posty.lnk.to Open in urlscan Pro
44.195.106.66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://us.umusic-online.com/c/AQjhkg4Q-OEhGJ-5_GAgwcDdCEl7VAFmhdRNEZQdnAW5xahYlvPL5CJLq2sXmzRT0cLS
Effective URL:
https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F...
Submission: On July 30 via api (July 30th 2024, 2:47:38 am UTC) from BE — Scanned from US

Summary HTTP 160 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 41 IPs in 3 countries across 38 domains to perform 160 HTTP transactions. The main IP is 44.195.106.66, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is posty.lnk.to.
TLS certificate: Issued by Amazon RSA 2048 M03 on September 15th 2023. Valid for: a year.

This is the only time posty.lnk.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.159.140.128 162.159.140.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	44.195.106.66 44.195.106.66	14618 (AMAZON-AES) (AMAZON-AES)
9	2607:f8b0:400... 2607:f8b0:4004:c07::9c	15169 (GOOGLE) (GOOGLE)
12	108.156.120.53 108.156.120.53	16509 (AMAZON-02) (AMAZON-02)
1	18.238.49.25 18.238.49.25	16509 (AMAZON-02) (AMAZON-02)
11	2600:9000:247... 2600:9000:247b:dc00:14:38a4:2ec0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	108.139.47.8 108.139.47.8	16509 (AMAZON-02) (AMAZON-02)
2 4	18.154.227.51 18.154.227.51	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c21::84	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.163.155 142.251.163.155	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c0b::61	15169 (GOOGLE) (GOOGLE)
1	3.163.245.4 3.163.245.4	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.249.39.75 13.249.39.75	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:2800:220... 2606:2800:220:131d:1d30:1f1d:238b:1e56	15133 (EDGECAST) (EDGECAST)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
7	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:20:... 2606:4700:20::681a:216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	23.53.35.133 23.53.35.133	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.225.90.137 3.225.90.137	14618 (AMAZON-AES) (AMAZON-AES)
5	2607:f8b0:400... 2607:f8b0:4004:c1f::64	15169 (GOOGLE) (GOOGLE)
8	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4004:c1b::9a	15169 (GOOGLE) (GOOGLE)
1 8	2607:f8b0:400... 2607:f8b0:4004:c06::63	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 13	52.42.80.15 52.42.80.15	16509 (AMAZON-02) (AMAZON-02)
2 2	68.67.160.132 68.67.160.132	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	172.253.122.156 172.253.122.156	15169 (GOOGLE) (GOOGLE)
1 1	2620:112:f008... 2620:112:f008:200::101	26120 (RHYTHMONE) (RHYTHMONE)
1 1	172.240.155.100 172.240.155.100	7979 (SERVERS-COM) (SERVERS-COM)
1	51.222.39.186 51.222.39.186	16276 (OVH) (OVH)
1	72.21.81.130 72.21.81.130	15133 (EDGECAST) (EDGECAST)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2 2	3.212.25.222 3.212.25.222	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:200d	27630 (AS-XFERNET) (AS-XFERNET)
2 2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	69.194.240.13 69.194.240.13	26120 (RHYTHMONE) (RHYTHMONE)
1	2600:1901:0:7... 2600:1901:0:7628::	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.126.119.98 104.126.119.98	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42:4e:... 2a04:4e42:4e::760	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::84	15169 (GOOGLE) (GOOGLE)
160	41

1 162.159.140.128 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

us.umusic-online.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.195.106.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-106-66.compute-1.amazonaws.com

posty.lnk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c07::9c (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 108.156.120.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-120-53.ord56.r.cloudfront.net

static.assetlab.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.49.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-25.jfk52.r.cloudfront.net

linkstorage.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:247b:dc00:14:38a4:2ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

services.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.47.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-8.jfk50.r.cloudfront.net

cdn.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.154.227.51 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-51.iad55.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::9d (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c21::84 (Washington, United States)

ASN15169 (GOOGLE, US)

cf3eab2a6c9fea51ef678e45343674a5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c0b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.245.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.39.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-75.iad89.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:220:131d:1d30:1f1d:238b:1e56 (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 23.53.35.133 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-35-133.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.90.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-90-137.compute-1.amazonaws.com

us01.records.in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c1f::64 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c06::63 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.42.80.15 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-80-15.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.132 (Colonia, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.83 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.122.156 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f008:200::101 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.155.100 (United States) 1 redirects

ASN7979 (SERVERS-COM, US)

sync.colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.81.130 (United States)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.212.25.222 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-25-222.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:200d (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7628:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.119.98 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-119-98.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:4e::760 (United States)

ASN54113 (FASTLY, US)

p.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9a (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	ad.gt 1 redirects a.ad.gt — Cisco Umbrella Rank: 2521 p.ad.gt — Cisco Umbrella Rank: 2796 ids.ad.gt — Cisco Umbrella Rank: 2348 id.hadron.ad.gt — Cisco Umbrella Rank: 2328 pixels.ad.gt — Cisco Umbrella Rank: 2702	40 KB
20	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 363	192 KB
16	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	254 KB
14	linkfire.com linkstorage.linkfire.com — Cisco Umbrella Rank: 182138 services.linkfire.com — Cisco Umbrella Rank: 180201 cdn.linkfire.com — Cisco Umbrella Rank: 186580	114 KB
12	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	10 KB
12	assetlab.io static.assetlab.io — Cisco Umbrella Rank: 147981	401 KB
10	lytics.io c.lytics.io — Cisco Umbrella Rank: 19308	52 KB
9	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 1202 tr6.snapchat.com — Cisco Umbrella Rank: 1340	1 KB
8	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10	408 B
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	23 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	424 KB
4	googlesyndication.com cf3eab2a6c9fea51ef678e45343674a5.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 203	19 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 278	4 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 646	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 505	2 KB
3	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 19054 us01.records.in.treasuredata.com — Cisco Umbrella Rank: 40137	20 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	77 KB
2	scdn.co p.scdn.co — Cisco Umbrella Rank: 32883	352 KB
2	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 1176	765 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 319	1 KB
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 1373	729 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 764	2 KB
2	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2589	23 KB
2	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 1868 analytics.twitter.com — Cisco Umbrella Rank: 1356	776 B
2	lnk.to posty.lnk.to	47 KB
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 10256	825 B
1	1rx.io sync.1rx.io — Cisco Umbrella Rank: 741	99 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 1537	667 B
1	t.co t.co — Cisco Umbrella Rank: 979	374 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1081	201 B
1	colossusssp.com 1 redirects sync.colossusssp.com — Cisco Umbrella Rank: 3082	675 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1995	443 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 694	1 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	15 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1413	21 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	19 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	2 KB
1	umusic-online.com 1 redirects us.umusic-online.com — Cisco Umbrella Rank: 738985	506 B
160	38

	Domain	Requested by
16	analytics.tiktok.com	static.assetlab.io analytics.tiktok.com
13	ids.ad.gt	1 redirects posty.lnk.to
12	www.facebook.com	posty.lnk.to
12	static.assetlab.io	posty.lnk.to static.assetlab.io
11	services.linkfire.com	posty.lnk.to
10	c.lytics.io	static.assetlab.io c.lytics.io posty.lnk.to
10	securepubads.g.doubleclick.net	posty.lnk.to securepubads.g.doubleclick.net
8	www.google.com	1 redirects posty.lnk.to tpc.googlesyndication.com
8	tr.snapchat.com	sc-static.net
7	googleads.g.doubleclick.net	www.googleadservices.com posty.lnk.to www.googletagmanager.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	a.ad.gt	static.assetlab.io p.ad.gt analytics.tiktok.com
5	www.googletagmanager.com	static.assetlab.io www.googletagmanager.com p.ad.gt
4	sb.scorecardresearch.com	2 redirects posty.lnk.to
3	cm.g.doubleclick.net	2 redirects posty.lnk.to
3	pixel.tapad.com	3 redirects
3	match.adsrvr.org	3 redirects
3	connect.facebook.net	static.assetlab.io connect.facebook.net
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	p.scdn.co	posty.lnk.to analytics.tiktok.com
2	pixels.ad.gt	p.ad.gt
2	id.hadron.ad.gt	cdn.hadronid.net
2	u.openx.net	2 redirects
2	dpm.demdex.net	2 redirects
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	p.ad.gt	a.ad.gt
2	cdn.hadronid.net	a.ad.gt
2	us01.records.in.treasuredata.com	cdn.treasuredata.com
2	cdn.linkfire.com	static.assetlab.io
2	posty.lnk.to	posty.lnk.to
1	pagead2.googlesyndication.com	analytics.tiktok.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	tr6.snapchat.com	sc-static.net
1	sync.1rx.io	posty.lnk.to
1	sync.go.sonobi.com	1 redirects
1	analytics.twitter.com	posty.lnk.to
1	t.co	posty.lnk.to
1	onetag-sys.com	posty.lnk.to
1	sync.colossusssp.com	1 redirects
1	d.turn.com	1 redirects
1	token.rubiconproject.com	posty.lnk.to
1	static.ads-twitter.com	posty.lnk.to
1	platform.twitter.com	1 redirects
1	cdn.treasuredata.com	static.assetlab.io
1	sc-static.net	static.assetlab.io
1	www.googleadservices.com	static.assetlab.io
1	cdnjs.cloudflare.com	static.assetlab.io
1	cf3eab2a6c9fea51ef678e45343674a5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	linkstorage.linkfire.com	posty.lnk.to
1	us.umusic-online.com	1 redirects
160	51

This site contains links to these domains. Also see Links.

Domain
music.apple.com
open.spotify.com
music.amazon.com
music.youtube.com
pandora.com
tidal.com
soundcloud.com
www.deezer.com
www.amazon.com
open.qobuz.com

Subject Issuer	Validity	Valid
lnk.to Amazon RSA 2048 M03	`2023-09-15` - `2024-10-13`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
static.assetlab.io Amazon RSA 2048 M03	`2023-09-20` - `2024-10-17`	a year	crt.sh
linkfire.com Amazon RSA 2048 M03	`2024-05-01` - `2025-05-28`	a year	crt.sh
cdn.linkfire.com Amazon RSA 2048 M02	`2023-12-13` - `2025-01-10`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.googleadservices.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.treasuredata.com Amazon RSA 2048 M03	`2024-06-18` - `2025-07-17`	a year	crt.sh
a.ad.gt E6	`2024-06-09` - `2024-09-07`	3 months	crt.sh
lytics.io WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.records.in.treasuredata.com Amazon RSA 2048 M02	`2023-11-19` - `2024-12-18`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
hadronid.net WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
p.ad.gt Cloudflare Inc ECC CA-3	`2023-11-09` - `2024-11-07`	a year	crt.sh
*.ad.gt Amazon RSA 2048 M02	`2024-03-10` - `2025-04-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2024-06-13` - `2025-07-14`	a year	crt.sh
*.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
id.hadron.ad.gt WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
pixels.ad.gt WE1	`2024-07-08` - `2024-10-06`	3 months	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.scdn.co GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-09` - `2025-05-11`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Frame ID: 66BEEA241F947DAFFDC93B009238B1FA
Requests: 151 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 6208B59F9F69EEF30EB754489E7CFEC1
Requests: 1 HTTP requests in this frame

