb6-a8e7-a65d68b49f28&gdpr=0
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Server: 54.68.105.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-105-140.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:20 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:20 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-217
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&uid=c3e8a5ab-9977-4bb6-a8e7-a65d68b49f28&gdpr=0
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

openx
ids.ad.gt/api/v1/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001723154179-9GV8NCCQ-03N7%26auid%3DAU...
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001723154179-9GV8NCCQ-03N7%26auid...
https://ids.ad.gt/api/v1/openx?openx_id=8b91897c-fa6f-479e-afa8-58b6c803665b&id=AU1D-0100-001723154179-9GV8NCCQ-03N7&auid=AU1D-0100-001723154179-9GV8NCCQ-03N7

43 B
143 B

308ms
308ms

Image
image/gif

54.68.105.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/openx?openx_id=8b91897c-fa6f-479e-afa8-58b6c803665b&id=AU1D-0100-001723154179-9GV8NCCQ-03N7&auid=AU1D-0100-001723154179-9GV8NCCQ-03N7
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Server: 54.68.105.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-105-140.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:20 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

date: Thu, 08 Aug 2024 21:56:20 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://ids.ad.gt/api/v1/openx?openx_id=8b91897c-fa6f-479e-afa8-58b6c803665b&id=AU1D-0100-001723154179-9GV8NCCQ-03N7&auid=AU1D-0100-001723154179-9GV8NCCQ-03N7
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 /
onetag-sys.com/match/ 0
201 B 420ms
129ms Image
text/plain 51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=180&uid=AU1D-0100-001723154179-9GV8NCCQ-03N7&gdpr=0

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/996400781/ 3 KB
2 KB 689ms
138ms Script
text/javascript 2607:f8b0:400d:c0e::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/996400781/?random=1723154179332&cv=9&fst=1723154179332&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=artist%3DJordan%20Davis%3Balbum%3DI%20Ain%27t%20Sayin%27%3Btrack%3DI%20Ain%27t%20Sayin%27%3Bisrcs%3DUSUM72408405%3Bupcs%3D00602468086550%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DUMGN%20-%20Streaming%3Burl%3Dstrm.to%2FIAintSayin%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DEl%20Segundo%3Bartists%3DJordan%20Davis%3Breferrer%3Ddirect%3Baction%3Dpageview&frm=0&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&tiba=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7bbd9418ac46365defae2999b541527dfac0849719115ddd10a8297aa42f274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1675
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/950249395/ 3 KB
2 KB 654ms
136ms Script
text/javascript 2607:f8b0:400d:c0e::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950249395/?random=1723154179340&cv=9&fst=1723154179340&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C466465925%2C509562773%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=artist%3DJordan%20Davis%3Balbum%3DI%20Ain%27t%20Sayin%27%3Btrack%3DI%20Ain%27t%20Sayin%27%3Bisrcs%3DUSUM72408405%3Bupcs%3D00602468086550%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DUMGN%20-%20Streaming%3Burl%3Dstrm.to%2FIAintSayin%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DEl%20Segundo%3Bartists%3DJordan%20Davis%3Breferrer%3Ddirect%3Baction%3Dpageview&frm=0&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&tiba=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a9c31e490f9244356be7017183fc92a63d54e56f1f8d12e3eb8c9d677e4e89b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1689
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723154179381&ns_c=UTF-8&cs_fpid=7fd17edcd401e4c2bdcf579b6c174fac&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscorek...
https://sb.scorecardresearch.com/b2?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723154179381&ns_c=UTF-8&cs_fpid=7fd17edcd401e4c2bdcf579b6c174fac&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscore...

0
225 B

132ms
132ms

Image
text/plain

18.164.116.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723154179381&ns_c=UTF-8&cs_fpid=7fd17edcd401e4c2bdcf579b6c174fac&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscorekw=umg&c7=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&c8=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&c9=
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Server: 18.164.116.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-57.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P6
x-amz-cf-id: H4W_UD9vQv9Ck-bgib4WsRwXbjrPmbtqmD5AEQTXJnI_Lpo9v2pclA==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 08 Aug 2024 21:56:19 GMT
via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723154179381&ns_c=UTF-8&cs_fpid=7fd17edcd401e4c2bdcf579b6c174fac&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscorekw=umg&c7=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&c8=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&c9=
content-length: 0
x-amz-cf-id: qGlk3BpmE2cBWXAZ5IzMV4cU9G0g_ZA0udSMfzcFtjjoTxTRICtaiQ==

OPTIONS pageviews
undefined.records.in.treasuredata.com/streaming_src_qa/ Frame 0
0

OPTIONS
H2 200 pageviews
us01.records.in.treasuredata.com/streaming_src_prod/ Frame 0
0 375ms
119ms Preflight
text/plain 3.224.22.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us01.records.in.treasuredata.com/streaming_src_prod/pageviews?modified=1723154179449

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.22.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-22-198.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://strm.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,User-Agent,Authorization
access-control-allow-methods: HEAD,GET,POST
access-control-allow-origin: https://strm.to
access-control-max-age: 7200
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 08 Aug 2024 21:56:19 GMT
strict-transport-security: max-age=31536000
vary: Origin

POST pageviews
undefined.records.in.treasuredata.com/streaming_src_qa/ 0
0

POST
H2 200 pageviews Show response
us01.records.in.treasuredata.com/streaming_src_prod/ 90 B
416 B 415ms
176ms Fetch
application/vnd.treasuredata.v1.js+json 3.224.22.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us01.records.in.treasuredata.com/streaming_src_prod/pageviews?modified=1723154179449

Requested by

Host: cdn.treasuredata.com
URL: https://cdn.treasuredata.com/sdk/4.0/td.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.22.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-22-198.compute-1.amazonaws.com

Software

Resource Hash

b398a9b24d06d2b31ce1b4968abfa8d6276f01fc2ca218659a0be0d385950c63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/vnd.treasuredata.v1.js+json
Referer: https://strm.to/
Authorization: TD1 12428/c3daa75715f063718eea09d46051aba892b06ad5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/vnd.treasuredata.v1.js+json

Response headers

date: Thu, 08 Aug 2024 21:56:20 GMT
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
content-type: application/vnd.treasuredata.v1.js+json
access-control-allow-origin: https://strm.to
cache-control: no-store
access-control-allow-credentials: true
content-length: 90

GET
H2 200 f1d9d94ded8b13388a12e4bb69e532f1 Show response
c.lytics.io/cid/ 23 B
489 B 123ms
122ms Script
text/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/cid/f1d9d94ded8b13388a12e4bb69e532f1?assign=false&callback=u_69853364589510970

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a2d5ab6cfc665157b92b175efb6b5724148c935c180a0862a40b5ef27783fea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 23
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZh%2BT%2BRpRv0H3GhVj3o5EfokA3PXSKh%2B%2FHIG0foNb6Gz6UvDSTDlK0Zb2vD%2B9qlgqAm2ZPwmTiKob2OqfLDoOPal5acIm99G7w5jBOM42HjwIu5vLLEF9NAi1cXm66jBhVFE%2BwLrldJ6"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: fefe0b3102abe5d008c499e413ddbe19
cf-ray: 8b02c1762f575367-LAX
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

POST
H2 200 p
tr.snapchat.com/ 0
233 B 239ms
114ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://strm.to
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 d680acbc-a653-4168-bd7d-d4157c884ce7 Show response
c.lytics.io/api/personalize/f1d9d94ded8b13388a12e4bb69e532f1/user/_uid/ 319 B
609 B 146ms
145ms Script
application/json 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/f1d9d94ded8b13388a12e4bb69e532f1/user/_uid/d680acbc-a653-4168-bd7d-d4157c884ce7?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22d680acbc-a653-4168-bd7d-d4157c884ce7%22%2C%22utm_source%22%3A%22dotmailer%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_campaign%22%3A%22555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A-10%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22strm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1%22%2C%22_v%22%3A%223.0.36%22%7D&ts=1723154179637&callback=u_537020429146560100

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1634e4bfbb76d36dfac8938dfbed2d510fae8ada83f36350f5c0089dc8662307

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TSUpasWrUyBoTdx2wC4ARyLWUD4yca9WwVfLUWH4zRltPJGq7Ywk1y%2FiBGsJv9ZG%2FpiYC0H4oNV%2FX3BzHIFreitQGbQFo9a934vtXpiXL0b2KYJVMEctY28TyzaYZv5xImN1gwroYusK"}],"group":"cf-nel","max_age":604800}
x-lytics-trace: d0afe1fb2273f6b45b732b51b18e97f6
cf-ray: 8b02c176e8215367-LAX
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
content-length: 232

GET
H2 200 linkfire
c.lytics.io/c/f1d9d94ded8b13388a12e4bb69e532f1/ 35 B
435 B 127ms
126ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/f1d9d94ded8b13388a12e4bb69e532f1/linkfire?_e=pv&utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&_sesstart=1&_tz=-10&_ul=en-US&_sz=1600x1200&album=I%20Ain%27t%20Sayin%27&artist=Jordan%20Davis&artist_tags=Jordan%20Davis&asset=landingpage&board=UMGN%20-%20Streaming&organization=Universal%20Music%20Group&browser=Chrome&channel_category=Owned&city=El%20Segundo&country_code=US&device=desktop&os=Linux&referrer=direct&track=I%20Ain%27t%20Sayin%27&link_type=PreRelease&visitor_token=7fd17edcd401e4c2bdcf579b6c174fac&spotify_url=https%3A%2F%2Fopen.spotify.com%2Ftrack%2F7lCs3stpWCtAn5Y2lmnPhV%3Fgo%3D1&action=pageview&_ts=1723154179516&_nmob=t&_device=desktop&url=strm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&_v=3.0.36&_uid=d680acbc-a653-4168-bd7d-d4157c884ce7&_getid=t

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ojav9v4jLAoj22oKsmU%2BTMZf%2FcbJA82G3wFBrWTCXLotJ6ql7umFrN8ajm4ent7%2BbXAZxm%2BzDJOFuWiRj6NaNMCU%2FWoRy8Qyxw8sgZEg4BJBgBuG03XF%2BIhX9mxbOFZv4qzo2lY9T5Qn"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 03c0488d2531eed558855a6b6537fe72
cf-ray: 8b02c176e8225367-LAX
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 f1d9d94ded8b13388a12e4bb69e532f1
c.lytics.io/c/ 35 B
349 B 134ms
133ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/f1d9d94ded8b13388a12e4bb69e532f1?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&_sesstart=1&_tz=-10&_ul=en-US&_sz=1600x1200&_ts=1723154179617&_nmob=t&_device=desktop&url=strm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&_v=3.0.36&_uid=d680acbc-a653-4168-bd7d-d4157c884ce7&_getid=t