Frame: https://cf3eab2a6c9fea51ef678e45343674a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E0619242A8D39AB1E5B53B04F293D41C
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=b689c86a-45c8-417b-a0f7-be1211b895bd&u_scsid=4999cc24-6162-47c3-8767-115232fd5d36&u_sclid=1b389e24-3435-4a4f-aded-3e1efd6610dd
Frame ID: 7B763C979C0794DF244C5131C07B2ED7
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=562e8a15-b601-46c1-9ad7-1be1d5569d93&u_scsid=4999cc24-6162-47c3-8767-115232fd5d36&u_sclid=1b389e24-3435-4a4f-aded-3e1efd6610dd
Frame ID: AD2FFCE00020894906B4D33AD7FA9963
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=a02431f0-2da6-44ed-a557-26ff61410dbf&u_scsid=4999cc24-6162-47c3-8767-115232fd5d36&u_sclid=1b389e24-3435-4a4f-aded-3e1efd6610dd
Frame ID: 7349EB8BF63DDF3999373FD6ED61F28B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DFA0E8EA682719E7581F72594AB2CEC8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EA56802D665F36647603C0C5AD9E4C45
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Post Malone, Blake Shelton - Pour Me A Drink

Page URL History Show full URLs

https://us.umusic-online.com/c/AQjhkg4Q-OEhGJ-5_GAgwcDdCEl7VAFmhdRNEZQdnAW5xahYlvPL5CJLq2sXmzRT0cLS HTTP 302
https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

160
Requests

89 %
HTTPS

45 %
IPv6

38
Domains

51
Subdomains

41
IPs

3
Countries

2112 kB
Transfer

5763 kB
Size

56
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://music.apple.com/us/album/1752531522?i=1752531909&app=music&at=1001lIFR&ct=LFV_9628361e1379ef4d648a2c3c97e3f8ea&itscg=30440&itsct=catchall_p1&lId=210786681&cId=EM&sr=1&src=Linkfire&ls=1
Title: Play

Search URL Search Domain Scan URL

URL: https://open.spotify.com/album/1WE56xSN0l6bnwGyLeQWdz?go=1&utm_campaign=fAfTD_96_fmly&utm_source=Owned_Email&utm_medium=Email&utm_content=861f0f96-d1c1-4548-9f37-d394a3e74f4f_none_Post%2BMalone%252C%2BBlake%2BShelton_101073853_Pour%2BMe%2BA%2BDrink_none_20240614_direct_republic-records-post-malone_US_posty.lnk.to%2Fpourmeadrink&dm_i=4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0
Title: Play

Search URL Search Domain Scan URL

URL: https://music.amazon.com/tracks/B0D79N9699?tag=republicrecor-20&ie=UTF8&linkCode=as2&ascsubtag=9628361e1379ef4d648a2c3c97e3f8ea&ref=dmm_acq_soc_us_u_lfire_lp_x_9628361e1379ef4d648a2c3c97e3f8ea&utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0
Title: Play

Search URL Search Domain Scan URL

URL: https://music.youtube.com/playlist?list=OLAK5uy_mC1zMaOjgnPlA0g3uuFYQYgKkYPd-i-pE&src=Linkfire&lId=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cId=88171ca4-c325-4454-a8fb-9bc6c38cab7a&utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0
Title: Play

Search URL Search Domain Scan URL

URL: https://music.apple.com/us/album/1752531522?app=itunes&at=1001lIFR&ct=LFV_9628361e1379ef4d648a2c3c97e3f8ea&itscg=30440&itsct=catchall_p5&lId=210786681&cId=EM&sr=5&src=Linkfire&ls=1
Title: Download

Search URL Search Domain Scan URL

URL: https://pandora.com/artist/post-malone/pour-me-a-drink/ALpthlkkqfvVvKc?part=lf&corr=9628361e1379ef4d648a2c3c97e3f8ea&partnerName=Linkfire&~campaign=Partner%20Customer%20ID%20-%20861f0f96-d1c1-4548-9f37-d394a3e74f4f&sharedId=9628361e1379ef4d648a2c3c97e3f8ea&utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0
Title: Play

Search URL Search Domain Scan URL

URL: https://tidal.com/track/370032389?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0
Title: Play

Search URL Search Domain Scan URL

URL: https://soundcloud.com/postmalone/post-malone-pour-me-a-drink?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0
Title: Play

Search URL Search Domain Scan URL

URL: https://www.deezer.com/album/603281092?app_id=140685&utm_source=partner_linkfire&utm_campaign=9628361e1379ef4d648a2c3c97e3f8ea&utm_medium=Email&utm_term=republic-records-post-malone&utm_content=album-603281092&dm_i=4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0
Title: Play

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B0D79QY6W8?trackAsin=B0D79R3SQM&tag=republicrecor-20&ie=UTF8&linkCode=as2&ascsubtag=9628361e1379ef4d648a2c3c97e3f8ea&ref=dmm_acq_soc_us_u_lfire_lp_x_9628361e1379ef4d648a2c3c97e3f8ea&utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0
Title: Download

Search URL Search Domain Scan URL

URL: https://open.qobuz.com/album/d5s70kg5ze13b?lf=9628361e1379ef4d648a2c3c97e3f8ea&utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0
Title: Play

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://us.umusic-online.com/c/AQjhkg4Q-OEhGJ-5_GAgwcDdCEl7VAFmhdRNEZQdnAW5xahYlvPL5CJLq2sXmzRT0cLS HTTP 302
https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://sb.scorecardresearch.com/cs/9923941/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 40

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 49

https://sb.scorecardresearch.com/b?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1722307651550&ns_c=UTF-8&cs_fpid=9628361e1379ef4d648a2c3c97e3f8ea&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscorekw=umg&c7=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&c8=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1722307651550&ns_c=UTF-8&cs_fpid=9628361e1379ef4d648a2c3c97e3f8ea&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscorekw=umg&c7=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&c8=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&c9=

Request Chain 66

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=95250753&rnd=414923204.1722307652&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM&dma=0&npa=0&gtm=45be47t0v9169071275za200&auid=1595076106.1722307652&frm=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=95250753&rnd=414923204.1722307652&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM&dma=0&npa=0&gtm=45be47t0v9169071275za200&auid=1595076106.1722307652&frm=0

Request Chain 75

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001722307652-EMF58FPO-GESX&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001722307652-EMF58FPO-GESX%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001722307652-EMF58FPO-GESX&adnxs_id=3930559862573526092&gdpr=0

Request Chain 76

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001722307652-EMF58FPO-GESX&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001722307652-EMF58FPO-GESX&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=e929fc2b-786f-427a-91e4-7e8269165912&id=AU1D-0100-001722307652-EMF58FPO-GESX

Request Chain 77

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001722307652-EMF58FPO-GESX HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001722307652-EMF58FPO-GESX HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=3B64A4F2-2606-443B-BF0E-B5D8DF01F62F&id=AU1D-0100-001722307652-EMF58FPO-GESX

Request Chain 79

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001722307652-EMF58FPO-GESX&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001722307652-EMF58FPO-GESX%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001722307652-EMF58FPO-GESX&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001722307652-EMF58FPO-GESX%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=06f526cd-60ae-451f-b77b-2b62d89fb83c%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001722307652-EMF58FPO-GESX%252526tapad_id%25253D06f526cd-60ae-451f-b77b-2b62d89fb83c%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e929fc2b-786f-427a-91e4-7e8269165912&ttd_puid=06f526cd-60ae-451f-b77b-2b62d89fb83c%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001722307652-EMF58FPO-GESX%2526tapad_id%253D06f526cd-60ae-451f-b77b-2b62d89fb83c%2C HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001722307652-EMF58FPO-GESX&tapad_id=06f526cd-60ae-451f-b77b-2b62d89fb83c

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001722307652-EMF58FPO-GESX HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001722307652-EMF58FPO-GESX&google_gid=CAESEAE3kQAW_a6gpj4XlMki1hU&google_cver=1&google_ula=450542624,0

Request Chain 81

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001722307652-EMF58FPO-GESX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMjMwNzY1Mi1FTUY1OEZQTy1HRVNY

Request Chain 82

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001722307652-EMF58FPO-GESX HTTP 302
https://ids.ad.gt/api/v1/amo_match?turn_id=8081864309992959030&id=AU1D-0100-001722307652-EMF58FPO-GESX

Request Chain 83

https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001722307652-EMF58FPO-GESX&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-001722307652-EMF58FPO-GESX HTTP 302
https://ids.ad.gt/api/v1/colossus?cls_id=615a215d-f906-42ae-ba19-fa2f4d3c0428&id=AU1D-0100-001722307652-EMF58FPO-GESX

Request Chain 89

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001722307652-EMF58FPO-GESX&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001722307652-EMF58FPO-GESX HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001722307652-EMF58FPO-GESX&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001722307652-EMF58FPO-GESX HTTP 302
https://ids.ad.gt/api/v1/adb_match?adb=66339806884452292841397619527934413114&id=AU1D-0100-001722307652-EMF58FPO-GESX

Request Chain 90

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001722307652-EMF58FPO-GESX&uid=[UID]&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001722307652-EMF58FPO-GESX&uid=e478b4d1-6fb1-473d-acac-1939ef1d1b4a&gdpr=0

Request Chain 91

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001722307652-EMF58FPO-GESX%26auid%3DAU1D-0100-001722307652-EMF58FPO-GESX HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001722307652-EMF58FPO-GESX%26auid%3DAU1D-0100-001722307652-EMF58FPO-GESX HTTP 302
https://ids.ad.gt/api/v1/openx?openx_id=5d8ec1a7-ffc3-4cde-84ee-432450b9a844&id=AU1D-0100-001722307652-EMF58FPO-GESX&auid=AU1D-0100-001722307652-EMF58FPO-GESX

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_cm&google_nid=lytics&google_hm=YzNkN2JmYTQtY2RiZS00YmQ1LWJiY2UtZDIwNDEzNDU1NzI3 HTTP 302
https://c.lytics.io/c/provider/google?google_gid=CAESEDQ9Y_AZh6IgGynVfrzm-0M&google_cver=1

160 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pourmeadrinkEM Show response
posty.lnk.to/
Redirect Chain

https://us.umusic-online.com/c/AQjhkg4Q-OEhGJ-5_GAgwcDdCEl7VAFmhdRNEZQdnAW5xahYlvPL5CJLq2sXmzRT0cLS
https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0

128 KB
46 KB

287ms
167ms

Document
text/html

44.195.106.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.195.106.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-106-66.compute-1.amazonaws.com
Software: /
Resource Hash: 3e34287a2517dbb99602d53933cc75cd9208dbf1627218ff1422d4016f411367

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 30 Jul 2024 02:47:30 GMT
vary: Accept-Encoding
x-redirector-version: redirector-v3

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8ab2063e7e537c9a-EWR
content-length: 0
date: Tue, 30 Jul 2024 02:47:30 GMT
location: https://posty.lnk.to:443/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
31 KB 194ms
103ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbd25991de0aaa583a5fd300dd2c579343d4459bf87a6485d31151224628adeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31580
x-xss-protection: 0
server: cafe
etag: 780 / 19934 / m202407250101 / config-hash: 2263960417478722326
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 30 Jul 2024 02:47:30 GMT

GET
H2 200 release-refresh.css
static.assetlab.io/redirector-prod/3.153.0/ 49 KB
6 KB 164ms
41ms Stylesheet
text/css 108.156.120.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.css
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.120.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-120-53.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3dc77da3079dd2038fbcbaee116b7f3ff7d4af243b9666a5e1f9256e372d97b

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: fPUjr24VYe4tDke0KZA1oINV0u4Qb6o6
content-encoding: gzip
via: 1.1 47f81868b329bf877f7a46684a31c756.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 11:37:16 GMT
last-modified: Tue, 23 Jul 2024 11:31:28 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P3
age: 54615
x-amz-server-side-encryption: AES256
etag: W/"6356d284011ccaa5269956c0f632687e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: pzFPTXcIhEtzwwvzVeaBV-vkROkzwrBY1UndkkIAAW3B19iSTsj8UA==

GET
H2 200 release-refresh-light.css
static.assetlab.io/redirector-prod/3.153.0/ 22 KB
5 KB 151ms
29ms Stylesheet
text/css 108.156.120.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh-light.css
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.120.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-120-53.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24893d75a4b75d8c8252b5c192e1040d82e5ba14c29b3ebc768877fb7e3f9168

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 2Iu4X56tQQ0phhrqdKETmAnqFvyOkeVg
content-encoding: gzip
via: 1.1 47f81868b329bf877f7a46684a31c756.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 11:37:16 GMT
last-modified: Tue, 23 Jul 2024 11:31:28 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P3
age: 54615
x-amz-server-side-encryption: AES256
etag: W/"e032e85205ccf8c556025093e1ceaeb1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: tv-rHc24BhDfZPYTTz2cc-DaIJD4pxjKAjzNHVTUx9FQIQ5gJxraOg==

GET
H2 200 release-refresh.js Show response
static.assetlab.io/redirector-prod/3.153.0/ 498 KB
151 KB 164ms
42ms Script
application/javascript 108.156.120.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.js
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.120.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-120-53.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26e1284c3a3c640732e9899e5ed5c6be689c4d21bd7f35025816f983edd408c0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: qp76L74xZccT5CYQ5brvdkajJNYGNhDI
content-encoding: gzip
via: 1.1 47f81868b329bf877f7a46684a31c756.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 11:37:23 GMT
last-modified: Tue, 23 Jul 2024 11:31:29 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P3
age: 54608
x-amz-server-side-encryption: AES256
etag: W/"297b943cb5ee1c7b9f47ba922415435d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Jp0QS_pvu0fe7rcU5IWNKEer53cxK1B0AuLSezIBGaelFUaZCSFi8g==

GET
H2 200 artwork-440x440.jpg
linkstorage.linkfire.com/medialinks/images/b977e7c0-8438-40d5-8b95-0503294e5b72/ 24 KB
25 KB 184ms
44ms Image
image/jpeg 18.238.49.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linkstorage.linkfire.com/medialinks/images/b977e7c0-8438-40d5-8b95-0503294e5b72/artwork-440x440.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-25.jfk52.r.cloudfront.net

Software

The Great Gig In The Sky / Master of Puppets

Resource Hash

e0d3cadfb83a62a1da36fe8ab53c43b6c55d984392c2185bed5a9090a9b38f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: KcBpvE4uNNRD7oTtCPFTBcTvS.s.eXEF
strict-transport-security: max-age=10368000; includeSubdomains; preload
x-content-type-options: nosniff
date: Tue, 30 Jul 2024 01:06:00 GMT
via: 1.1 255e8a45aff6633687f7e4911e918abc.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P3
age: 6091
x-amz-server-side-encryption: AES256
x-powered-by: Master of Puppets
x-cache: Hit from cloudfront
content-length: 24848
x-xss-protection: 1; mode=block
x-linkfire-security: security@linkfire.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 21 Jun 2024 04:09:36 GMT
server: The Great Gig In The Sky
etag: "a80ee2b78bef0686748e8af95f298a07"
expect-ct: max-age=0
x-frame-options: DENY
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: Ri02c4i8va55I51L_uylFIb64vhCGaYqmSI28zwE6UQ4iGx5Ja78Kw==

GET
H2 200 logo_applemusic_onlight.svg
services.linkfire.com/ 7 KB
4 KB 116ms
16ms Image
image/svg+xml 2600:9000:247b:dc00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_applemusic_onlight.svg
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:dc00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 13:18:23 GMT
x-amz-version-id: nGo7v092Ub92VgXy.O3WmDeRgTKJPui3
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 11:13:55 GMT
server: AmazonS3
via: 1.1 d7365e331e2f3aa085a6501cac42bb72.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
etag: W/"3d4894f0254dc9d917c86fffd766046a"
age: 566948
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: Qu8ChGmnEuDUM1pbfH2aeefv4NuTyE9UE7lIcgbPZ7YM10o_inR5Bw==

GET
H2 200 logo_spotify_onlight.svg
services.linkfire.com/ 6 KB
3 KB 13ms
12ms Image
image/svg+xml 2600:9000:247b:dc00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_spotify_onlight.svg
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:dc00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 13:18:23 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 02 Nov 2016 12:14:43 GMT
server: AmazonS3
via: 1.1 d7365e331e2f3aa085a6501cac42bb72.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
etag: W/"10ebad8fc307d85d6ed34e9fa95a7577"
age: 566948
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: d8VySNE5RNw1cGQrN7tdvAQU1jsKWk6LnRxeMGuR0vmCPjWpGcOcmA==

GET
H2 200 logo_amazonmusic_onlight.svg
services.linkfire.com/ 13 KB
6 KB 11ms
11ms Image
image/svg+xml 2600:9000:247b:dc00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_amazonmusic_onlight.svg
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:dc00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 975f93c89036852225cae57756ec08a8a54b479e5084889dd5b7c1c5c4ea3533

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 13:18:26 GMT
x-amz-version-id: t.6xwhzUsEMabMOAcrU_ahq8gb2zQE2F
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 12:43:26 GMT
server: AmazonS3
via: 1.1 d7365e331e2f3aa085a6501cac42bb72.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
etag: W/"8431baffada660f88a05cf5c64654842"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 566945
x-amz-cf-id: vH-R70o25bB_ZU5xTAncDsojHFdZaw2ye07_QHL56wKCAE_XCQHoZw==

GET
H2 200 logo_youtubemusic_onlight.svg
services.linkfire.com/ 5 KB
2 KB 22ms
7ms Image
image/svg+xml 2600:9000:247b:dc00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_youtubemusic_onlight.svg
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:dc00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ce9c869d01258f4e024478cbb35d9c6d905e247fe95a11984e5277a96dde0fd

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 13:18:43 GMT
x-amz-version-id: G1rOQPF3JpQef3z0Vi5fsLBWAO__tg2E
content-encoding: gzip
last-modified: Fri, 23 Jun 2023 08:30:20 GMT
server: AmazonS3
via: 1.1 d7365e331e2f3aa085a6501cac42bb72.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
etag: W/"d074b492d1d7017ee94ac92a3891a8c7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 566928
x-amz-cf-id: t4lQOH393-FL_Tj96ltdviTvFWjVjKvzf0S-FEEzqe_givX755JqzQ==

GET
H2 200 logo_itunes_onlight.svg
services.linkfire.com/ 19 KB
5 KB 22ms
7ms Image
image/svg+xml 2600:9000:247b:dc00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_itunes_onlight.svg
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:dc00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 13:18:23 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 23 Mar 2018 08:26:33 GMT
server: AmazonS3
via: 1.1 d7365e331e2f3aa085a6501cac42bb72.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
etag: W/"db14889932940c59c989f46bcff71c80"
age: 566948
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: ENoOBZBc4dOn7DFtjt77gXsKrhrL8rRt2znsGtGdxgakEp_xKiZH-Q==

GET
H2 200 logo_pandora_onlight.svg
services.linkfire.com/ 3 KB
2 KB 24ms
10ms Image
image/svg+xml 2600:9000:247b:dc00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_pandora_onlight.svg
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:dc00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3a59a7af0c06345372359c3e0326c03d02e7076beee6ed480aa5acde25bdedc

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 13:18:29 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 04 Dec 2017 12:06:02 GMT
server: AmazonS3
via: 1.1 d7365e331e2f3aa085a6501cac42bb72.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
etag: W/"6a45d5490eb0fba23128349ca9283cca"
age: 566942
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: U73q8wp26nKi7dXC7C221FAMM-defpb5YsbY8PDpUMQUvEHbx46mwQ==

GET
H2 200 logo_tidal_onlight.svg
services.linkfire.com/ 4 KB
2 KB 25ms
11ms Image
image/svg+xml 2600:9000:247b:dc00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_tidal_onlight.svg
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:dc00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 763c09aa56110b05ed4d4d716ba81736b6fe696c57d66cbef6d850d9bfe35782

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 13:18:28 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 10 Aug 2016 15:07:49 GMT
server: AmazonS3
via: 1.1 d7365e331e2f3aa085a6501cac42bb72.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
etag: W/"2fd0abb508ea5e93eec3ad5a5d46141c"
age: 566943
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: C2hTxaXEMGgZPboT_Nza24vn4okq_wUnkZLk4K1dooKsXeUNnZSzBg==

GET
H2 200 logo_soundcloud_onlight.svg
services.linkfire.com/ 7 KB
3 KB 25ms
11ms Image
image/svg+xml 2600:9000:247b:dc00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_soundcloud_onlight.svg
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:dc00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fdaf641251a8854b64e807fef8f115f1e47cf644cfe6c76e0e36d067962bb9a3

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 13:18:48 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 10 Aug 2016 15:03:55 GMT
server: AmazonS3
via: 1.1 d7365e331e2f3aa085a6501cac42bb72.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
etag: W/"dfe6031f9e194784911a4fcc715b8471"
age: 566923
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: Fjzz67LV5zFx7gqDV-z9fApI8VpFDkMjrCXiXFhujEAbwK3w06wxmA==

GET
H2 200 logo_deezer_onlight.svg
services.linkfire.com/ 4 KB
2 KB 25ms
12ms Image
image/svg+xml 2600:9000:247b:dc00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_deezer_onlight.svg
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:dc00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40039e484599ff9d06a8b426c17036fd4808e27f9f80f36857f0dd43e398df35

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 13:18:28 GMT
x-amz-version-id: WvAwStsf6xWaBuT2.jFQmXhqB6pMNhyj
content-encoding: gzip
last-modified: Wed, 29 Nov 2023 08:40:03 GMT
server: AmazonS3
via: 1.1 d7365e331e2f3aa085a6501cac42bb72.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
etag: W/"4b2c962216daeabe96dfaf3d2a6c8eb8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 566943
x-amz-cf-id: zXX-TZCQU2180h0gT9zhK4GVqnu-g0j9yOTviUJxrbeNKXW5-SpUDQ==

GET
H2 200 logo_amazonmp3_onlight.svg
services.linkfire.com/ 13 KB
6 KB 27ms
14ms Image
image/svg+xml 2600:9000:247b:dc00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_amazonmp3_onlight.svg
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:dc00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 975f93c89036852225cae57756ec08a8a54b479e5084889dd5b7c1c5c4ea3533

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 13:20:07 GMT
x-amz-version-id: XKx_LM37qDivkr4O1E18mX4.9BCzfIhm
content-encoding: gzip
last-modified: Mon, 18 Sep 2023 10:23:55 GMT
server: AmazonS3
via: 1.1 d7365e331e2f3aa085a6501cac42bb72.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
etag: W/"8431baffada660f88a05cf5c64654842"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 566844
x-amz-cf-id: lqU0zRewYL-fTk6X9IJcSMpqhCAPjMojxfyvc5VohqoGVwyrgUNnHQ==

GET
H2 200 logo_qobuz_onlight.svg
services.linkfire.com/ 10 KB
4 KB 24ms
12ms Image
image/svg+xml 2600:9000:247b:dc00:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_qobuz_onlight.svg
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:dc00:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c63223633a72b439f8ba6eafbe2db2db554a7c50d9a8e5b86ac9721ce98e1c1