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LolXNEV3gb%2FcNKnuITkbO0lkRFTMc%2FQpFv6GAAVyU4znn7K8OWLN%2FGgv80asHswecwXk5OOJXvNEiVKqgD572b%2F2%2BcfS%2BsZXNRvt4gVxIMMMOWO%2FaxDo1%2BgZaFuezvoTvMzQG9K%2BWUfV"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 029b966fc45d288dd5bbb76e65fbd720
cf-ray: 8b02c176e8235367-LAX
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
93 KB 218ms
217ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SK2KRMG100&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54175133-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70e12cf9caea9f6d0c128c4ac2d37a078b1de10ad5ed80991ef4ae7bb62a08b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95520
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 08 Aug 2024 21:56:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
125ms Script
text/javascript 2607:f8b0:400d:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54175133-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Aug 2024 21:46:10 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 610
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 08 Aug 2024 23:46:10 GMT

GET
H2 200 2078867782340228 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 122ms
121ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2078867782340228?v=2.9.164&r=stable&domain=strm.to&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9f91d3e6350e689be4fde03bd4b3c3904d5745011637f6366f44474b83c9fc6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 08 Aug 2024 21:56:19 GMT
document-policy: force-load-at-top
x-fb-server-load: 40
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12962
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=124, rtx=0, c=64, mss=1297, tbw=64386, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: o0qHoQU5i6eRgP5oyhOhsqTjKuljgxrjSyBNYRTkrVssJbE9DH880LEkEsYTZMT2f7kPVkIDjy4KDsDBmyHvNw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 252ms
80ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=0&partner_id=99&sync=1&domain=strm.to&url=https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://strm.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cf-cache-status: DYNAMIC
cf-ray: 8b02c1786b100c9f-LAX
content-length: 0
content-type: application/json
date: Thu, 08 Aug 2024 21:56:19 GMT
debug: OPTIONS block
server: cloudflare

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 117 B
299 B 83ms
82ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=0&partner_id=99&sync=1&domain=strm.to&url=https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?partner_id=99&sync=1&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a1a02edeb32902984abd564d3bc7059b6ae34b9f4cf8e6b2dc1ada1cfe2589d

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 08 Aug 2024 21:56:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization,content-type
cf-ray: 8b02c178eb970c9f-LAX

POST
H2 200 p
tr6.snapchat.com/ 0
44 B 134ms
112ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 08 Aug 2024 21:56:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 adsct
t.co/i/ 43 B
376 B 615ms
155ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=1&eci=1&event_id=b2f8d80e-c6f2-4d8d-a652-78d5f8107ad9&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d821acd7-b892-46d3-b1fc-44f774ff8c20&tw_document_href=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=numgi&type=javascript&version=2.3.30

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Thu, 08 Aug 2024 21:56:20 GMT
strict-transport-security: max-age=0
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: b55b5cdec51b8910
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d5d8190e5c24461df61e635b5fc7c7f745426a74761b4c5ee5b006ff44689388
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 533ms
93ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=b2f8d80e-c6f2-4d8d-a652-78d5f8107ad9&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d821acd7-b892-46d3-b1fc-44f774ff8c20&tw_document_href=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=numgi&type=javascript&version=2.3.30

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Thu, 08 Aug 2024 21:56:20 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: 173b550ac5bf2496
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 6a4b3c19e169d76b4916b4c166554179b0b18fb2517d9b438dfa91c4b44a3d66
content-length: 43

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
90 KB 168ms
168ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/99

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1638d740b3fefd40bb32988bb2ab6b987e07c0e574c4ba63db6b0e4b9c8e790e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91552
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 08 Aug 2024 21:56:19 GMT

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
87 B 140ms
139ms XHR
text/plain 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/99
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://strm.to
date: Thu, 08 Aug 2024 21:56:19 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b02c177ac172ad0-LAX
vary: Origin

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
88 B 309ms
138ms Script
text/plain 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=1d3e2701a5a913a0e796fcec27031d1e&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/99
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b02c17dea852aa0-LAX

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=40768864.1723154180&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM&dma=0&npa=0&gtm=45be4851v896291560za200&auid=822864404.17231...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=40768864.1723154180&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM&dma=0&npa=0&gtm=45be4851v896291560za200&auid=82...

42 B
64 B

128ms
128ms

Ping
image/gif

173.194.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=40768864.1723154180&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM&dma=0&npa=0&gtm=45be4851v896291560za200&auid=822864404.1723154180&frm=0

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Server

173.194.204.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=40768864.1723154180&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM&dma=0&npa=0&gtm=45be4851v896291560za200&auid=822864404.1723154180&frm=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/990257368/ 3 KB
1 KB 152ms
151ms Script
text/javascript 173.194.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990257368/?random=1723154179789&cv=11&fst=1723154179789&bg=ffffff&guid=ON&async=1&gtm=45be4851v896291560za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&hn=www.googleadservices.com&frm=0&tiba=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&npa=0&pscdl=noapi&auid=822864404.1723154180&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-990257368

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f155.1e100.net

Software

cafe /

Resource Hash

53370a725dd5098c4f9fc68ced453271ce073e74230074765ea05576a2f9c6d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1505
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
84 KB 152ms
152ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-802909747&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54175133-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32f68db987dca6f7dca6b5f858ffab13b4a489d3608ed738546da30460d7493a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85773
x-xss-protection: 0
last-modified: Thu, 08 Aug 2024 21:10:17 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Aug 2024 21:56:19 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/990257368/ 3 KB
2 KB 157ms
155ms Script
text/javascript 173.194.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990257368/?random=1723154179812&cv=11&fst=1723154179812&bg=ffffff&guid=ON&async=1&gtm=45be4851v896291560za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&hn=www.googleadservices.com&frm=0&tiba=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&npa=0&pscdl=noapi&auid=822864404.1723154180&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&delc=United%20States&data=event%3Dpage_view%3Bartist%3DJordan%20Davis%3Balbum%3DI%20Ain%27t%20Sayin%27%3Btrack%3DI%20Ain%27t%20Sayin%27%3Bisrcs%3DUSUM72408405%3Bupcs%3D00602468086550%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DUMGN%20-%20Streaming%3Burl%3Dstrm.to%2FIAintSayin%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DEl%20Segundo%3Bartists%3DJordan%20Davis%3Baction%3Dpageview&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-990257368

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f155.1e100.net

Software

cafe /

Resource Hash

a071f297ffedc567a3b1426e0a145acd50603aee9f6534b76567055f05f99484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1685
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

google
c.lytics.io/c/provider/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm&google_nid=lytics&google_hm=ZDY4MGFjYmMtYTY1My00MTY4LWJkN2QtZDQxNTdjODg0Y2U3
https://c.lytics.io/c/provider/google?google_error=15

35 B
497 B

127ms
127ms

Image
image/gif

2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/provider/google?google_error=15

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:21 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
x-error-message: Not found
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oiJKIWYTUwhpGXdjQhdW0EDD4xiSw0z2KZxqVQGzvD1vkU5OY9IvRzZJh%2F9lW9OtG0eYwmRE6Ej0WBdxWjD%2F3G76JpqoruLa5WeR6EMsQ3FIDJe7lBHVHv7qbcn1h8EIKQE19HIZfdkM"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 187eed148ac5511c359bf217cd51baa6
cf-ray: 8b02c17f59545367-LAX
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c.lytics.io/c/provider/google?google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 529815473883968 Show response
connect.facebook.net/signals/config/ 32 KB
5 KB 122ms
121ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/529815473883968?v=2.9.164&r=stable&domain=strm.to&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

d812f3c0511015c397cb86798af8b46a4d92130bbfb0adae32057045e1108a37

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 08 Aug 2024 21:56:19 GMT
document-policy: force-load-at-top
x-fb-server-load: 37
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5447
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=24, mss=1232, tbw=8106, tp=13, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: NEeZCIOUQvghJSKRzP0BebcmcAprnloeBS5XnZH52shdwWGQSMydoaHjUePa07d1HDBcYw3PGWW2QGrXPFXgXw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.MTM2ZmRjOGQyMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 336 KB
95 KB 154ms
154ms Script
application/javascript 23.212.250.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C56DKSBG5HFBPDLO1D50&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6a01570a34308b3c89e3492bbeac7b2e0c7c3f7156c30260b9796a7624251fb3

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 4ae2fe1c
date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024080813492954FB6C503E64DB4F2C59
x-tt-trace-id: 00-24080813492954FB6C503E64DB4F2C59-7EC7F1D913D86A33-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-220-106-200.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01b6ff0e04a5da8416849409194ee886b37f0d2b2ca5967e55e0188c3f6a54086844d8fddf56bd3141d78ef2b8b99722b8e9fa7b1e09d31d18b6c671618f5b8775d59377f781007b2cdbbfaf6c77cc1e88484f27777cb949d7be7879d35b9dc996
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
content-length: 96994

GET
H2 200 main.MTM2ZmRjOGQyMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 331 KB
94 KB 378ms
378ms Script
application/javascript 23.212.250.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2K14HSST06BEPRUJFA0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b424c8b96a0a79e02312ac23d09607c4006fd6d9242848089fbc19caceed805d

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 4ae2fe1d
date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202408081349132116CF3DB31C745373D8
x-tt-trace-id: 00-2408081349132116CF3DB31C745373D8-721500D7D500628E-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-220-106-200.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e56922edfaae64d6be283a927469d0dadc484a4aba90d52e34846439c0b220b840118821832e626b38202d57a1c18caa65e678f3a800d658b6f62d4f5ef34c4cca1ef33f82f46d37d8bef867d5df63be9688601abc542b145af28cf31e0e0845
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=1
content-length: 95193

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 227 KB
82 KB 132ms
131ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1007439566&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3L75Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb741a39e65dd8bf0bf755d4856bc8ad8aba6292ee1c20822649a96b48fd3bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83801
x-xss-protection: 0
last-modified: Thu, 08 Aug 2024 21:10:17 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Aug 2024 21:56:19 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 112ms
112ms Script
application/javascript 146.75.80.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.80.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 00:26:35 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kcgs7200164-IAD, cache-chi-klot8100177-CHI

POST
H2 200 p
tr.snapchat.com/ 0
47 B 114ms
111ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 08 Aug 2024 21:56:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://strm.to
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 370ms
123ms Fetch
text/plain 2607:f8b0:400d:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-SK2KRMG100&gtm=45je4851v9126390853za200&_p=1723154179012&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=1040921033.1723154180&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1723154179&sct=1&seg=0&dl=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&dt=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&en=page_view&_fv=1&_nsi=1&_ss=1&ep.name=tracker0&epn.cookieExpires=15552000&ep.clientId=66b53f01be7e08.78642175&epn.sampleRate=10&tfd=3042
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SK2KRMG100&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c00::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://strm.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 684008268318676 Show response
connect.facebook.net/signals/config/ 23 KB
3 KB 121ms
121ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/684008268318676?v=2.9.164&r=stable&domain=strm.to&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144%2C131%2C133