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 13:18:32 GMT
x-amz-version-id: pnNZ9InSPSOTWK.aj2uz2HSSf9FgVEd7
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 13:23:53 GMT
server: AmazonS3
via: 1.1 d7365e331e2f3aa085a6501cac42bb72.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
etag: W/"607153813ccc1952d8094fa13fb5afec"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 566939
x-amz-cf-id: iUsOyVaIbetzD-0e737KXm3b2xOjjhzI1RCYFJKz_djKoMaOQGfV_Q==

GET
H2 200 skin.js Show response
static.assetlab.io/redirector-prod/3.153.0/ 555 KB
163 KB 68ms
67ms Script
application/javascript 108.156.120.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.153.0/skin.js
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.120.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-120-53.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dac4699c9424abe7676e03ae72fb34c631738ab87d49ab3255c31d58106ce21c

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 1V3Xqsx5Mz1HwpotI9MQ.Sydke6_JMUr
content-encoding: gzip
via: 1.1 47f81868b329bf877f7a46684a31c756.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 11:37:24 GMT
last-modified: Tue, 23 Jul 2024 11:31:29 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P3
age: 54607
x-amz-server-side-encryption: AES256
etag: W/"779c110bfba40ce05b4e2c3910b3bb45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 2Rlt-hkSHvDyG0cW4el3j6sRJtG-N1JniyJJdvWbtH28Dnv8knHvsQ==

GET
H2 200 legacy-scripts.js Show response
static.assetlab.io/redirector-prod/3.153.0/ 151 KB
48 KB 72ms
59ms Script
application/javascript 108.156.120.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.153.0/legacy-scripts.js
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.120.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-120-53.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da0c5870836a5450370f318edf8fd417c62ae42447d6c86c422017f2a3f56ee7

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 8aDVvgYfO5.U8LwT..Jdim68w6d00Kps
content-encoding: gzip
via: 1.1 47f81868b329bf877f7a46684a31c756.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 11:37:45 GMT
last-modified: Tue, 23 Jul 2024 11:31:29 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P3
age: 54597
x-amz-server-side-encryption: AES256
etag: W/"97c8f7647ac11b9a125aa49c72a928f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: cW5KjrKzSkLrHkX7aEtxsiKNTc-yepr5-gyFgNptx79JO-So3AgZAw==

GET
H2 200 consent.js Show response
static.assetlab.io/consent/1.11.5/ 53 KB
17 KB 75ms
63ms Script
application/javascript 108.156.120.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.11.5/consent.js
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.120.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-120-53.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34078200e60ca43461630face48ad447b8f0b168fb47690f478072e2c1a9e5f5

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: ju_8K.PDZRV094KIBbbtKu8mQZRT_cL7
content-encoding: gzip
via: 1.1 47f81868b329bf877f7a46684a31c756.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 10:35:48 GMT
last-modified: Thu, 09 Nov 2023 11:02:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P3
age: 58303
x-amz-server-side-encryption: AES256
etag: W/"f936b19d6eee687f4d908c31b9ca592d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ZZBs3vEQJa-PYMqJqzthj17KMqt1C0f-w-Uq-U0hCXE0w9BEtZlBtw==

GET
H2 200 IBMPlexSans-SemiBold.woff
cdn.linkfire.com/fonts/ 25 KB
26 KB 138ms
38ms Font
application/font-woff 108.139.47.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkfire.com/fonts/IBMPlexSans-SemiBold.woff
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh-light.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-8.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48442a68a245429c0b9e568a6aa953928ddfa30d565551ecf09fe2420479f2af

Request headers

Referer: https://static.assetlab.io/
Origin: https://posty.lnk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 6QfHoSLi8D0hZ8GH.358xmsYXPD21ebG
date: Mon, 29 Jul 2024 14:21:53 GMT
via: 1.1 ed4584f7c263c11cf4adf75ba3a25764.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
age: 44739
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 25840
last-modified: Thu, 07 Dec 2023 15:19:56 GMT
server: AmazonS3
etag: "cc3d30a6545d5217e219fa6e9b17d708"
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: Mo_Mj4cetApqol23fsw1rdETIySCuUnYDdhYO31qhwlJiJLBTKQbVg==

GET
H2 200 IBMPlexSans-Regular.woff
cdn.linkfire.com/fonts/ 24 KB
24 KB 124ms
26ms Font
application/font-woff 108.139.47.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkfire.com/fonts/IBMPlexSans-Regular.woff
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh-light.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-8.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1df9c953053965fc56c34399bc55ac59f6ab462e6027ce3cb0643d8028319ab3

Request headers

Referer: https://static.assetlab.io/
Origin: https://posty.lnk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Ook11omPFO9UPvfXfjgVP61zDIApcoGC
date: Mon, 29 Jul 2024 09:01:07 GMT
via: 1.1 ed4584f7c263c11cf4adf75ba3a25764.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
age: 64001
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24448
last-modified: Thu, 07 Dec 2023 15:19:57 GMT
server: AmazonS3
etag: "c0caf3a69092fc5c08443b413ea38896"
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: xWRblgcsKrEneSE3whL89ERUi3GrNhJlzD2UiSlbJMHKVjyOLFcZiQ==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/ 473 KB
148 KB 28ms
27ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4296b357302c4a1d889d19d8bd507a5687afd5f0c9d44e400e3ffd8b3ed27169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 12:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52549
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151336
x-xss-protection: 0
server: cafe
etag: 16867536993307840219
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 29 Jul 2025 12:11:42 GMT

GET
H2 200 consent.css
static.assetlab.io/consent/1.11.5/ 26 KB
5 KB 29ms
28ms Stylesheet
text/css 108.156.120.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.11.5/consent.css
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.5/consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.120.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-120-53.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05a5fac03580933e0a88b0749020180b52b3f53580684264a0cae62686739071

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: WTvuGC2z1ERFXKMCLZ9XULrgIJWRlKQX
content-encoding: gzip
via: 1.1 47f81868b329bf877f7a46684a31c756.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 06:36:14 GMT
last-modified: Thu, 09 Nov 2023 11:02:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P3
age: 72678
x-amz-server-side-encryption: AES256
etag: W/"a92b7b63d3b8f97456c3cb33d63a5e8b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: ODJTzDdNzsHcxFDLgKVg5P7XxAX8TgcO4wjZ7V6dq7VRkSHJusSnUw==

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/9923941/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

18ms
17ms

Script
application/javascript

18.154.227.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Server: 18.154.227.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-51.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 09:27:21 GMT
content-encoding: gzip
via: 1.1 776fbf9a4fc4b393f157f9f75dd29a06.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:02:23 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5
age: 62411
etag: W/"77ff4ede4693897337a38594321529a3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: cgQ-qUAs-A8QucWbkE_DaRujkQFJoecpkFTi9eT3La-uzEuDAFVWkA==

Redirect headers

date: Tue, 30 Jul 2024 02:47:31 GMT
via: 1.1 776fbf9a4fc4b393f157f9f75dd29a06.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P5
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: a0V6rPUDMd-kwk9JcDgR4fS90jHXHc4nxS3hZvGQ26VnecHTl5S84A==

POST
H2 200 / Show response
posty.lnk.to/~/tr/visit/ 70 B
229 B 87ms
85ms XHR
application/json 44.195.106.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://posty.lnk.to/~/tr/visit/
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.195.106.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-106-66.compute-1.amazonaws.com
Software: /
Resource Hash: d65091d82bae08431b230ca67c78eda5997343fba14533f00d8be6d7c6f1ad77

Request headers

Referer: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
x-redirector-version: redirector-v3
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=UTF-8

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 6208 0
0 51ms
18ms Document
text/html 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28869
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jul 2024 02:35:17 GMT
expires: Tue, 30 Jul 2024 03:25:17 GMT
last-modified: Mon, 29 Jul 2024 19:44:55 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
609 B 62ms
62ms Fetch
text/plain 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3872087307521902&correlator=1531930413318787&eid=31083346%2C44777897%2C21065725%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407250101&ptt=17&impl=fif&iu_parts=22051246401%2CHeader_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1722307651344&lmt=1722307651&adxs=0&adys=-160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722307650679&idt=584&cust_params=genre%3DCountry%252CCountry%26explicit%3Dno%26artist%3Dpost%2520malone%2520blake%2520shelton%252Cpost%2520malone%252Cblake%2520shelton%26album%3DPour%2520Me%2520A%2520Drink%26linkid%3D861f0f96-d1c1-4548-9f37-d394a3e74f4f%26boardid%3D461580f2-9cc2-43d5-9ec3-a9ce5a854d34%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6ee969a8-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DUS%26city%3DNew%2520York%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=2736067097&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d43c9276e1e2a8ec8714289f1d6d232bee0e0f394fea3d7a92e8794e244f43d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 579
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://posty.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 773 B
379 B 70ms
69ms Fetch
text/plain 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3872087307521902&correlator=1531930413318787&eid=31083346%2C44777897%2C21065725%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407250101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-Click_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1722307651361&lmt=1722307651&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722307650679&idt=584&cust_params=genre%3DCountry%252CCountry%26explicit%3Dno%26artist%3Dpost%2520malone%2520blake%2520shelton%252Cpost%2520malone%252Cblake%2520shelton%26album%3DPour%2520Me%2520A%2520Drink%26linkid%3D861f0f96-d1c1-4548-9f37-d394a3e74f4f%26boardid%3D461580f2-9cc2-43d5-9ec3-a9ce5a854d34%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6ee969a8-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DUS%26city%3DNew%2520York%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=1338496054&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b278c9fa55878e3d1c18e60c68d2a0fb7127f36e57cd9c490717982ad3cfa8a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 349
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://posty.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 780 B
380 B 66ms
65ms Fetch
text/plain 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3872087307521902&correlator=1531930413318787&eid=31083346%2C44777897%2C21065725%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407250101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-amazon-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1722307651366&lmt=1722307651&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722307650679&idt=584&cust_params=genre%3DCountry%252CCountry%26explicit%3Dno%26artist%3Dpost%2520malone%2520blake%2520shelton%252Cpost%2520malone%252Cblake%2520shelton%26album%3DPour%2520Me%2520A%2520Drink%26linkid%3D861f0f96-d1c1-4548-9f37-d394a3e74f4f%26boardid%3D461580f2-9cc2-43d5-9ec3-a9ce5a854d34%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6ee969a8-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DUS%26city%3DNew%2520York%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=1902184223&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dac44a76268f6303045e3680733d2f56492bc3a8224adf4ac5fe89c8e80bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 350
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://posty.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 781 B
385 B 59ms
57ms Fetch
text/plain 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3872087307521902&correlator=1531930413318787&eid=31083346%2C44777897%2C21065725%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407250101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-spotify-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1722307651370&lmt=1722307651&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722307650679&idt=584&cust_params=genre%3DCountry%252CCountry%26explicit%3Dno%26artist%3Dpost%2520malone%2520blake%2520shelton%252Cpost%2520malone%252Cblake%2520shelton%26album%3DPour%2520Me%2520A%2520Drink%26linkid%3D861f0f96-d1c1-4548-9f37-d394a3e74f4f%26boardid%3D461580f2-9cc2-43d5-9ec3-a9ce5a854d34%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6ee969a8-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DUS%26city%3DNew%2520York%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=4288002596&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c84990400258eb37cf137a823a1c5d69ba72315c4c3bef8c5c7160178134e04d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 355
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://posty.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 779 B
382 B 71ms
69ms Fetch
text/plain 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3872087307521902&correlator=1531930413318787&eid=31083346%2C44777897%2C21065725%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407250101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-tidal-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1722307651375&lmt=1722307651&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722307650679&idt=584&cust_params=genre%3DCountry%252CCountry%26explicit%3Dno%26artist%3Dpost%2520malone%2520blake%2520shelton%252Cpost%2520malone%252Cblake%2520shelton%26album%3DPour%2520Me%2520A%2520Drink%26linkid%3D861f0f96-d1c1-4548-9f37-d394a3e74f4f%26boardid%3D461580f2-9cc2-43d5-9ec3-a9ce5a854d34%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6ee969a8-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DUS%26city%3DNew%2520York%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=3635752911&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eb7c05770cfc55921a70c64e63de994a684c9c78e9b1aa34ffc97f494d464f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 352
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://posty.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 785 B
382 B 80ms
78ms Fetch
text/plain 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3872087307521902&correlator=1531930413318787&eid=31083346%2C44777897%2C21065725%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407250101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-apple-music-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=6&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1722307651378&lmt=1722307651&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722307650679&idt=584&cust_params=genre%3DCountry%252CCountry%26explicit%3Dno%26artist%3Dpost%2520malone%2520blake%2520shelton%252Cpost%2520malone%252Cblake%2520shelton%26album%3DPour%2520Me%2520A%2520Drink%26linkid%3D861f0f96-d1c1-4548-9f37-d394a3e74f4f%26boardid%3D461580f2-9cc2-43d5-9ec3-a9ce5a854d34%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6ee969a8-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DUS%26city%3DNew%2520York%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=3334755453&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65d381b3a4bc51220c507dc5037f012f983b0ecfa0e3c0c650983b141f6f2861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 352
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://posty.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 773 B
375 B 80ms
79ms Fetch
text/plain 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3872087307521902&correlator=1531930413318787&eid=31083346%2C44777897%2C21065725%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407250101&ptt=17&impl=fif&iu_parts=22051246401%2CFooter_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x100%7C300x250%7C320x50%7C320x100%7C320x120&ifi=7&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1722307651381&lmt=1722307651&adxs=650&adys=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&vis=1&psz=300x0&msz=300x0&fws=4&ohw=400&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722307650679&idt=584&cust_params=genre%3DCountry%252CCountry%26explicit%3Dno%26artist%3Dpost%2520malone%2520blake%2520shelton%252Cpost%2520malone%252Cblake%2520shelton%26album%3DPour%2520Me%2520A%2520Drink%26linkid%3D861f0f96-d1c1-4548-9f37-d394a3e74f4f%26boardid%3D461580f2-9cc2-43d5-9ec3-a9ce5a854d34%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6ee969a8-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DUS%26city%3DNew%2520York%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=309253681&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fe1f2aa9d9425ea5c968a1944c7e48cc5a521a981afb7d358cc5849f8efbe94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 345
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://posty.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
cf3eab2a6c9fea51ef678e45343674a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E061 0
0 150ms
29ms Document
text/html 2607:f8b0:4004:c21::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cf3eab2a6c9fea51ef678e45343674a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jul 2024 02:47:31 GMT
expires: Tue, 30 Jul 2024 02:47:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/ 3 KB
2 KB 43ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js?_=1722307651400