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

056082bbc37a4b82b22dbe9a49fa2a6ac1a52cd0641f825249e8bea141df0136

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 08 Aug 2024 21:56:20 GMT
document-policy: force-load-at-top
x-fb-server-load: 44
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2876
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=33, mss=1232, tbw=16366, tp=26, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: Onf1z+oztCfhTna87d5FY78QpNrgNoo3ccM//KB3XWXrUh1S1td+eNiwON2sNU/iHWXu7tQpmo4g6kBYXHsXiw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 399ms
123ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2078867782340228&ev=LF&dl=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&rl=&if=false&ts=1723154180008&cd[artist]=Jordan%20Davis&cd[album]=I%20Ain%27t%20Sayin%27&cd[track]=I%20Ain%27t%20Sayin%27&cd[isrcs]=%5B%22USUM72408405%22%5D&cd[upcs]=%5B%2200602468086550%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=UMGN%20-%20Streaming&cd[url]=strm.to%2FIAintSayin&cd[countryCode]=US&cd[country]=United%20States&cd[city]=El%20Segundo&cd[artists]=%5B%22Jordan%20Davis%22%5D&cd[oid]=6efa2b56-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=8fd5c46c-4c47-11e6-9fd0-066c3e7a8751&cd[linkId]=5cdc0f4e-1738-4cff-b370-8de899458243&cd[furl]=strm.to%2FIAintSayinEM&cd[domain]=strm.to&cd[luuid]=5cdc0f4e-1738-4cff-b370-8de899458243&cd[ouuid]=6efa2b56-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=8fd5c46c-4c47-11e6-9fd0-066c3e7a8751&cd[sid]=7fd17edcd401e4c2bdcf579b6c174fac&cd[uid]=66b53f01be7e08.78642175&cd[channel]=Email&cd[channelCode]=EM&cd[referrer]=direct&cd[timestamp]=08%3A08%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723154180006.900279801323106254&ler=empty&cdl=API_unavailable&it=1723154179693&coo=false&tm=2&rqm=GET

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=10, mss=1297, tbw=2876, tp=-1, tpl=-1, uplat=2, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 08 Aug 2024 21:56:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 476ms
236ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2078867782340228&ev=LF&dl=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&rl=&if=false&ts=1723154180008&cd[artist]=Jordan%20Davis&cd[album]=I%20Ain%27t%20Sayin%27&cd[track]=I%20Ain%27t%20Sayin%27&cd[isrcs]=%5B%22USUM72408405%22%5D&cd[upcs]=%5B%2200602468086550%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=UMGN%20-%20Streaming&cd[url]=strm.to%2FIAintSayin&cd[countryCode]=US&cd[country]=United%20States&cd[city]=El%20Segundo&cd[artists]=%5B%22Jordan%20Davis%22%5D&cd[oid]=6efa2b56-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=8fd5c46c-4c47-11e6-9fd0-066c3e7a8751&cd[linkId]=5cdc0f4e-1738-4cff-b370-8de899458243&cd[furl]=strm.to%2FIAintSayinEM&cd[domain]=strm.to&cd[luuid]=5cdc0f4e-1738-4cff-b370-8de899458243&cd[ouuid]=6efa2b56-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=8fd5c46c-4c47-11e6-9fd0-066c3e7a8751&cd[sid]=7fd17edcd401e4c2bdcf579b6c174fac&cd[uid]=66b53f01be7e08.78642175&cd[channel]=Email&cd[channelCode]=EM&cd[referrer]=direct&cd[timestamp]=08%3A08%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723154180006.900279801323106254&ler=empty&cdl=API_unavailable&it=1723154179693&coo=false&tm=2&rqm=FGET

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xaaabb897ca29092c","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["23:1916903275040945","7811:1916903275040945","10193:1916903275040945","10853:1916903275040945","40:1916903275040945","8050:1916903275040945"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 08 Aug 2024 21:56:21 GMT
x-fb-server-load: 42
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400890854513089869", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=10, mss=1297, tbw=6695, tp=-1, tpl=-1, uplat=89, ullat=0
pragma: no-cache
x-fb-debug: oQ8WcIqDQVW8JreYMlMd2tiezOMpgEwojESNKc4SXkrD75GcDS0EX4ElKRYZNRYmr3hd+UT60IbZktV7G6/z8w==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400890854513089869"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 362ms
124ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2078867782340228&ev=LF_pageview&dl=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&rl=&if=false&ts=1723154180011&cd[artist]=Jordan%20Davis&cd[album]=I%20Ain%27t%20Sayin%27&cd[track]=I%20Ain%27t%20Sayin%27&cd[isrcs]=%5B%22USUM72408405%22%5D&cd[upcs]=%5B%2200602468086550%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=UMGN%20-%20Streaming&cd[url]=strm.to%2FIAintSayin&cd[countryCode]=US&cd[country]=United%20States&cd[city]=El%20Segundo&cd[artists]=%5B%22Jordan%20Davis%22%5D&cd[oid]=6efa2b56-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=8fd5c46c-4c47-11e6-9fd0-066c3e7a8751&cd[linkId]=5cdc0f4e-1738-4cff-b370-8de899458243&cd[furl]=strm.to%2FIAintSayinEM&cd[domain]=strm.to&cd[luuid]=5cdc0f4e-1738-4cff-b370-8de899458243&cd[ouuid]=6efa2b56-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=8fd5c46c-4c47-11e6-9fd0-066c3e7a8751&cd[sid]=7fd17edcd401e4c2bdcf579b6c174fac&cd[uid]=66b53f01be7e08.78642175&cd[channel]=Email&cd[channelCode]=EM&cd[referrer]=direct&cd[timestamp]=08%3A08%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723154180006.900279801323106254&ler=empty&cdl=API_unavailable&it=1723154179693&coo=false&tm=2&rqm=GET

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=10, mss=1297, tbw=3159, tp=-1, tpl=-1, uplat=2, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 08 Aug 2024 21:56:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
847 B 483ms
245ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2078867782340228&ev=LF_pageview&dl=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&rl=&if=false&ts=1723154180011&cd[artist]=Jordan%20Davis&cd[album]=I%20Ain%27t%20Sayin%27&cd[track]=I%20Ain%27t%20Sayin%27&cd[isrcs]=%5B%22USUM72408405%22%5D&cd[upcs]=%5B%2200602468086550%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=UMGN%20-%20Streaming&cd[url]=strm.to%2FIAintSayin&cd[countryCode]=US&cd[country]=United%20States&cd[city]=El%20Segundo&cd[artists]=%5B%22Jordan%20Davis%22%5D&cd[oid]=6efa2b56-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=8fd5c46c-4c47-11e6-9fd0-066c3e7a8751&cd[linkId]=5cdc0f4e-1738-4cff-b370-8de899458243&cd[furl]=strm.to%2FIAintSayinEM&cd[domain]=strm.to&cd[luuid]=5cdc0f4e-1738-4cff-b370-8de899458243&cd[ouuid]=6efa2b56-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=8fd5c46c-4c47-11e6-9fd0-066c3e7a8751&cd[sid]=7fd17edcd401e4c2bdcf579b6c174fac&cd[uid]=66b53f01be7e08.78642175&cd[channel]=Email&cd[channelCode]=EM&cd[referrer]=direct&cd[timestamp]=08%3A08%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723154180006.900279801323106254&ler=empty&cdl=API_unavailable&it=1723154179693&coo=false&tm=2&rqm=FGET

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Thu, 08 Aug 2024 21:56:21 GMT
document-policy: force-load-at-top
x-fb-server-load: 30
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400890854112417996", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=10, mss=1297, tbw=7899, tp=-1, tpl=-1, uplat=92, ullat=0
pragma: no-cache
x-fb-debug: jwbom80o3JHLjyQyIuTXKtNehDIEtKjVO87fRyniMfIKGsDu9ygHohRpSoulTOmJ8o7yWkfhekFvh/ARKkkPgA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400890854112417996"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
99 B 362ms
124ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2078867782340228&ev=PageView&dl=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&rl=&if=false&ts=1723154180015&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=4126&fbp=fb.1.1723154180006.900279801323106254&ler=empty&cdl=API_unavailable&it=1723154179693&coo=false&rqm=GET

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=10, mss=1297, tbw=3159, tp=-1, tpl=-1, uplat=2, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 08 Aug 2024 21:56:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 456ms
236ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2078867782340228&ev=PageView&dl=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&rl=&if=false&ts=1723154180015&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=4126&fbp=fb.1.1723154180006.900279801323106254&ler=empty&cdl=API_unavailable&it=1723154179693&coo=false&rqm=FGET

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Thu, 08 Aug 2024 21:56:21 GMT
document-policy: force-load-at-top
x-fb-server-load: 27
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400890855439222888", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=10, mss=1297, tbw=3409, tp=-1, tpl=-1, uplat=69, ullat=0
pragma: no-cache
x-fb-debug: WxsYchURDeBiHdgdoRx33isq5dUs7si+KnT197gra6MckGAzDuaB7+E3GYbKeSzFknpLQFek0R9B6LZPuSFLvQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400890855439222888"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 624ms
623ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=529815473883968&ev=PageView&dl=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&rl=&if=false&ts=1723154180019&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723154180006.900279801323106254&ler=empty&cdl=API_unavailable&hmd=438d73b0f9e120fb54e457ec&pl=https%3A%2F%2Fstrm.to%2FIAintSayin&it=1723154179693&coo=false&rqm=GET

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=124, rtx=0, c=11, mss=1297, tbw=8894, tp=-1, tpl=-1, uplat=3, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 08 Aug 2024 21:56:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 661ms
660ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=529815473883968&ev=PageView&dl=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&rl=&if=false&ts=1723154180019&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723154180006.900279801323106254&ler=empty&cdl=API_unavailable&hmd=438d73b0f9e120fb54e457ec&pl=https%3A%2F%2Fstrm.to%2FIAintSayin&it=1723154179693&coo=false&rqm=FGET

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9d76d83311423192","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:8547487138595505","7830:8547487138595505","10853:8547487138595505","41:8547487138595505","8046:8547487138595505"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 08 Aug 2024 21:56:21 GMT
x-fb-server-load: 20
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400890855150608517", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=124, rtx=0, c=11, mss=1297, tbw=12471, tp=-1, tpl=-1, uplat=40, ullat=0
pragma: no-cache
x-fb-debug: dnWjZXM/8q3JQPprmxB93bv9Vlv8fWnSl46ZkZkIBCLDIMH/1cJLnFiy8xzMHvGVZZFD1C0EYOGBZTpSvwPM1g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400890855150608517"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 626ms
625ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=529815473883968&ev=LF&dl=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&rl=&if=false&ts=1723154180020&cd[artist]=Jordan%20Davis&cd[album]=I%20Ain%27t%20Sayin%27&cd[track]=I%20Ain%27t%20Sayin%27&cd[isrcs]=%5B%22USUM72408405%22%5D&cd[upcs]=%5B%2200602468086550%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=UMGN%20-%20Streaming&cd[url]=strm.to%2FIAintSayin&cd[countryCode]=US&cd[country]=United%20States&cd[city]=El%20Segundo&cd[artists]=%5B%22Jordan%20Davis%22%5D&cd[oid]=6efa2b56-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=8fd5c46c-4c47-11e6-9fd0-066c3e7a8751&cd[linkId]=5cdc0f4e-1738-4cff-b370-8de899458243&cd[furl]=strm.to%2FIAintSayinEM&cd[domain]=strm.to&cd[luuid]=5cdc0f4e-1738-4cff-b370-8de899458243&cd[ouuid]=6efa2b56-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=8fd5c46c-4c47-11e6-9fd0-066c3e7a8751&cd[sid]=7fd17edcd401e4c2bdcf579b6c174fac&cd[uid]=66b53f01be7e08.78642175&cd[channel]=Email&cd[channelCode]=EM&cd[referrer]=direct&cd[timestamp]=08%3A08%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723154180006.900279801323106254&ler=empty&cdl=API_unavailable&it=1723154179693&coo=false&tm=2&rqm=GET