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/legacy-scripts.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 997384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1065
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7XXxxRaZWVmwiV6ronaSoqeZ0KmWF200zthGVychPebKP5om28om0ZCmvQKCE5JMk%2BD8QtKBdN06nNOZK6mbXgwL8WqXr32fu4IJqblh6wQZj12OxWGN%2BIGmVL13BYapmD3J15clo39OK2PPjJkTkioE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ab206457ea78c1d-EWR
expires: Sun, 20 Jul 2025 02:47:31 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 53 KB
19 KB 113ms
88ms Script
text/javascript 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

ccec011844fbf48474385dc5d3f63bd821a39f107012b8d10e6fc2b0e7ddb07b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19460
x-xss-protection: 0
server: cafe
etag: 14151727515466952157
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Jul 2024 02:47:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
84 KB 111ms
51ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801112914

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

797a598920fb381cdba04d95a0cafb839833535f129b8439b2f9aa6a6f304499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85523
x-xss-protection: 0
last-modified: Tue, 30 Jul 2024 00:16:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Jul 2024 02:47:31 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 49 KB
21 KB 103ms
44ms Script
application/javascript 3.163.245.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.245.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: dc242f2acb69deaa2c17cce616c89430cd666771b2e8303465bbfdc340d39663

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: gzip
via: 1.1 264f765d2ad734b490f4728d6de8ce04.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 21227
x-amz-cf-id: C7q9wKoeubypiOvs5NI0k6ejGfwPR0rigW7UlsohZdpJDGYKemNDxw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 79ms
17ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jul 2024 02:47:31 GMT
document-policy: force-load-at-top
x-fb-server-load: 30
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=12, mss=1328, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: MctU1CrxA9cXSqhZGNp9z+OZdUf1eX8lt7jI3Fb2pUHznO++RJ0FUUxuy+81mVl9Se8JgmbHIPcS412sffdbpg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/4.0/ 58 KB
20 KB 75ms
21ms Script
text/javascript 13.249.39.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/4.0/td.min.js
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.39.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-39-75.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2953217b5e320afbe57db90ecb6b3081e7eeae485330fe325b8b1ff17519f3c4

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 04:38:27 GMT
Content-Encoding: gzip
Via: 1.1 263d97c176fc51d1d08116820c013de4.cloudfront.net (CloudFront)
Age: 425345
X-Amz-Cf-Pop: IAD89-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Thu, 25 Jul 2024 04:38:21 GMT
Server: AmazonS3
Etag: W/"e3df5edbe80dfeefb99eba311109e1ee"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: Z_C2ES5NKhxzsIEbn4mOAHv9p5c7K_ayXgS2x2dY1-I1dzYaic48kQ==

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

56 KB
15 KB

103ms
28ms

Script
application/javascript

146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 00:26:35 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000145-IAD

Redirect headers

Date: Tue, 30 Jul 2024 02:47:31 GMT
Server: ECS (nyd/D105)
x-tw-cdn: VZ
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Location: https://static.ads-twitter.com/oct.js
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= ,x-tw-cdn;desc=VZ
Content-Length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 78ms
25ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-54175133-1

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93f9d8b7b6894e6c2a50c10cb550195929fc2e5d57e4d04c5b1fcb36389e40d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76459
x-xss-protection: 0
last-modified: Tue, 30 Jul 2024 00:16:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Jul 2024 02:47:31 GMT

GET
H2 200 28 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 218ms
129ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/28?url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&metadata=linkfire
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c04ae677cad338840ba6212d85eb12cbef2aa877d338d10cf940daea2b87be3e

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 30 Jul 2024 02:47:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 8ab20646599c8cbd-EWR

GET
H2 200 99 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 210ms
122ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/99?url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&metadata=linkfire
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 135f38fde765ee68085c1ae7aa191a4b179cfb99ca6853c2b42f9fb8849d5b17

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 30 Jul 2024 02:47:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 8ab20646599a8cbd-EWR

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/ 66 KB
23 KB 79ms
24ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/latest.min.js

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff362590942cd8bb93423aefea52b6f7c6cdabbc9e43e8e8833d6b3164959133

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4162
last-modified: Tue, 30 Jul 2024 01:38:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fhj57BK7lRV7picTk%2Ff3XfdwKC%2B6NX%2BZco%2FepPqLHtrdd2aSn9yxYfSMP%2Fnmiw5gPw0p24bnFpbK6drWDonDupgN2%2FmFdst9lRrW7bkCmv7aH5fsFh2EPfM8jSr029x%2BwqqciVtbGv20"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
x-lytics-trace: 7ef2211ffa6049cfb198e32051e0fee2
cf-ray: 8ab206465bedc46d-EWR

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 7 KB
3 KB 157ms
103ms Script
application/javascript 23.53.35.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BV8MCH9G18MG0UVLUJRG&lib=ttq
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bd36e885cb5adefc8c12432e4d8d0747a80aa9045c5d4a5d195c95e3a7d56aa8

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 5d05a347
date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2407300247315D2475FBCE63F1654AC2-6BE0D18DDA2BF859-00
x-cache: TCP_MISS from a23-52-15-69.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=13, origin; dur=20
content-length: 2488
pragma: no-cache
server: nginx
x-tt-logid: 202407300247315D2475FBCE63F1654AC2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.52.15.69
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d551f5e8684db153b5e09ea73955f4a840d1990368ce1a1079872e1184b13ecf32424540c2e716884d0cf10a65b13c69931f3b847d06710c489f796be6bcaefc5a804d6f1f4744519cbf0ee3609408226
expires: Tue, 30 Jul 2024 02:47:31 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 87ms
50ms Script
application/javascript 23.53.35.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2K13UKST06BEPRUJF8G&lib=ttq
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5114f94a479198c25803b0fd303e8e1c0268f9f7540aeb0ba58cf3387e3188c1

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 5d05a34a
date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24073002473196AB8E13F5364B664E14-186CCF35B33B4E33-00
x-cache: TCP_MISS from a23-52-15-69.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=3, origin; dur=13
content-length: 2414
pragma: no-cache
server: nginx
x-tt-logid: 2024073002473196AB8E13F5364B664E14
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.52.15.69
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d551f5e8684db153b5e09ea73955f4a841ed8c5b8e546f29c8289a6ac084425a5e4cfed990ab037a226c5ab0fdf0317db8003d586a055aaad1d98d7009bdf693199731a8d6234e7cb25dbfe2eba56455a
expires: Tue, 30 Jul 2024 02:47:31 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 86ms
50ms Script
application/javascript 23.53.35.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C56BFVO00UN7QUNFQJP0&lib=ttq
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1abcfe03b13c9e5e8ff2ef9307c57fb816bfef850f9ce1ae90c07384ef98ae70

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 5d05a34c
date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240730024731CE20C68B39BA2969AD90-79B0D1C7BF388887-00
x-cache: TCP_MISS from a23-52-15-69.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=2, origin; dur=21
content-length: 2135
pragma: no-cache
server: nginx
x-tt-logid: 20240730024731CE20C68B39BA2969AD90
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 21,23.52.15.69
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d551f5e8684db153b5e09ea73955f4a846d6b756caeef260443b69a02fd33034bff4d33c48a3ab0c52455af4d42c276f9ed779daf5b3fd289e08fce5111d400c7677993687226eb17f1c097d6a2012cd8
expires: Tue, 30 Jul 2024 02:47:31 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 7 KB
3 KB 410ms
383ms Script
application/javascript 23.53.35.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C56DKSBG5HFBPDLO1D50&lib=ttq
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9886a3f808e1ccc128682351d014c9d704f176449c7f7ec4bedfff745d60bd87

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 5d05a349
date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2407300247315D2475FBCE63F1654ACB-2D5B6F6EC8872E97-00
x-cache: TCP_MISS from a23-52-15-69.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=53, origin; dur=143
content-length: 2557
pragma: no-cache
server: nginx
x-tt-logid: 202407300247315D2475FBCE63F1654ACB
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 143,23.52.15.69
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d551f5e8684db153b5e09ea73955f4a840d1990368ce1a1079872e1184b13ecf3e2a86561f4e17927309f35d2e3caaccc4703c9214644b2521a3645ae47fff23cdf5023ee65363918699bbfca0152943f
expires: Tue, 30 Jul 2024 02:47:31 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1722307651550&ns_c=UTF-8&cs_fpid=9628361e1379ef4d648a2c3c97e3f8ea&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscorek...
https://sb.scorecardresearch.com/b2?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1722307651550&ns_c=UTF-8&cs_fpid=9628361e1379ef4d648a2c3c97e3f8ea&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscore...