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=124, rtx=0, c=11, mss=1297, tbw=8894, tp=-1, tpl=-1, uplat=3, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 08 Aug 2024 21:56:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 653ms
652ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=529815473883968&ev=LF&dl=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&rl=&if=false&ts=1723154180020&cd[artist]=Jordan%20Davis&cd[album]=I%20Ain%27t%20Sayin%27&cd[track]=I%20Ain%27t%20Sayin%27&cd[isrcs]=%5B%22USUM72408405%22%5D&cd[upcs]=%5B%2200602468086550%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=UMGN%20-%20Streaming&cd[url]=strm.to%2FIAintSayin&cd[countryCode]=US&cd[country]=United%20States&cd[city]=El%20Segundo&cd[artists]=%5B%22Jordan%20Davis%22%5D&cd[oid]=6efa2b56-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=8fd5c46c-4c47-11e6-9fd0-066c3e7a8751&cd[linkId]=5cdc0f4e-1738-4cff-b370-8de899458243&cd[furl]=strm.to%2FIAintSayinEM&cd[domain]=strm.to&cd[luuid]=5cdc0f4e-1738-4cff-b370-8de899458243&cd[ouuid]=6efa2b56-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=8fd5c46c-4c47-11e6-9fd0-066c3e7a8751&cd[sid]=7fd17edcd401e4c2bdcf579b6c174fac&cd[uid]=66b53f01be7e08.78642175&cd[channel]=Email&cd[channelCode]=EM&cd[referrer]=direct&cd[timestamp]=08%3A08%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723154180006.900279801323106254&ler=empty&cdl=API_unavailable&it=1723154179693&coo=false&tm=2&rqm=FGET

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1d214bf0975f875c","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["23:4491271257586198","23:8547487138595505","7811:4491271257586198","7811:8547487138595505","10193:4491271257586198","10193:8547487138595505","10853:4491271257586198","10853:8547487138595505","40:4491271257586198","40:8547487138595505","8050:4491271257586198","8050:8547487138595505"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 08 Aug 2024 21:56:21 GMT
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400890853871417332", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=124, rtx=0, c=11, mss=1297, tbw=11182, tp=-1, tpl=-1, uplat=32, ullat=0
pragma: no-cache
x-fb-debug: mnn0oUgYE0k5WjEl0vsmxTM7HeFLOTUpO9MChZ7tP1bf+eQMO/vyAYZ7Tvzj95LId9ez3tIhbDdcd4EBf7spFA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400890853871417332"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 626ms
625ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=529815473883968&ev=LF_pageview&dl=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&rl=&if=false&ts=1723154180021&cd[artist]=Jordan%20Davis&cd[album]=I%20Ain%27t%20Sayin%27&cd[track]=I%20Ain%27t%20Sayin%27&cd[isrcs]=%5B%22USUM72408405%22%5D&cd[upcs]=%5B%2200602468086550%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=UMGN%20-%20Streaming&cd[url]=strm.to%2FIAintSayin&cd[countryCode]=US&cd[country]=United%20States&cd[city]=El%20Segundo&cd[artists]=%5B%22Jordan%20Davis%22%5D&cd[oid]=6efa2b56-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=8fd5c46c-4c47-11e6-9fd0-066c3e7a8751&cd[linkId]=5cdc0f4e-1738-4cff-b370-8de899458243&cd[furl]=strm.to%2FIAintSayinEM&cd[domain]=strm.to&cd[luuid]=5cdc0f4e-1738-4cff-b370-8de899458243&cd[ouuid]=6efa2b56-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=8fd5c46c-4c47-11e6-9fd0-066c3e7a8751&cd[sid]=7fd17edcd401e4c2bdcf579b6c174fac&cd[uid]=66b53f01be7e08.78642175&cd[channel]=Email&cd[channelCode]=EM&cd[referrer]=direct&cd[timestamp]=08%3A08%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=4126&fbp=fb.1.1723154180006.900279801323106254&ler=empty&cdl=API_unavailable&it=1723154179693&coo=false&tm=2&rqm=GET

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=124, rtx=0, c=11, mss=1297, tbw=8894, tp=-1, tpl=-1, uplat=3, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 08 Aug 2024 21:56:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 649ms
648ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=529815473883968&ev=LF_pageview&dl=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&rl=&if=false&ts=1723154180021&cd[artist]=Jordan%20Davis&cd[album]=I%20Ain%27t%20Sayin%27&cd[track]=I%20Ain%27t%20Sayin%27&cd[isrcs]=%5B%22USUM72408405%22%5D&cd[upcs]=%5B%2200602468086550%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=UMGN%20-%20Streaming&cd[url]=strm.to%2FIAintSayin&cd[countryCode]=US&cd[country]=United%20States&cd[city]=El%20Segundo&cd[artists]=%5B%22Jordan%20Davis%22%5D&cd[oid]=6efa2b56-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=8fd5c46c-4c47-11e6-9fd0-066c3e7a8751&cd[linkId]=5cdc0f4e-1738-4cff-b370-8de899458243&cd[furl]=strm.to%2FIAintSayinEM&cd[domain]=strm.to&cd[luuid]=5cdc0f4e-1738-4cff-b370-8de899458243&cd[ouuid]=6efa2b56-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=8fd5c46c-4c47-11e6-9fd0-066c3e7a8751&cd[sid]=7fd17edcd401e4c2bdcf579b6c174fac&cd[uid]=66b53f01be7e08.78642175&cd[channel]=Email&cd[channelCode]=EM&cd[referrer]=direct&cd[timestamp]=08%3A08%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=4126&fbp=fb.1.1723154180006.900279801323106254&ler=empty&cdl=API_unavailable&it=1723154179693&coo=false&tm=2&rqm=FGET

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x8e1be71e1978e242","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["23:8547487138595505","7811:8547487138595505","10193:8547487138595505","10853:8547487138595505","40:8547487138595505","8050:8547487138595505"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 08 Aug 2024 21:56:21 GMT
x-fb-server-load: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400890855144052288", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=124, rtx=0, c=11, mss=1297, tbw=10001, tp=-1, tpl=-1, uplat=27, ullat=0
pragma: no-cache
x-fb-debug: UGO4S5SXRJKjVIBornCXZYU40v6PDPC9VKqSMO6xFIqhjzMqnqFzlAs6G/mMzdNteDV8QZz3Fg1m7QkXWmeDZw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400890855144052288"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/802909747/ 3 KB
1 KB 136ms
135ms Script
text/javascript 173.194.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/802909747/?random=1723154180054&cv=11&fst=1723154180054&bg=ffffff&guid=ON&async=1&gtm=45be4851v9161945549za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&hn=www.googleadservices.com&frm=0&tiba=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&npa=0&pscdl=noapi&auid=822864404.1723154180&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-802909747&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f155.1e100.net

Software

cafe /

Resource Hash

32e602a39b594848eeddbc4907ff2863c29725acc7736e8ad5d49186f3307328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1506
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/802909747/ 3 KB
2 KB 139ms
139ms Script
text/javascript 173.194.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/802909747/?random=1723154180065&cv=11&fst=1723154180065&bg=ffffff&guid=ON&async=1&gtm=45be4851v9161945549za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&hn=www.googleadservices.com&frm=0&tiba=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&npa=0&pscdl=noapi&auid=822864404.1723154180&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&delc=United%20States&data=event%3Dpage_view%3Bartist%3DJordan%20Davis%3Balbum%3DI%20Ain%27t%20Sayin%27%3Btrack%3DI%20Ain%27t%20Sayin%27%3Bisrcs%3DUSUM72408405%3Bupcs%3D00602468086550%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DUMGN%20-%20Streaming%3Burl%3Dstrm.to%2FIAintSayin%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DEl%20Segundo%3Bartists%3DJordan%20Davis%3Baction%3Dpageview&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-802909747&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f155.1e100.net

Software

cafe /

Resource Hash

974228ad49c56cdaa83118a402134d95b09ea47d4ed35b69e64703be95895149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1683
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 6e5138e55e9e918af01821a32e8019de1cca6c15
p.scdn.co/mp3-preview/ 64 KB
0 184ms
62ms Media
audio/mpeg 2a04:4e42:4f::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.scdn.co/mp3-preview/6e5138e55e9e918af01821a32e8019de1cca6c15?cid=18fc7b00a64d447393f6ee0dd98a70be
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4f::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://strm.to/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 08 Aug 2024 21:56:21 GMT
Age: 1238056
X-Cache: HIT
Content-Range: bytes 0-359684/359685
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 359685
X-Served-By: cache-bur-kbur8200076-BUR
Last-Modified: Mon, 15 Jul 2024 15:32:21 GMT
ETag: "21087b907af5713d360d72155515f4de"
x-goog-generation: 1721057541093247
Content-Type: audio/mpeg
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0
x-goog-stored-content-length: 359685
x-amz-checksum-crc32c: cmq1Aw==
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
143 B 90ms
90ms Image
image/gif 54.68.105.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001723154179-9GV8NCCQ-03N7&halo_id=060ixdlju6a65hicigj8bhbjf8jdl7a9lieuok0wi0e0ysuiuqw4gsgwo4wk02e60
Requested by: Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.105.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-105-140.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:20 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK 6e5138e55e9e918af01821a32e8019de1cca6c15 Show response
p.scdn.co/mp3-preview/ 351 KB
352 KB 234ms
63ms XHR
audio/mpeg 2a04:4e42:4f::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.scdn.co/mp3-preview/6e5138e55e9e918af01821a32e8019de1cca6c15?cid=18fc7b00a64d447393f6ee0dd98a70be
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/legacy-scripts.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4f::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa42d02647fd68b0a953613d573a72d3dc8c1a51460163e8dbfe867b694bb4c0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 08 Aug 2024 21:56:20 GMT
Age: 1238056
X-Cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 359685
X-Served-By: cache-chi-kigq8000022-CHI, cache-lax-kwhp1940056-LAX
Last-Modified: Mon, 15 Jul 2024 15:32:21 GMT
ETag: "21087b907af5713d360d72155515f4de"
x-goog-generation: 1721057541093247
Content-Type: audio/mpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, no-transform
x-goog-stored-content-length: 359685
x-amz-checksum-crc32c: cmq1Aw==
Accept-Ranges: bytes
X-Cache-Hits: 22, 0

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
57 B 146ms
145ms XHR
text/plain 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://strm.to
date: Thu, 08 Aug 2024 21:56:20 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b02c179dea52ad0-LAX
vary: Origin

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
54 B 139ms
137ms Script
text/plain 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=c3a290a97643a4fc08ab7025349dee6d&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b02c17f1ba72aa0-LAX

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
34 B 145ms
143ms XHR
text/plain 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/99
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://strm.to
date: Thu, 08 Aug 2024 21:56:20 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b02c179deab2ad0-LAX
vary: Origin

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1007439566/ 3 KB
1 KB 141ms
139ms Script
text/javascript 173.194.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007439566/?random=1723154180117&cv=11&fst=1723154180117&bg=ffffff&guid=ON&async=1&gtm=45be4851za201&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&hn=www.googleadservices.com&frm=0&tiba=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&npa=0&pscdl=noapi&auid=822864404.1723154180&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1007439566&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f155.1e100.net

Software

cafe /

Resource Hash

47d19bef805d667760b18e0f7313debdaec8b466601389e047fec416d19c5c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1484
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 626ms
625ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=684008268318676&ev=PageView&dl=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&rl=&if=false&ts=1723154180150&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723154180006.900279801323106254&ler=empty&cdl=API_unavailable&it=1723154179693&coo=false&rqm=GET

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=124, rtx=0, c=11, mss=1297, tbw=8894, tp=-1, tpl=-1, uplat=3, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 08 Aug 2024 21:56:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
847 B 638ms
637ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=684008268318676&ev=PageView&dl=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&rl=&if=false&ts=1723154180150&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723154180006.900279801323106254&ler=empty&cdl=API_unavailable&it=1723154179693&coo=false&rqm=FGET

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Thu, 08 Aug 2024 21:56:21 GMT
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400890854989923211", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=124, rtx=0, c=11, mss=1297, tbw=9132, tp=-1, tpl=-1, uplat=17, ullat=0
pragma: no-cache
x-fb-debug: yekzNQ35h9abWmD5II1F1Iez5dP6agUMTTtEGirfO2ASf5/zUXPB/UPF0t7yqjkDJ2yE3Z+vTdQDCb0VZ0S2EA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400890854989923211"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_c2008b8c.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 154ms
154ms Script
application/javascript 23.212.250.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_c2008b8c.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 4ae30309
date: Thu, 08 Aug 2024 21:56:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240729124351067360FBADA2051AD3A0
x-tt-trace-id: 00-240729124351067360FBADA2051AD3A0-2D5B6F6EC6668962-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-220-106-200.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0179ba8b8707517b137b29ff493e5156601cc8c07633db1d7a6541f7834b29b3b93fac87b9eba525f8ff73c2ccf953cc035b66ed2de91387ed4f4a39b517710ac06279a827724fedf1ec453c36e0fea08fdfca2af2bf597c0fbc3875a51537e3b5
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 39366

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
702 B 191ms
189ms Ping
text/plain 23.212.250.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4ae3030a
date: Thu, 08 Aug 2024 21:56:20 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240808215620B73AA54A2CE83A7B9022-7DEE35B6628C2DF2-00
x-cache: TCP_MISS from a23-220-106-200.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=38, cdn-cache; desc=MISS, edge; dur=9, origin; dur=42
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240808215620B73AA54A2CE83A7B9022
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 42,23.220.106.200
x-tt-trace-host: 016cc988764925f3f50455469c7fbe91aeb48def40adf67fd3534affaaee994df89e18bc0f85496f6a3180cc3550f872086534f5d0aeac29c549337a8748c2fc7db0549a7102403924322c96ffaaf3f6c0a1936006e88ab7dbd2b951cde665747f
access-control-allow-headers: Authorization,*
expires: Thu, 08 Aug 2024 21:56:20 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
860 B 181ms
179ms Ping
text/plain 23.212.250.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4769a2a.4ae3030b
date: Thu, 08 Aug 2024 21:56:20 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408082156203A15E998CDC27378778B-318AC59B0EB127F9-00
x-cache: TCP_MISS from a23-220-106-200.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 43,23.220.106.200
server-timing: cdn-cache; desc=MISS, edge; dur=22, origin; dur=31, inner; dur=27
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202408082156203A15E998CDC27378778B
x-cache-remote: TCP_MISS from a23-220-104-74.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 31,23.220.104.74
x-tt-trace-host: 016cc988764925f3f50455469c7fbe91aeb48def40adf67fd3534affaaee994df8729d41c4cc641b9a64c590f7813fb891bc715e245f271c14f62e97b9f091fdc8a88364fc826355143728994cbc760c1c6be5ed11656a87b9dbbce8ba8d3beb4bafadf020a7f60bac2e59c3a3ec90ffe6
access-control-allow-headers: Authorization,*
expires: Thu, 08 Aug 2024 21:56:20 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
861 B 206ms
204ms Ping
text/plain 23.212.250.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 153d5c0d.4ae3030c
date: Thu, 08 Aug 2024 21:56:20 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240808215620A0F67CBFCE3DBF82BAEE-4DC15DBB49782E06-00
x-cache: TCP_MISS from a23-220-106-200.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 70,23.220.106.200
server-timing: cdn-cache; desc=MISS, edge; dur=34, origin; dur=44, inner; dur=40
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240808215620A0F67CBFCE3DBF82BAEE
x-cache-remote: TCP_MISS from a23-48-200-72.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 44,23.48.200.72
x-tt-trace-host: 016cc988764925f3f50455469c7fbe91aeb48def40adf67fd3534affaaee994df8f20bc73efae46b278519e1bc7b8da8ba1159feaec9f4e94ea64925ab06449d4e03b1a68de08e1179cc8688b06547117e1fce35960ff12c60486d7a44d64895100435430d4fefbc1ad26dac5c2b1678e6
access-control-allow-headers: Authorization,*
expires: Thu, 08 Aug 2024 21:56:20 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
701 B 181ms
179ms Ping
text/plain 23.212.250.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4ae3030d
date: Thu, 08 Aug 2024 21:56:20 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240808215620699612F70E1072A34AED-52570CAAA0907A0E-00
x-cache: TCP_MISS from a23-220-106-200.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=32, cdn-cache; desc=MISS, edge; dur=9, origin; dur=37
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240808215620699612F70E1072A34AED
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 37,23.220.106.200
x-tt-trace-host: 016cc988764925f3f50455469c7fbe91aeb48def40adf67fd3534affaaee994df8a9814c142446c98075ee76c95fab73b46dcfa0b056fe102506699efafd01b44da445942a20511b92f865395d9840918bba452d6d87ad004444c40a8d81c5cde3
access-control-allow-headers: Authorization,*
expires: Thu, 08 Aug 2024 21:56:20 GMT

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 103 KB
22 KB 370ms
369ms Script
text/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a0f3694e0c1a799d58c517dc9fc267b089fffd11d447d9d379daff24c362010

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:20 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 21:07:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2942
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=77DSOSgAPISQGzT7RbXLsIjl2RiY83%2FWe1RVWrJdwB56abMxgY6s4KSoys7c24tnnqVi175eWYJPcA%2FINkejXwlTbe3Es%2BA3L8%2FLUvieGGHqfev5DYW1VEY7TwsBngPrPF5jFcM%2FJ557"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 8b02c17d0eba5367-LAX

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
744 B 249ms
248ms Script
text/javascript 2607:f8b0:400d:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 08 Aug 2024 22:35:11 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 245ms
245ms Script
text/javascript 2607:f8b0:400d:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:45:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 08 Aug 2024 22:45:02 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 241ms
241ms XHR
text/plain 2607:f8b0:400d:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1468370491&t=pageview&_s=1&dl=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&ul=en-us&de=UTF-8&dt=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUIZAAAAACAAI~&jid=658582774&gjid=1954590216&cid=1040921033.1723154180&tid=UA-54175133-1&_gid=89442217.1723154180&_r=1&gtm=457e4851za200&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&jsscut=1&z=1975612392

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMQ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://strm.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
703 B 197ms
195ms Ping
text/plain 23.212.250.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.200 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4ae3057d
date: Thu, 08 Aug 2024 21:56:20 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240808215620B73AA54A2CE83A7B9035-798325C3DE7EB2F7-00
x-cache: TCP_MISS from a23-220-106-200.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=34, cdn-cache; desc=MISS, edge; dur=19, origin; dur=43
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240808215620B73AA54A2CE83A7B9035
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 44,23.220.106.200
x-tt-trace-host: 016cc988764925f3f50455469c7fbe91aeb48def40adf67fd3534affaaee994df89e18bc0f85496f6a3180cc3550f872083b27332b405e7a7b2e4e2a31739dd0ad73034a894e52455225758bc40fb98c1dd9ab2b15a42dd7e49d829e80381774df
access-control-allow-headers: Authorization,*
expires: Thu, 08 Aug 2024 21:56:20 GMT

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 21 KB
4 KB 72ms
72ms Stylesheet
text/css 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efdc3d2e048a532d0bd1b49483ea9908ce1d60e3518971f08faa118f344b76f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:20 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 21:44:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 687
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fZMcn0C6fA24eLNOHCgFJheESeI6Zf6dwTAjkjqqukDJ2zO3zAh%2FpP7vKfr8phDxcn0TcMEUS%2FhkS4%2BRXNz5CalKw4XGkNdJWglYXcDINJ%2FQgyaUSjvFXZMG2JnZRotw59l%2F39ndD6I2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 8b02c17d9f3b5367-LAX

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/f1d9d94ded8b13388a12e4bb69e532f1/ 302 B
579 B 73ms
73ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/program/campaign/config/f1d9d94ded8b13388a12e4bb69e532f1/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebb10e03bfe495ef4a51f61ab2e3c9e3b94cb8bc1e4b2c5294e9d8c94550fb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:20 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4111
content-length: 215
last-modified: Thu, 08 Aug 2024 20:47:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Osx6puOFBazlTRPdkI6a30dZQexecJLEzMRUpgjcmqNxn3nAsDMvMeJMOWfEkw%2B%2F72J%2FhuMVIwBMioV1ZtObzeJ1Xv7u8sL8NL3O0zjYel5hbLnH6joREFkAcp9nC3mJ%2BROX1FCkZRDY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
x-lytics-trace: dd66215193b43fd4c98467c9981586d5
accept-ranges: bytes
cf-ray: 8b02c17d9f3d5367-LAX