0
226 B

33ms
29ms

Image
text/plain

18.154.227.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1722307651550&ns_c=UTF-8&cs_fpid=9628361e1379ef4d648a2c3c97e3f8ea&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscorekw=umg&c7=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&c8=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&c9=
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Server: 18.154.227.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-51.iad55.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
via: 1.1 776fbf9a4fc4b393f157f9f75dd29a06.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P5
x-amz-cf-id: AA1IiE5IeWuxpYLi7Dhw0xQQ0p6WBT4nLAAzgowBf2OolgqEXYfaQw==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 30 Jul 2024 02:47:31 GMT
via: 1.1 776fbf9a4fc4b393f157f9f75dd29a06.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P5
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1722307651550&ns_c=UTF-8&cs_fpid=9628361e1379ef4d648a2c3c97e3f8ea&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscorekw=umg&c7=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&c8=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&c9=
content-length: 0
x-amz-cf-id: a5czIlGG5JAUCwrCQ8JWEcgGKzveTPL_zZA4JWupmzKEMWEnu-O4cg==

GET
H2 200 ic-shield-blue.svg
static.assetlab.io/consent/1.11.5/assets/ 1 KB
1 KB 29ms
26ms Image
image/svg+xml 108.156.120.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/consent/1.11.5/assets/ic-shield-blue.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.5/consent.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.120.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-120-53.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d

Request headers

Referer: https://static.assetlab.io/consent/1.11.5/consent.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: FErtI0gzNDEeWzVCQ3e9MVmPMLaJLitq
content-encoding: gzip
via: 1.1 47f81868b329bf877f7a46684a31c756.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 08:36:41 GMT
last-modified: Thu, 09 Nov 2023 11:02:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P3
age: 65878
x-amz-server-side-encryption: AES256
etag: W/"560dd3386ebf80f78c934aeff4a6a82c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: vGc0N_UAsob5t62YofXpPQ5BM8TmYh3yy711W5liGCZW_Cyi_thS3w==

GET
H2 200 ic-close-s.svg
static.assetlab.io/consent/1.11.5/assets/ 351 B
759 B 30ms
28ms Image
image/svg+xml 108.156.120.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/consent/1.11.5/assets/ic-close-s.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.5/consent.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.120.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-120-53.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68

Request headers

Referer: https://static.assetlab.io/consent/1.11.5/consent.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 5joISQP4Yz0J9BIQ9cfsXECmH7OtFwmP
date: Mon, 29 Jul 2024 08:27:20 GMT
via: 1.1 47f81868b329bf877f7a46684a31c756.cloudfront.net (CloudFront)
last-modified: Thu, 09 Nov 2023 11:02:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P3
age: 66012
x-amz-server-side-encryption: AES256
etag: "d303b6c7d844d91101e1e4c63156cfec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 351
x-amz-cf-id: kN8ZrAQ4DepWo7nFXJ6MFgsiX0gatA1eSOnfJsehsuFZJUwdazXOvQ==

POST
H2 200 pageviews Show response
us01.records.in.treasuredata.com/streaming_src_prod/ 90 B
420 B 295ms
243ms Fetch
application/vnd.treasuredata.v1.js+json 3.225.90.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us01.records.in.treasuredata.com/streaming_src_prod/pageviews?modified=1722307651592

Requested by

Host: cdn.treasuredata.com
URL: https://cdn.treasuredata.com/sdk/4.0/td.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.90.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-90-137.compute-1.amazonaws.com

Software

Resource Hash

1faa3922866d8fc8facd5042a5a189a9850a3b1af57b64dff652617c6649e4d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/vnd.treasuredata.v1.js+json
Referer: https://posty.lnk.to/
Authorization: TD1 12428/c3daa75715f063718eea09d46051aba892b06ad5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/vnd.treasuredata.v1.js+json

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
content-type: application/vnd.treasuredata.v1.js+json
access-control-allow-origin: https://posty.lnk.to
cache-control: no-store
access-control-allow-credentials: true
content-length: 90

OPTIONS
H2 200 pageviews
us01.records.in.treasuredata.com/streaming_src_prod/ Frame 0
0 89ms
18ms Preflight
text/plain 3.225.90.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us01.records.in.treasuredata.com/streaming_src_prod/pageviews?modified=1722307651592

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.90.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-90-137.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://posty.lnk.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,User-Agent,Authorization
access-control-allow-methods: HEAD,GET,POST
access-control-allow-origin: https://posty.lnk.to
access-control-max-age: 7200
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 30 Jul 2024 02:47:31 GMT
strict-transport-security: max-age=31536000
vary: Origin

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
93 KB 34ms
32ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SK2KRMG100&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54175133-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b94ae30beaa7a731be46e19ff6eaa948bbe5b3369bf36b62cf8645f777dfac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Jul 2024 02:47:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 73ms
23ms Script
text/javascript 2607:f8b0:4004:c1f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54175133-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jul 2024 01:24:11 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5000
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 30 Jul 2024 03:24:11 GMT

GET
H2 200 b689c86a-45c8-417b-a0f7-be1211b895bd.json Show response
tr.snapchat.com/config/to/ 103 B
198 B 145ms
92ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/to/b689c86a-45c8-417b-a0f7-be1211b895bd.json?v=3.24.0-2407292126

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

eeba3ace9cbfefe01391c267ac236776ebe26bf6cd629ea90a9fb07f7253042b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept: application/json
Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
observe-browsing-topics: ?1
content-type: application/json
access-control-allow-origin: https://posty.lnk.to
x-envoy-upstream-service-time: 39
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103

GET
H2 200 i
tr.snapchat.com/cm/ Frame 7B76 0
0 103ms
59ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=b689c86a-45c8-417b-a0f7-be1211b895bd&u_scsid=4999cc24-6162-47c3-8767-115232fd5d36&u_sclid=1b389e24-3435-4a4f-aded-3e1efd6610dd

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://posty.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Tue, 30 Jul 2024 02:47:31 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 562e8a15-b601-46c1-9ad7-1be1d5569d93.js Show response
tr.snapchat.com/config/to/ 196 B
251 B 140ms
90ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/to/562e8a15-b601-46c1-9ad7-1be1d5569d93.js?v=3.24.0-2407292126

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

f1c24b3475640eeea101d42d9ae80686d9e54dfd2c5666638845b1e9b63c75dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://posty.lnk.to/
Origin: https://posty.lnk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://posty.lnk.to
x-envoy-upstream-service-time: 36
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 196

GET
H2 200 i
tr.snapchat.com/cm/ Frame AD2F 0
0 96ms
58ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=562e8a15-b601-46c1-9ad7-1be1d5569d93&u_scsid=4999cc24-6162-47c3-8767-115232fd5d36&u_sclid=1b389e24-3435-4a4f-aded-3e1efd6610dd

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://posty.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: clear h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Tue, 30 Jul 2024 02:47:31 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 a02431f0-2da6-44ed-a557-26ff61410dbf.js Show response
tr.snapchat.com/config/to/ 196 B
473 B 132ms
86ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/to/a02431f0-2da6-44ed-a557-26ff61410dbf.js?v=3.24.0-2407292126

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

27c621bcf54245087460636275667abc0fada8175d4a824dd9bdca25ad3440d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://posty.lnk.to/
Origin: https://posty.lnk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://posty.lnk.to
x-envoy-upstream-service-time: 36
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 196

GET
H2 200 i
tr.snapchat.com/cm/ Frame 7349 0
0 93ms
57ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=a02431f0-2da6-44ed-a557-26ff61410dbf&u_scsid=4999cc24-6162-47c3-8767-115232fd5d36&u_sclid=1b389e24-3435-4a4f-aded-3e1efd6610dd

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://posty.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Tue, 30 Jul 2024 02:47:31 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1017011664/ 3 KB
2 KB 298ms
92ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017011664/?random=1722307651713&cv=9&fst=1722307651713&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=artist%3DPost%20Malone%5C%2C%20Blake%20Shelton%3Balbum%3DPour%20Me%20A%20Drink%3Bupcs%3D00602465924589%3Bgenre%3DCountry%3Btags%3Dblake%20shelton%2Ccountry%2CPost%20Malone%2Cpour%20me%20a%20drink%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DPost%20Malone%3Burl%3Dposty.lnk.to%2Fpourmeadrink%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DNew%20York%3Bartists%3DPost%20Malone%3Breferrer%3Ddirect%3Baction%3Dpageview&frm=0&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&tiba=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47adf75a8692efb19308f90e2458bf48677051ced568f88f3ab364cbf2bbe0c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1687
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/950249395/ 3 KB
2 KB 257ms
52ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950249395/?random=1722307651718&cv=9&fst=1722307651718&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925%2C509562772%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=artist%3DPost%20Malone%5C%2C%20Blake%20Shelton%3Balbum%3DPour%20Me%20A%20Drink%3Bupcs%3D00602465924589%3Bgenre%3DCountry%3Btags%3Dblake%20shelton%2Ccountry%2CPost%20Malone%2Cpour%20me%20a%20drink%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DPost%20Malone%3Burl%3Dposty.lnk.to%2Fpourmeadrink%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DNew%20York%3Bartists%3DPost%20Malone%3Breferrer%3Ddirect%3Baction%3Dpageview&frm=0&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&tiba=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfa4e5cc65fe1b15b8b9066c0521026ef8b3c6ff0d8cdd5b1a2322c6eadb0830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1704
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f1d9d94ded8b13388a12e4bb69e532f1 Show response
c.lytics.io/cid/ 24 B
487 B 54ms
51ms Script
text/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/cid/f1d9d94ded8b13388a12e4bb69e532f1?assign=false&callback=u_749204913389032000

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9bd2a0834b4f41db972be823eb7152df0e4a3d74c5326fe8ebf2ce880ddcf4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 24
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q18Ok6Orn2JtnxyKfU2iDXWLjdwplgcwewRRT9E0jUsf%2F0cCJwro%2FYui5tv%2B5ws%2FSGHquhuDWY5JDyLnVcLy4WGAczdUfPo4J3Yxgp8BM9CAN5XamcbNFRUV6A3Sv%2FfUbXZ8ANPLU8BE"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: f6a9c082078c870ca14e5bc8c667d2c0
cf-ray: 8ab206476d45c46d-EWR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 1846609132302434 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 18ms
17ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1846609132302434?v=2.9.162&r=stable&domain=posty.lnk.to&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

62ed4d7198d9c78a9668d6a639e81d1a3dde7d0d4174011fc26a7f76641a1e1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jul 2024 02:47:31 GMT
document-policy: force-load-at-top
x-fb-server-load: 39
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12342
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=52, mss=1328, tbw=64198, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: QCXVdmGzuPkz3iLnV2uwN+DCfuYWhlY2zn0ud7DCzPVMLglsBQHwlWGX6gE0QN5G47tNgSv2d859YjWBX6N4Kw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=95250753&rnd=414923204.1722307652&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM&dma=0&npa=0&gtm=45be47t0v9169071275za200&auid...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=95250753&rnd=414923204.1722307652&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM&dma=0&npa=0&gtm=45be47t0v9169071...