GET
H3 200 /
www.google.com/pagead/1p-user-list/950249395/ 42 B
64 B 394ms
144ms Image
image/gif 142.251.163.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/950249395/?random=1723154179340&cv=9&fst=1723150800000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C466465925%2C509562773%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=artist%3DJordan%20Davis%3Balbum%3DI%20Ain%27t%20Sayin%27%3Btrack%3DI%20Ain%27t%20Sayin%27%3Bisrcs%3DUSUM72408405%3Bupcs%3D00602468086550%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DUMGN%20-%20Streaming%3Burl%3Dstrm.to%2FIAintSayin%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DEl%20Segundo%3Bartists%3DJordan%20Davis%3Breferrer%3Ddirect%3Baction%3Dpageview&frm=0&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&tiba=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfv3CyKwVOgUqhZcd2KFVc9q6ds1oSqrgTekJOJ3xlxioSN-vx&random=4004004586&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.99 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/996400781/ 42 B
64 B 351ms
137ms Image
image/gif 142.251.163.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/996400781/?random=1723154179332&cv=9&fst=1723150800000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=artist%3DJordan%20Davis%3Balbum%3DI%20Ain%27t%20Sayin%27%3Btrack%3DI%20Ain%27t%20Sayin%27%3Bisrcs%3DUSUM72408405%3Bupcs%3D00602468086550%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DUMGN%20-%20Streaming%3Burl%3Dstrm.to%2FIAintSayin%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DEl%20Segundo%3Bartists%3DJordan%20Davis%3Breferrer%3Ddirect%3Baction%3Dpageview&frm=0&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&tiba=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf0YCzO4wtl8FmfdbaW5f6Axljx5QpiuwGwMXEtiVG6i6C6c_a&random=3521464166&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.99 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/990257368/ 42 B
64 B 302ms
137ms Image
image/gif 142.251.163.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/990257368/?random=1723154179789&cv=11&fst=1723150800000&bg=ffffff&guid=ON&async=1&gtm=45be4851v896291560za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&hn=www.googleadservices.com&frm=0&tiba=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&npa=0&pscdl=noapi&auid=822864404.1723154180&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf4L85ndHsgHahbN9cvkxbhPilAaCy4eTU2tAxt0n7M8oZHFlu&random=2851506278&rmt_tld=0&ipr=y

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.99 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/990257368/ 42 B
64 B 204ms
137ms Image
image/gif 142.251.163.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/990257368/?random=1723154179812&cv=11&fst=1723150800000&bg=ffffff&guid=ON&async=1&gtm=45be4851v896291560za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&hn=www.googleadservices.com&frm=0&tiba=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&npa=0&pscdl=noapi&auid=822864404.1723154180&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&delc=United%20States&data=event%3Dpage_view%3Bartist%3DJordan%20Davis%3Balbum%3DI%20Ain%27t%20Sayin%27%3Btrack%3DI%20Ain%27t%20Sayin%27%3Bisrcs%3DUSUM72408405%3Bupcs%3D00602468086550%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DUMGN%20-%20Streaming%3Burl%3Dstrm.to%2FIAintSayin%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DEl%20Segundo%3Bartists%3DJordan%20Davis%3Baction%3Dpageview&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfwuZiPZD3KB1_Q4TvzyQzDLKcXav7fYI-gO7mvL0VUC3Eg5mw&random=4031730850&rmt_tld=0&ipr=y

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.99 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/802909747/ 42 B
64 B 137ms
136ms Image
image/gif 142.251.163.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/802909747/?random=1723154180054&cv=11&fst=1723150800000&bg=ffffff&guid=ON&async=1&gtm=45be4851v9161945549za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&hn=www.googleadservices.com&frm=0&tiba=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&npa=0&pscdl=noapi&auid=822864404.1723154180&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf9hRyUz-rkFdeq4_346xp7TA-IcFFPIvk3m3XDrTFeiHd92VO&random=1850885217&rmt_tld=0&ipr=y

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.99 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/802909747/ 42 B
64 B 136ms
135ms Image
image/gif 142.251.163.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/802909747/?random=1723154180065&cv=11&fst=1723150800000&bg=ffffff&guid=ON&async=1&gtm=45be4851v9161945549za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&hn=www.googleadservices.com&frm=0&tiba=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&npa=0&pscdl=noapi&auid=822864404.1723154180&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&delc=United%20States&data=event%3Dpage_view%3Bartist%3DJordan%20Davis%3Balbum%3DI%20Ain%27t%20Sayin%27%3Btrack%3DI%20Ain%27t%20Sayin%27%3Bisrcs%3DUSUM72408405%3Bupcs%3D00602468086550%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DUMGN%20-%20Streaming%3Burl%3Dstrm.to%2FIAintSayin%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DEl%20Segundo%3Bartists%3DJordan%20Davis%3Baction%3Dpageview&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf1dMLGltoS3ccRmpsibcgVA2iwwF1oC9FBXzGWAZeCnXbetrR&random=480366766&rmt_tld=0&ipr=y

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.99 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1007439566/ 42 B
64 B 140ms
140ms Image
image/gif 142.251.163.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1007439566/?random=1723154180117&cv=11&fst=1723150800000&bg=ffffff&guid=ON&async=1&gtm=45be4851za201&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fstrm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&hn=www.googleadservices.com&frm=0&tiba=Jordan%20Davis%20-%20I%20Ain%27t%20Sayin%27&npa=0&pscdl=noapi&auid=822864404.1723154180&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfkg_M2bMpqE5xiS0Q-M_h9FbY1hY8OWZThJnAuZVeAfTqUwSy&random=1257664137&rmt_tld=0&ipr=y

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.99 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Aug 2024 21:56:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google_dv360
c.lytics.io/c/f1d9d94ded8b13388a12e4bb69e532f1/ 35 B
338 B 121ms
121ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/f1d9d94ded8b13388a12e4bb69e532f1/google_dv360?_ts=1723154181114&_nmob=t&_device=desktop&url=strm.to%2FIAintSayinEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D555263_08.08.2024_UMG_NL13_Country_Actives_231777_US%26dm_i%3D4YU9%2CBWFZ%2C3D2TUN%2C1SGWS%2C1&_ga=GA1.2.1040921033.1723154180&_uid=d680acbc-a653-4168-bd7d-d4157c884ce7&_v=3.0.36

Requested by

Host: strm.to
URL: https://strm.to/IAintSayinEM?utm_source=dotmailer&utm_medium=email&utm_campaign=555263_08.08.2024_UMG_NL13_Country_Actives_231777_US&dm_i=4YU9,BWFZ,3D2TUN,1SGWS,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:21 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xcg4k0veIfAnIIYyAkqQp006e42MvgidvFPCLNFngA9D7srkJuyFToRidLGmBOUt1YCdJl6QXf%2Fk%2F0Ly5Qx76yAKPsgS1DUA73kK%2BvZSPE6buF42VsZej52qYLT7bUiIMy%2F7o95qC33S"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 3e95625d145199b37571206b5963fad8
cf-ray: 8b02c1802a425367-LAX
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 play_button.svg
static.assetlab.io/music-player/img/refresh/ 2 KB
1 KB 129ms
129ms Image
image/svg+xml 13.224.214.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/music-player/img/refresh/play_button.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-111.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4601e6cd3682181d1b4d848bf0489f3ed31e13bb0acb0f7644700e4003384096

Request headers

Referer: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 07:02:57 GMT
x-amz-version-id: s9hjxzwxVVT_MW.raFSY0xxMrHWuW0SM
content-encoding: gzip
last-modified: Wed, 21 Feb 2024 09:12:02 GMT
server: AmazonS3
via: 1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
etag: W/"dbba70514c1c467e839c19df0c7713d4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 53605
x-amz-cf-id: h6tukN8DVX9fYT0uSiN_DDYOs40yj3JObQkM6zheJvlMkOP6sGlMrQ==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 385ms
136ms XHR
application/json 209.85.201.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202408070101&st=env

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMQ.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f156.1e100.net

Software

cafe /

Resource Hash

af3171b83e749c88da9ea42022890f4b6d3ea57ffea6244e9f20a13d1493f4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12881
x-xss-protection: 0

GET
H3 200 pixel
bid.g.doubleclick.net/xbbe/ Frame 9356 0
0 385ms
139ms Document
text/html 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Aug 2024 21:56:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel
bid.g.doubleclick.net/xbbe/ Frame 4D3F 0
0 527ms
142ms Document
text/html 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Aug 2024 21:56:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 376ms
125ms Script
text/javascript 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31086023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 21:56:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Aug 2024 21:56:22 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 048A 0
0 367ms
123ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://strm.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 61920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Aug 2024 04:44:23 GMT
expires: Fri, 08 Aug 2025 04:44:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 53E0 0
0 386ms
140ms Document
text/html 142.251.163.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.104 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f104.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jvOK_5YqlT1SKbhAwxsaHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://strm.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-jvOK_5YqlT1SKbhAwxsaHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Aug 2024 21:56:23 GMT
expires: Thu, 08 Aug 2024 21:56:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
static.assetlab.io/redirector-prod/3.163.0/img/icons/ 1 KB
2 KB 128ms
128ms Other
image/vnd.microsoft.icon 13.224.214.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.163.0/img/icons/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-111.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6612dd210a4b7623c5c1f4e0d1cc38745fe818da57d3af521527d4cae9d06df1

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: mqJ.lIUN0AkXBSiLtOueXhGmSjTjnW7Y
date: Thu, 08 Aug 2024 12:31:44 GMT
via: 1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
last-modified: Tue, 06 Aug 2024 12:23:26 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 33880
x-amz-server-side-encryption: AES256
etag: "a1dc412a42d1c7f6a905633a93f0fe06"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
content-length: 1150
x-amz-cf-id: xb6gODkDwl-t0pYgiJCkM1WlNgasdZ-YFkVfWPYYQvbWfZHt3bXBzg==

GET
H2 200 favicon-32x32.png
static.assetlab.io/redirector-prod/3.163.0/img/icons/ 890 B
1 KB 129ms
129ms Other
image/png 13.224.214.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.163.0/img/icons/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-111.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bb9eaf55f6b1925fd4cd5c541bbecf276034beaeb6709556bfbce24990239de

Request headers

Referer: https://strm.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: DS8ulPp.EToRPN.DEL9AexmqElistBoN
date: Thu, 08 Aug 2024 12:37:49 GMT
via: 1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
last-modified: Tue, 06 Aug 2024 12:23:26 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 33527
x-amz-server-side-encryption: AES256
etag: "a55d7209ea91a404dd1317f89985f559"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 890
x-amz-cf-id: t8ottxja5202N5zX9dbSm7PRLOdL_CqOhYJLkHAWoImCz83h09uHMw==

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: undefined.records.in.treasuredata.com
URL: https://undefined.records.in.treasuredata.com/streaming_src_qa/pageviews?modified=1723154179444

Domain: undefined.records.in.treasuredata.com
URL: https://undefined.records.in.treasuredata.com/streaming_src_qa/pageviews?modified=1723154179444