42 B
64 B

45ms
44ms

Ping
image/gif

2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=95250753&rnd=414923204.1722307652&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM&dma=0&npa=0&gtm=45be47t0v9169071275za200&auid=1595076106.1722307652&frm=0

Requested by

Protocol

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=95250753&rnd=414923204.1722307652&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM&dma=0&npa=0&gtm=45be47t0v9169071275za200&auid=1595076106.1722307652&frm=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801112914/ 3 KB
2 KB 152ms
63ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801112914/?random=1722307651806&cv=11&fst=1722307651806&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9169071275za200&gcd=13t3t3t3t5&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&hn=www.googleadservices.com&frm=0&tiba=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&npa=0&pscdl=noapi&auid=1595076106.1722307652&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801112914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

722b26d758f702021fef6429f0720ed30daa8f299fa1e4db2479bbe66d1ee50e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1530
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
84 KB 30ms
30ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-802909747&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54175133-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5236c1a7e797c8e1bd444bf333b3426e6faa79a80076278dc5b552234efbb62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85459
x-xss-protection: 0
last-modified: Tue, 30 Jul 2024 00:16:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Jul 2024 02:47:31 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801112914/ 3 KB
2 KB 85ms
41ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801112914/?random=1722307651866&cv=11&fst=1722307651866&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9169071275za200&gcd=13t3t3t3t5&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&hn=www.googleadservices.com&frm=0&tiba=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&npa=0&pscdl=noapi&auid=1595076106.1722307652&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&delc=United%20States&data=event%3Dpage_view%3Bartist%3DPost%20Malone%5C%2C%20Blake%20Shelton%3Balbum%3DPour%20Me%20A%20Drink%3Bupcs%3D00602465924589%3Bgenre%3DCountry%3Btags%3Dblake%20shelton%2Ccountry%2CPost%20Malone%2Cpour%20me%20a%20drink%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DPost%20Malone%3Burl%3Dposty.lnk.to%2Fpourmeadrink%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DNew%20York%3Bartists%3DPost%20Malone%3Baction%3Dpageview&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801112914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b985f625322e527136515dcda7a6fa29ffdbfa4bf40ebb661d1d84706b0612f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1711
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWViM2RlMTc3MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 343 KB
99 KB 21ms
20ms Script
application/javascript 23.53.35.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2K13UKST06BEPRUJF8G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c4446f839fc90df1a9cf2857be70c3fa2304d199f645767af9008df71cd7f77b

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 5d05ad23
date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024072912414037C53DE019CD97342585
x-tt-trace-id: 00-24072912414037C53DE019CD97342585-1F70FEFD992BBCD6-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-52-15-69.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01801e093cc4e4fd45cc34d79d2d3001c8e1aa9d20b15e504123ade7b8b48ff0b4e5a273a70488d7903c3be23c385cab66ecfba107c06b9089860f923e71cd48113fbe169f10c6f2cadd0777245b3ba41133a09e4b60460afefc0cdc9a2975285e
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 100309

GET
H2 200 main.MWViM2RlMTc3MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 338 KB
97 KB 66ms
64ms Script
application/javascript 23.53.35.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C56BFVO00UN7QUNFQJP0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 18f49c5cb5c574c53ef04470a71ea5d30679011e70a0f1c2b7405af20bb870d0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 5d05ad2f
date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240729124144A551183371825F197CB2
x-tt-trace-id: 00-240729124144A551183371825F197CB2-663B3B1F7D55A988-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-52-15-69.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 016c28bb037d748e3871db46317b31014a05d0b86b15796a5c49379cb27cb7438b30a92ba0931f7629676d1cacd7ee2423cc851dc3a67bcbd9f9f9517948eca45f3197436d926ac7f8c6c3561b269325160103e30917343cf506bace049df39725
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 98608

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
12 KB 69ms
21ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?partner_id=99&sync=1&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/99?url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&metadata=linkfire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:31 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
server: cloudflare
x-amz-request-id: 4GNMNHQXA94JVW78
age: 5802
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=432000
cf-ray: 8ab20648af4d0ccd-EWR
x-amz-id-2: FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
expires: Sun, 04 Aug 2024 02:47:31 GMT

GET
H2 200 99 Show response
p.ad.gt/api/v1/p/ 41 KB
14 KB 109ms
24ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/99
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/99?url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&metadata=linkfire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4feee07cc8d5272a6c10443de46e3df0e586f99bac96569ba408d92c0383002

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 30 Jul 2024 02:43:28 GMT
server: cloudflare
age: 131
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8ab206490fc341a6-EWR

GET
H2 200 ip_match
ids.ad.gt/api/v1/ 0
192 B 288ms
81ms Image
text/html 52.42.80.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001722307652-EMF58FPO-GESX
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.80.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-80-15.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
server: nginx/1.24.0
content-length: 0
content-type: text/html; charset=utf-8

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001722307652-EMF58FPO-GESX&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001722307652-EMF58FPO-GESX%26adnxs_id%3D%24UID%26gdpr%3D0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001722307652-EMF58FPO-GESX&adnxs_id=3930559862573526092&gdpr=0

43 B
143 B

139ms
89ms

Image
image/gif

52.42.80.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001722307652-EMF58FPO-GESX&adnxs_id=3930559862573526092&gdpr=0
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Server: 52.42.80.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-80-15.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
an-x-request-uuid: d2fd864c-4abe-4e8f-9eaa-616749276ba6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001722307652-EMF58FPO-GESX&adnxs_id=3930559862573526092&gdpr=0
x-proxy-origin: 5.181.234.133; 5.181.234.133; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001722307652-EMF58FPO-GESX&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001722307652-EMF58FPO-GESX&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=e929fc2b-786f-427a-91e4-7e8269165912&id=AU1D-0100-001722307652-EMF58FPO-GESX

43 B
143 B

120ms
85ms

Image
image/gif

52.42.80.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=e929fc2b-786f-427a-91e4-7e8269165912&id=AU1D-0100-001722307652-EMF58FPO-GESX
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Server: 52.42.80.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-80-15.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/t_match?tdid=e929fc2b-786f-427a-91e4-7e8269165912&id=AU1D-0100-001722307652-EMF58FPO-GESX
date: Tue, 30 Jul 2024 02:47:32 GMT
server: Kestrel
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001722307652-EMF58FPO-GESX
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001722307652-EMF58FPO-GESX
https://ids.ad.gt/api/v1/pbm_match?pbm=3B64A4F2-2606-443B-BF0E-B5D8DF01F62F&id=AU1D-0100-001722307652-EMF58FPO-GESX

43 B
144 B

108ms
78ms

Image
image/gif

52.42.80.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=3B64A4F2-2606-443B-BF0E-B5D8DF01F62F&id=AU1D-0100-001722307652-EMF58FPO-GESX
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Server: 52.42.80.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-80-15.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=3B64A4F2-2606-443B-BF0E-B5D8DF01F62F&id=AU1D-0100-001722307652-EMF58FPO-GESX
date: Tue, 30 Jul 2024 02:47:30 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
1 KB 608ms
135ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001722307652-EMF58FPO-GESX&gdpr=0
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 574abe46412f7df61ec8713ff1a5b646
Expires: 0

GET
H2

200

tapad_match
ids.ad.gt/api/v1/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001722307652-EMF58FPO-GESX&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001722307652...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001722307652-EMF58FPO-GESX&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001722...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=06f526cd-60ae-451f-b77b-2b62d89fb83c%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e929fc2b-786f-427a-91e4-7e8269165912&ttd_puid=06f526cd-60ae-451f-b77b-2b62d89fb83c%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001722307652-EMF58FPO-GESX&tapad_id=06f526cd-60ae-451f-b77b-2b62d89fb83c

43 B
143 B

99ms
98ms

Image
image/gif

52.42.80.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001722307652-EMF58FPO-GESX&tapad_id=06f526cd-60ae-451f-b77b-2b62d89fb83c
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Server: 52.42.80.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-80-15.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 30 Jul 2024 02:47:32 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001722307652-EMF58FPO-GESX&tapad_id=06f526cd-60ae-451f-b77b-2b62d89fb83c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001722307652-EMF58FPO-GESX
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001722307652-EMF58FPO-GESX&google_gid=CAESEAE3kQAW_a6gpj4XlMki1hU&google_cver=1&google_ula=450542624,0

43 B
143 B

141ms
140ms

Image
image/gif

52.42.80.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001722307652-EMF58FPO-GESX&google_gid=CAESEAE3kQAW_a6gpj4XlMki1hU&google_cver=1&google_ula=450542624,0
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Server: 52.42.80.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-80-15.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001722307652-EMF58FPO-GESX&google_gid=CAESEAE3kQAW_a6gpj4XlMki1hU&google_cver=1&google_ula=450542624,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001722307652-EMF58FPO-GESX
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMjMwNzY1Mi1FTUY1OEZQTy1HRVNY

170 B
243 B

51ms
28ms

Image
image/png

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMjMwNzY1Mi1FTUY1OEZQTy1HRVNY

Requested by

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMjMwNzY1Mi1FTUY1OEZQTy1HRVNY
date: Tue, 30 Jul 2024 02:47:32 GMT
server: nginx/1.24.0
content-length: 453
content-type: text/html; charset=utf-8

GET
H2

200

amo_match
ids.ad.gt/api/v1/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001722307652-EMF58FPO-GESX
https://ids.ad.gt/api/v1/amo_match?turn_id=8081864309992959030&id=AU1D-0100-001722307652-EMF58FPO-GESX

43 B
143 B

97ms
70ms

Image
image/gif

52.42.80.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/amo_match?turn_id=8081864309992959030&id=AU1D-0100-001722307652-EMF58FPO-GESX
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Server: 52.42.80.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-80-15.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/amo_match?turn_id=8081864309992959030&id=AU1D-0100-001722307652-EMF58FPO-GESX
pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

colossus
ids.ad.gt/api/v1/
Redirect Chain

https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001722307652-EMF58FPO-GESX&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-...
https://ids.ad.gt/api/v1/colossus?cls_id=615a215d-f906-42ae-ba19-fa2f4d3c0428&id=AU1D-0100-001722307652-EMF58FPO-GESX

43 B
143 B

79ms
78ms

Image
image/gif

52.42.80.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/colossus?cls_id=615a215d-f906-42ae-ba19-fa2f4d3c0428&id=AU1D-0100-001722307652-EMF58FPO-GESX
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Server: 52.42.80.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-80-15.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 30 Jul 2024 02:47:32 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Transfer-Encoding: chunked
Location: http://ids.ad.gt/api/v1/colossus?cls_id=615a215d-f906-42ae-ba19-fa2f4d3c0428&id=AU1D-0100-001722307652-EMF58FPO-GESX
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 /
onetag-sys.com/match/ 0
201 B 120ms
13ms Image
text/plain 51.222.39.186
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=180&uid=AU1D-0100-001722307652-EMF58FPO-GESX&gdpr=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.186 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip186.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 adsct
t.co/i/ 43 B
374 B 154ms
52ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=1&eci=1&event_id=43a52a28-9919-49d0-ba63-62b529f876a5&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=868d9e0f-2301-4bbb-8679-5f17f02a3468&tw_document_href=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=numgi&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Tue, 30 Jul 2024 02:47:32 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: eb92695c411ea7bc
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: a8452388017015969d57b659aa4c01c808f09a979e9abd0925dc397b26c2e0c3
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 235ms
116ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=43a52a28-9919-49d0-ba63-62b529f876a5&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=868d9e0f-2301-4bbb-8679-5f17f02a3468&tw_document_href=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=numgi&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 77
date: Tue, 30 Jul 2024 02:47:31 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 49757cafdf06f8d2
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 95e47bb4fc3494baa3f41a427b2f0dbd215e92000a568f7b2ab91130471eec5c
content-length: 43