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202408070101&jk=4025093137154193&bg=!NjWlNXrNAAZjy5caQ8s7ADQBe5WfOIJO5AGsCzoBsXX39GSrWlYWjEivOt68xLYsMJurndjyeBLv0igE3Cvm84IfTNDpAgAAAEhSAAAAA2gBB34ANg0H6vGUWg18C25BwCL3GLifLOuJ_ooN-dj-DM2-HfNIpgoPwdwoiuZ5RzyoZRPLLxEmyuCebwoACqssY8CPhHeTFuCZAq1ChANsLISgog0_3J3U_GbVyZ59gA51LsK5RJ3W1Pg-PM9n7Q9xKfcBVegTN_yiLuMIMpxYVjvvZlZxXBIB8VNAa0tvjTgYGdl8eCPA2UjWOwbkewDmL5L-HrQOFqLHeRkPb1279nlmcqStW-a3nKaZBO2CaXnaynQDSmMkshxvo_-CWEr8Y1XEjbSB_jdNMtXk5yNHIUfDEUaVc1hE2wSyX3AQrofuKo8CjTiwOJ8ZkoDQToDNBj8haw8jbJ_sL8fIDI91Oy5TjxuzyVEyF8i9seISdAsY3Sp1VUlu2EvUrW9BCJqr1j1B9FIyuS59wejdD48a4D6XcUzj7OSeuAW7GaTXD13fs9DMvLyGQKJkZ4gzEoQ6KNFuRLDnwArgr48kR16t5ZSE8ngwAgCJ6V_b9EDwaXKWJaOxPVtzyfOidU-xllgopg_q1M1Vo5KwtJajZ14knJo8da5zpO9PXbcHFhnLlp-RWWysGr3KxT2NPMq-7yN6dFruHTV1BFTELHR4BtJ_sDUuqZ_v3GK805J4jax2HkE6-hU0LdpU7jpKE02s_kP9VmNQn-crpPFzNG-Xx9TBH8fPcAR8jtTmH-wu9juUBdmyRrKDAKuNnjcyGL1b8ykradM30MK4TV7KkdJJWwP-fg2ZNlVSQaFAmZfP-i9IiKhO5yDrGFYqiseAUCYEYg9mmnIuwB9I98Jf8BfDy1CP_FUIqemdAvbAIfcZF-Bst8wG0dlzA1kL986kVuBZ6wA31vKDU1GBh_-aM3Dde8rX89T1hv7lAvFEKiL64YCNgTdmfzNqbPnzUB_iokSUCvxmERWo-lENW3Lp1tohTQjRSH0jh1VCXxUgolaaZ_ZT7JtNu6_fZg-8ApGq_GDtWE4ZoRaUTINdTJ4O_yisuDdCTYEDiZRXF76Z

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 22:40:40	Name: X-AB Value: 337ad666b6fa47c5814d4e0888c3a9b4
.us.umusic-online.com/	1970-01-20 22:39:15	Name: __cf_bm Value: rgC8WvjJosVzrQEqRkd2YPAmTBEAt_blfNT5EUCL1D0-1723154177-1.0.1.1-O8hs2bdQZQRjciaCPnY6ENsNRrBYeIVffyVxV2AIYcVmFtPA7I119AyrxbWJmSV68m3Ye80Ah1K1cxEDu8m6IQ
.strm.to/	1970-01-20 22:39:14	Name: LF_session_2142595c9f521161ed07c59b3f0a3b6d Value: 1
.strm.to/	1970-01-21 08:00:50	Name: __gads Value: ID=df6712abfb89f604:T=1723154179:RT=1723154179:S=ALNI_MbIRkOhXWc2IWAxuVcIfqylPpKOZw
.strm.to/	1970-01-21 08:00:50	Name: __gpi Value: UID=00000ec873028b8f:T=1723154179:RT=1723154179:S=ALNI_MZZ0BX9izvbCPQQ6luWiF5yFve-yA
.strm.to/	1970-01-21 02:58:26	Name: __eoi Value: ID=92d74efc26ab4b5a:T=1723154179:RT=1723154179:S=AA-Afjb9kyK6_VX6wbW-7D5bcLpm
.ad.gt/	1969-12-31 23:59:59	Name: au_3p_check Value: 1
.strm.to/	1970-01-21 08:09:00	Name: _scid Value: 770367bb-cdeb-4d17-9a7b-6140a1ec3d51
.strm.to/	1970-01-21 08:09:00	Name: _scid_r Value: 770367bb-cdeb-4d17-9a7b-6140a1ec3d51
.strm.to/	1970-01-21 07:24:50	Name: _au_1d Value: AU1D-0100-001723154179-9GV8NCCQ-03N7
.strm.to/	1970-01-21 08:15:14	Name: __td_signed Value: true
.strm.to/	1970-01-21 08:15:14	Name: _td Value: 987f75ce-e5df-4af8-80a5-60b8d3b906ec
.strm.to/	1970-01-20 22:39:15	Name: seerses Value: e
.scorecardresearch.com/	1970-01-21 08:00:50	Name: UID Value: 1D4e0ea4b5ee0589a7e5ba11723154179
.scorecardresearch.com/	1970-01-21 08:00:50	Name: XID Value: 1D4e0ea4b5ee0589a7e5ba11723154179
.strm.to/	1970-01-20 22:49:18	Name: _ScCbts Value: %5B%5D
.strm.to/	1970-01-21 08:15:14	Name: seerid Value: d680acbc-a653-4168-bd7d-d4157c884ce7
.lytics.io/	1970-01-21 08:15:14	Name: seerid Value: d680acbc-a653-4168-bd7d-d4157c884ce7
.strm.to/	1970-01-21 00:48:50	Name: _gcl_au Value: 1.1.822864404.1723154180
.tiktok.com/	1970-01-21 08:00:50	Name: _ttp Value: 2kOUaRLdEx4swlQ0y7TGWA5qxMh
.adsrvr.org/	1970-01-21 07:24:50	Name: TDID Value: d24a178b-b95a-4074-ab56-338bc4d03c38
.ad.gt/	1970-01-21 07:24:50	Name: au_id Value: AU1D-0100-001723154179-9GV8NCCQ-03N7
.pubmatic.com/	1970-01-21 00:48:50	Name: KTPCACOOKIE Value: true
.strm.to/	1970-01-21 08:15:14	Name: _ga_SK2KRMG100 Value: GS1.1.1723154179.1.0.1723154179.0.0.0
.strm.to/	1970-01-21 00:48:50	Name: _fbp Value: fb.1.1723154180006.900279801323106254
.adnxs.com/	1970-01-21 00:48:50	Name: XANDR_PANID Value: ccZp58jlTK3BEffTGVO1_-akaCVtXJAobpP4WrW8WJ5_14sSt_Za1UFJBQW2NJwIgsvx3cE-YqCOfdxtfsQLG4wwyateMlvwy3asdqw8Ges.
.adnxs.com/	1970-01-21 08:15:14	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:48:50	Name: uuid2 Value: 201908936981589583
.pubmatic.com/	1970-01-21 07:24:50	Name: KADUSERCOOKIE Value: D30A563B-E0BD-4602-AC53-F5E87C092574
.rubiconproject.com/	1970-01-21 07:24:50	Name: audit_p Value: 1\|SjGh6q6aEZCRRCDj+/SEnfVZSoej5J8g6Z1osg95B+MJD8deNwibMIA2S84oIwZgggPm58gD9c5BK03vAHceEHP0swe0RknJoRjbyWWLTN4j5+SvyefVPDeR3CcgROOZxZX5tvrx23k9lI5kqXwd/guiBHsPde3SzY7yoJVHQ3jeJRBGYIPH7rKpUjWTmmg0
.rubiconproject.com/	1970-01-21 07:24:50	Name: khaos Value: LZLTIAQA-1E-M335
.rubiconproject.com/	1970-01-21 07:24:50	Name: khaos_p Value: LZLTIAQA-1E-M335
.rubiconproject.com/	1970-01-21 07:24:50	Name: audit Value: 1\|SjGh6q6aEZCRRCDj+/SEnfVZSoej5J8g6Z1osg95B+MJD8deNwibMIA2S84oIwZgggPm58gD9c5BK03vAHceEHP0swe0RknJoRjbyWWLTN4j5+SvyefVPDeR3CcgROOZxZX5tvrx23k9lI5kqXwd/guiBHsPde3SzY7yoJVHQ3jeJRBGYIPH7rKpUjWTmmg0
.adsrvr.org/	1970-01-21 07:24:50	Name: TDCPM Value: CAESFAoFdGFwYWQSCwiYt6mA3_-bPRAFGAEgASgCMgsI1qysrfX_mz0QBTgBWgV0YXBhZGAC
.demdex.net/	1970-01-21 02:58:26	Name: demdex Value: 20496042990391325784049842422866575213
.in.treasuredata.com/	1970-01-21 08:15:14	Name: _td_global Value: 0dbb7975-ffc2-4c44-9c19-87aa0d269ab4
.strm.to/	1970-01-21 08:00:50	Name: _tt_enable_cookie Value: 1
.strm.to/	1970-01-21 08:00:50	Name: _ttp Value: _yGcElfPaIjNNUb83Ml5mPGdzM4
.tapad.com/	1970-01-21 00:05:38	Name: TapAd_TS Value: 1723154180267
.tapad.com/	1970-01-21 00:05:38	Name: TapAd_DID Value: d24a178b-b95a-4074-ab56-338bc4d03c38
.tapad.com/	1970-01-21 00:05:38	Name: TapAd_3WAY_SYNCS Value: 1!5325
.openx.net/	1970-01-21 07:24:50	Name: i Value: 717daf40-da64-4795-a685-840ebb5b9aa2\|1723154180
.snapchat.com/	1970-01-21 08:00:50	Name: sc_at Value: v2\|H4sIAAAAAAAAAEXHwQ3AMAgEsImQDnqB0G2QSKbo8M0vPztp7V4mo6cKkS61nNKFwHasDHxKvBr26KDO00v8AVWYgkAAAAA=
.strm.to/	1970-01-21 08:09:00	Name: _sctr Value: 1%7C1723111200000
.strm.to/	1970-01-21 08:15:14	Name: _ga Value: GA1.2.1040921033.1723154180
.strm.to/	1970-01-20 22:40:40	Name: _gid Value: GA1.2.89442217.1723154180
.strm.to/	1970-01-20 22:39:14	Name: _gat_gtag_UA_54175133_1 Value: 1
.dpm.demdex.net/	1970-01-21 02:58:26	Name: dpm Value: 20496042990391325784049842422866575213
.twitter.com/	1970-01-21 08:15:14	Name: personalization_id Value: "v1_64SHKGOHX/CsLD/HKbXsUw=="
.go.sonobi.com/	1970-01-21 07:24:50	Name: __uis Value: c3e8a5ab-9977-4bb6-a8e7-a65d68b49f28
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86217\|ZrU/B
.t.co/	1970-01-21 08:15:14	Name: muc_ads Value: 5595caf1-ad3a-4bc2-b04a-dd315357696d
.turn.com/	1970-01-21 02:58:26	Name: uid Value: 2479847006180784417
.doubleclick.net/	1970-01-21 08:15:14	Name: IDE Value: AHWqTUnqv77oXhlHh86K16Owpt2A5xtwL8gFQ7oJXVrwoO9Np9YQhC2e6FUCNMW8

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://undefined.records.in.treasuredata.com/streaming_src_qa/pageviews?modified=1723154179444 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3af8bfaef293ab73c8eb941bb7c308e4.safeframe.googlesyndication.com
a.ad.gt
analytics.tiktok.com
analytics.twitter.com
bid.g.doubleclick.net
c.lytics.io
cdn.hadronid.net
cdn.linkfire.com
cdn.treasuredata.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d.turn.com
dpm.demdex.net
googleads.g.doubleclick.net
id.hadron.ad.gt
ids.ad.gt
image2.pubmatic.com
linkstorage.linkfire.com
match.adsrvr.org
onetag-sys.com
p.ad.gt
p.scdn.co
pagead2.googlesyndication.com
pixel.tapad.com
pixels.ad.gt
platform.twitter.com
sb.scorecardresearch.com
sc-static.net
secure.adnxs.com
securepubads.g.doubleclick.net
services.linkfire.com
static.ads-twitter.com
static.assetlab.io
strm.to
sync.1rx.io
sync.colossusssp.com
sync.go.sonobi.com
t.co
token.rubiconproject.com
tpc.googlesyndication.com
tr.snapchat.com
tr6.snapchat.com
u.openx.net
undefined.records.in.treasuredata.com
us.umusic-online.com
us01.records.in.treasuredata.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
pagead2.googlesyndication.com
undefined.records.in.treasuredata.com
100.28.66.45
104.17.24.14
104.244.42.67
104.36.113.107
13.224.214.111
13.224.214.43
142.251.163.104
142.251.163.155
142.251.163.99
146.75.80.157
157.240.229.1
172.240.155.116
172.66.0.126
173.194.204.155
173.194.207.157
18.164.116.57
209.85.144.154
209.85.144.157
209.85.201.156
209.85.232.157
23.212.250.200
2600:9000:2305:4e00:14:38a4:2ec0:93a1
2606:2800:220:de:468:2285:c1:4a3
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:20::681a:216
2607:f350:3:2569:0:10:0:c
2607:f8b0:4004:c07::84
2607:f8b0:400d:c00::84
2607:f8b0:400d:c00::8b
2607:f8b0:400d:c03::84
2607:f8b0:400d:c04::61
2607:f8b0:400d:c0e::9d
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:4f::760
3.163.245.4
3.166.192.126
3.166.192.19
3.224.22.198
34.111.113.62
35.190.43.134
35.244.159.8
51.222.239.232
52.223.40.198
54.235.68.37
54.68.105.140
68.67.160.76
69.173.146.5
69.194.240.13
69.194.242.12
72.21.81.130
03e7e541339010449880241ca98364eb07fe42742a792c1fe6795e950500696d
04602900f4083a252b65488d778d59162e4a42880d2aafcece255da8e0d3c6bc
047f4d701bf8b33cf7a9bb1b2511ea4a0a462c0f6d6f46f284770b25df54238b
056082bbc37a4b82b22dbe9a49fa2a6ac1a52cd0641f825249e8bea141df0136
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05a5fac03580933e0a88b0749020180b52b3f53580684264a0cae62686739071
06392de0d85cd6345b58a53908bfaa7b3386a9b81703d1bc802130bf37deddbc
0988674dcbae9072417b073f69fcb0a2f8b887dc6609a353bf51dbc9505e2d5f
0a1a02edeb32902984abd564d3bc7059b6ae34b9f4cf8e6b2dc1ada1cfe2589d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf708c7f214501f9b32c83f757cc1c4b05a960a515d53583a180f75bf0e0ffa
1634e4bfbb76d36dfac8938dfbed2d510fae8ada83f36350f5c0089dc8662307
1638d740b3fefd40bb32988bb2ab6b987e07c0e574c4ba63db6b0e4b9c8e790e
1a9c31e490f9244356be7017183fc92a63d54e56f1f8d12e3eb8c9d677e4e89b
1b2acb074dcb1812659d1b287a9d6dd4672dce0a19b0599fb07d347fbe019145
1cf55a87b7f1fa76861a1df2471f1686d79cbb7a6f0f94eb1de32b6bfe493fdb
1df9c953053965fc56c34399bc55ac59f6ab462e6027ce3cb0643d8028319ab3
1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe
23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e
2405e8aff635ceb047765ec151669013605d829556db1a33a03de2c336d5f76d
294754ccd9c7dc68ea30c7fda66bba123771938182e5ff8285c7061b9120df1c
2953217b5e320afbe57db90ecb6b3081e7eeae485330fe325b8b1ff17519f3c4
32e602a39b594848eeddbc4907ff2863c29725acc7736e8ad5d49186f3307328
32f68db987dca6f7dca6b5f858ffab13b4a489d3608ed738546da30460d7493a
34078200e60ca43461630face48ad447b8f0b168fb47690f478072e2c1a9e5f5
3a26214bd1e8719fc7fba6929bdaab7d7f6971af5336aa013606160d1a580929
3a2d5ab6cfc665157b92b175efb6b5724148c935c180a0862a40b5ef27783fea
3ce9c869d01258f4e024478cbb35d9c6d905e247fe95a11984e5277a96dde0fd
40039e484599ff9d06a8b426c17036fd4808e27f9f80f36857f0dd43e398df35
4175f5b19e7944037041939fd68f239627bb64a1601ec501f3962a8007c29fe3
42a699b5378af2c4d65058e57a5fefcfc5b65167d914851d3128787c1bb6a27e
431bfdc230e09259e9330bb7803bd6a88180ae3f067b7eccdc74cd9dbaf0a8b4
4601e6cd3682181d1b4d848bf0489f3ed31e13bb0acb0f7644700e4003384096
47d19bef805d667760b18e0f7313debdaec8b466601389e047fec416d19c5c10
48442a68a245429c0b9e568a6aa953928ddfa30d565551ecf09fe2420479f2af
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4a0f3694e0c1a799d58c517dc9fc267b089fffd11d447d9d379daff24c362010
4bb9eaf55f6b1925fd4cd5c541bbecf276034beaeb6709556bfbce24990239de
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4d75816b9dece5518f15df8feeaad5db22bc529345ad130f042beb6be6d9afba
4ff7d694e3edea78d3f09ea490a73896751cb3f6781e5d18ed14da124fd46d2f
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3
53370a725dd5098c4f9fc68ced453271ce073e74230074765ea05576a2f9c6d3
5924d27bc4f91d1da75134621911dcc3409619020cec52a456b9e023a5e9c322
5993055e40952fd858a461a048a4e0eff9979998c36bb4a0df52ec647605e354
59dc63f394b7bc087a6c62cca998f2a31c5c234ee0fb6ce21e909c0993ea617a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63
6612dd210a4b7623c5c1f4e0d1cc38745fe818da57d3af521527d4cae9d06df1
6a01570a34308b3c89e3492bbeac7b2e0c7c3f7156c30260b9796a7624251fb3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f66685b7a74bfd2bacaf0d7af4ca5b3fa10c3b459db45cf8344fcbd533b6980
70e12cf9caea9f6d0c128c4ac2d37a078b1de10ad5ed80991ef4ae7bb62a08b2
763c09aa56110b05ed4d4d716ba81736b6fe696c57d66cbef6d850d9bfe35782
76d34322c9421b38b3283c824e51a24302389a9b2084110ec94d887a467e949d
77210821fc78e28d21bcf4b944c751d466e20987219db76428eeb8900cea55ac
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8c554840debebb1ab92ddae039e500fb187996ee010f6a623cf7e801ab9f37b5
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
974228ad49c56cdaa83118a402134d95b09ea47d4ed35b69e64703be95895149
975f93c89036852225cae57756ec08a8a54b479e5084889dd5b7c1c5c4ea3533
9b29d73e465fae0032e94f7ee9984fad9136cd06b320accaba9f985e4025171e
a071f297ffedc567a3b1426e0a145acd50603aee9f6534b76567055f05f99484
a526e6f162cefdb6a60ba47786e531e20c92c97c92347f8dbfe262d3ece1f131
a6ae0449e17adbb715e23334ea489b68d11d70e37f4e214c54022f9d488eee4b
a7bbd9418ac46365defae2999b541527dfac0849719115ddd10a8297aa42f274
aa42d02647fd68b0a953613d573a72d3dc8c1a51460163e8dbfe867b694bb4c0
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d
af3171b83e749c88da9ea42022890f4b6d3ea57ffea6244e9f20a13d1493f4be
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68
b398a9b24d06d2b31ce1b4968abfa8d6276f01fc2ca218659a0be0d385950c63
b424c8b96a0a79e02312ac23d09607c4006fd6d9242848089fbc19caceed805d
c690c5c6a92b09f05ee624f3e114e1146ab1cd0ea0343bd2f20c5c0633ff8b64
c9f91d3e6350e689be4fde03bd4b3c3904d5745011637f6366f44474b83c9fc6
ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff
cf6d6f80e954f25f50c1d0567f544cd87988372bb8927b9be60eda9ee6ca25f1
d53dcc6a8f6d3cf804b4752d41c018bf9d6dc6b7aead91df587fd0f9cdf0fbf2
d6a50c1961b1750b21af3ec16fbb9cd604c24dd118d189e9272af565a21b8437
d812f3c0511015c397cb86798af8b46a4d92130bbfb0adae32057045e1108a37
da0c5870836a5450370f318edf8fd417c62ae42447d6c86c422017f2a3f56ee7
dd81b461460be294f5f898a95bc4cca37ea71adc49be0752e8ef61d949b99187
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebb10e03bfe495ef4a51f61ab2e3c9e3b94cb8bc1e4b2c5294e9d8c94550fb95
ec4cd8b2a45a66e023d00fbf577fcb9866ec77d3ea9331524c1506191fa88138
ecfca7ea4d18b39b63c590e37c8665231fcba643fd84ebccd9331db413805fc2
eeba3ace9cbfefe01391c267ac236776ebe26bf6cd629ea90a9fb07f7253042b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdc3d2e048a532d0bd1b49483ea9908ce1d60e3518971f08faa118f344b76f1
f294a346cf7518e89871ff28ee479c032fe1e6031981da8914bcecc9f522d34b
fb741a39e65dd8bf0bf755d4856bc8ad8aba6292ee1c20822649a96b48fd3bcc
fd75f3420fc054847d93826cadf7aa5aa56f398f489a9ec17317be2dc395a773
fdaf641251a8854b64e807fef8f115f1e47cf644cfe6c76e0e36d067962bb9a3
ff362590942cd8bb93423aefea52b6f7c6cdabbc9e43e8e8833d6b3164959133
ff5a96a06a54d25d0519b4829dc150a5db17b3ea4e8625769b7bc795d87e54d7

strm.to Open in urlscan Pro 54.235.68.37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

167 Requests

89 %HTTPS

31 %IPv6

37 Domains

52 Subdomains

45 IPs

3 Countries

2436 kBTransfer

6641 kBSize

54 Cookies

12 Outgoing links

Page URL History

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

strm.to Open in urlscan Pro
54.235.68.37 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

89 %
HTTPS

31 %
IPv6

37
Domains

52
Subdomains

45
IPs

3
Countries

2436 kB
Transfer

6641 kB
Size

54
Cookies

167 HTTP transactions
0 data transactions