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
11 KB 38ms
14ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?partner_id=28&sync=1&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/28?url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&metadata=linkfire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
server: cloudflare
x-amz-request-id: 4GNMNHQXA94JVW78
age: 5803
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=432000
cf-ray: 8ab2064a88980ccd-EWR
x-amz-id-2: FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
expires: Sun, 04 Aug 2024 02:47:32 GMT

GET
H2 200 28 Show response
p.ad.gt/api/v1/p/ 46 KB
15 KB 87ms
63ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/28
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/28?url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&metadata=linkfire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75e3292cc9b65abbfbbf4d00bb9ec8862057d54ff51b60364f3c518d3be3edfe

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 30 Jul 2024 02:40:44 GMT
server: cloudflare
age: 241
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8ab2064a891f41a6-EWR

GET
H2

200

adb_match
ids.ad.gt/api/v1/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001722307652-EMF58FPO-GESX&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001722307652-EMF58F...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001722307652-EMF58FPO-GESX&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-01...
https://ids.ad.gt/api/v1/adb_match?adb=66339806884452292841397619527934413114&id=AU1D-0100-001722307652-EMF58FPO-GESX

43 B
143 B

84ms
79ms

Image
image/gif

52.42.80.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/adb_match?adb=66339806884452292841397619527934413114&id=AU1D-0100-001722307652-EMF58FPO-GESX
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Server: 52.42.80.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-80-15.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

dcs: dcs-prod-va6-1-v062-0b4d53538.edge-va6.demdex.com 3 ms
pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: vYmQtXZJR8I=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://ids.ad.gt/api/v1/adb_match?adb=66339806884452292841397619527934413114&id=AU1D-0100-001722307652-EMF58FPO-GESX
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

son_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001722307652-EMF58FPO-GESX&uid=[UID]&gdpr=0
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001722307652-EMF58FPO-GESX&uid=e478b4d1-6fb1-473d-acac-1939ef1d1b4a&gdpr=0

43 B
143 B

83ms
82ms

Image
image/gif

52.42.80.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001722307652-EMF58FPO-GESX&uid=e478b4d1-6fb1-473d-acac-1939ef1d1b4a&gdpr=0
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Server: 52.42.80.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-80-15.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-149
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001722307652-EMF58FPO-GESX&uid=e478b4d1-6fb1-473d-acac-1939ef1d1b4a&gdpr=0
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

openx
ids.ad.gt/api/v1/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001722307652-EMF58FPO-GESX%26auid%3DAU...
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001722307652-EMF58FPO-GESX%26auid...
https://ids.ad.gt/api/v1/openx?openx_id=5d8ec1a7-ffc3-4cde-84ee-432450b9a844&id=AU1D-0100-001722307652-EMF58FPO-GESX&auid=AU1D-0100-001722307652-EMF58FPO-GESX

43 B
143 B

84ms
83ms

Image
image/gif

52.42.80.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/openx?openx_id=5d8ec1a7-ffc3-4cde-84ee-432450b9a844&id=AU1D-0100-001722307652-EMF58FPO-GESX&auid=AU1D-0100-001722307652-EMF58FPO-GESX
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Server: 52.42.80.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-80-15.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 30 Jul 2024 02:47:32 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://ids.ad.gt/api/v1/openx?openx_id=5d8ec1a7-ffc3-4cde-84ee-432450b9a844&id=AU1D-0100-001722307652-EMF58FPO-GESX&auid=AU1D-0100-001722307652-EMF58FPO-GESX
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 0
sync.1rx.io/usersync/audigent/ 0
99 B 86ms
18ms Image
text/plain 69.194.240.13
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001722307652-EMF58FPO-GESX%26unruly_id%3D%5BRX_UUID%5D
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:35 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 30ms
28ms Fetch
text/plain 2607:f8b0:4004:c1f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-SK2KRMG100&gtm=45je47t0v9126390853za200&_p=1722307651622&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=95250753&cid=601100387.1722307652&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1722307652&sct=1&seg=0&dl=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&dt=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&en=page_view&_fv=1&_nsi=1&_ss=1&ep.name=tracker0&epn.cookieExpires=15552000&ep.clientId=66a85442890564.12269805&epn.sampleRate=10&tfd=1767
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SK2KRMG100&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://posty.lnk.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 p
tr.snapchat.com/ 0
16 B 93ms
71ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://posty.lnk.to
x-envoy-upstream-service-time: 6
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 44ms
43ms XHR
text/plain 2607:f8b0:4004:c1f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=571557116&t=pageview&_s=1&dl=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&ul=en-us&de=UTF-8&dt=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1329128741&gjid=303688190&cid=601100387.1722307652&tid=UA-54175133-1&_gid=1938003549.1722307652&_r=1&gtm=457e47t0za200&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=95250752&jsscut=1&z=1333704432

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://posty.lnk.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p
tr6.snapchat.com/ 0
202 B 584ms
52ms Ping
text/plain 2600:1901:0:7628::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7628:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google, 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/950249395/ 42 B
64 B 36ms
32ms Image
image/gif 2607:f8b0:4004:c06::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/950249395/?random=1722307651718&cv=9&fst=1722304800000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925%2C509562772%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=artist%3DPost%20Malone%5C%2C%20Blake%20Shelton%3Balbum%3DPour%20Me%20A%20Drink%3Bupcs%3D00602465924589%3Bgenre%3DCountry%3Btags%3Dblake%20shelton%2Ccountry%2CPost%20Malone%2Cpour%20me%20a%20drink%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DPost%20Malone%3Burl%3Dposty.lnk.to%2Fpourmeadrink%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DNew%20York%3Bartists%3DPost%20Malone%3Breferrer%3Ddirect%3Baction%3Dpageview&frm=0&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&tiba=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLz77iwNiRrJQxDHvOEWic2w-omq8YqS-xg7y4m6efXr9cP4IF&random=4012948021&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1017011664/ 42 B
64 B 35ms
30ms Image
image/gif 2607:f8b0:4004:c06::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1017011664/?random=1722307651713&cv=9&fst=1722304800000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=artist%3DPost%20Malone%5C%2C%20Blake%20Shelton%3Balbum%3DPour%20Me%20A%20Drink%3Bupcs%3D00602465924589%3Bgenre%3DCountry%3Btags%3Dblake%20shelton%2Ccountry%2CPost%20Malone%2Cpour%20me%20a%20drink%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DPost%20Malone%3Burl%3Dposty.lnk.to%2Fpourmeadrink%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DNew%20York%3Bartists%3DPost%20Malone%3Breferrer%3Ddirect%3Baction%3Dpageview&frm=0&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&tiba=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLtWLKvOEuANyf1sDZrAkzntFJY8CiszKDtUWdZcQtva1D1cAy&random=2218731787&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c3d7bfa4-cdbe-4bd5-bbce-d20413455727 Show response
c.lytics.io/api/personalize/f1d9d94ded8b13388a12e4bb69e532f1/user/_uid/ 321 B
625 B 88ms
85ms Script
application/json 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/f1d9d94ded8b13388a12e4bb69e532f1/user/_uid/c3d7bfa4-cdbe-4bd5-bbce-d20413455727?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22c3d7bfa4-cdbe-4bd5-bbce-d20413455727%22%2C%22utm_source%22%3A%22dotmailer%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_campaign%22%3A%22553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A-10%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22posty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0%22%2C%22_ga%22%3A%22GA1.1.601100387.1722307652%22%2C%22_v%22%3A%223.0.36%22%7D&ts=1722307652167&callback=u_629453564342534300

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34a8415bb0f342e98d977466d700d0f02d41eb934f63c851c08506978e051bd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BC9VOPbP%2Fl3MIRMMy8kG%2BJyAySvWrpXSPiIhwJJJg6QY5PecF0TEOq%2Bl4MmNtdBElFxTO8bdEVDKSJDTa8egSWj6lDWp7v9TtLfwldkZ%2Foy3FlLrTEJ2%2BTU%2F%2F3WgOr%2F1upgWPuM%2BeVks"}],"group":"cf-nel","max_age":604800}
x-lytics-trace: 1266643ab13b9309acf50de462065d4b
cf-ray: 8ab2064a1897c46d-EWR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
content-length: 235

GET
H2 200 linkfire
c.lytics.io/c/f1d9d94ded8b13388a12e4bb69e532f1/ 35 B
451 B 67ms
64ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/f1d9d94ded8b13388a12e4bb69e532f1/linkfire?_e=pv&utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&_sesstart=1&_tz=-10&_ul=en-US&_sz=1600x1200&album=Pour%20Me%20A%20Drink&artist=Post%20Malone%2C%20Blake%20Shelton&artist_tags=Post%20Malone&asset=landingpage&board=Post%20Malone&organization=Universal%20Music%20Group&browser=Chrome&channel_category=Owned&city=New%20York&country_code=US&device=desktop&genre=Country&os=Linux&referrer=direct&tags=blake%20shelton%2Ccountry%2CPost%20Malone%2Cpour%20me%20a%20drink&link_type=Music&visitor_token=9628361e1379ef4d648a2c3c97e3f8ea&spotify_url=https%3A%2F%2Fopen.spotify.com%2Falbum%2F1WE56xSN0l6bnwGyLeQWdz%3Fgo%3D1&action=pageview&_ts=1722307651747&_nmob=t&_device=desktop&url=posty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&_v=3.0.36&_uid=c3d7bfa4-cdbe-4bd5-bbce-d20413455727&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QqlkriPwL1Trvg4CAfT3Gfu02lJiOCro9JY4ejgp1Rf9Ls%2BaWttOPxjfrXuJGvMcxGB3QUWLAzil2fagUqdc06GHzPu1%2FvREYTlK1xG3WSMGxIKb1tAWs5MzVOGs70XH8DjVIjEd0KHy"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 67aea64093e9c80f9527f8ff874a3daf
cf-ray: 8ab2064a1899c46d-EWR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 f1d9d94ded8b13388a12e4bb69e532f1
c.lytics.io/c/ 35 B
337 B 66ms
63ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/f1d9d94ded8b13388a12e4bb69e532f1?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&_sesstart=1&_tz=-10&_ul=en-US&_sz=1600x1200&_ts=1722307652093&_nmob=t&_device=desktop&url=posty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&_ga=GA1.1.601100387.1722307652&_v=3.0.36&_uid=c3d7bfa4-cdbe-4bd5-bbce-d20413455727&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jPa1Uz3qbonG7nB%2F7meyk40NRb9jkUVptUQgerrYk6FQb6YoF4FICRTcPj81Ogf9o5Z4RwABtuKuyaBrt8%2Bhd%2FeKhTmqiYCKv2Uqw31dT3fMUaq3jlTJZpRUOWd9Wmk1w9eQozI7lifD"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 6890b03e318f4145fc877e870fcebadf
cf-ray: 8ab2064a189bc46d-EWR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/801112914/ 42 B
64 B 43ms
41ms Image
image/gif 2607:f8b0:4004:c06::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801112914/?random=1722307651806&cv=11&fst=1722304800000&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9169071275za200&gcd=13t3t3t3t5&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&hn=www.googleadservices.com&frm=0&tiba=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&npa=0&pscdl=noapi&auid=1595076106.1722307652&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLlnC5_c12LPLJTKh8UlqFq6rm0BTtoL5VEJPDJvdIjLrUv70T&random=1292502621&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/801112914/ 42 B
64 B 43ms
41ms Image
image/gif 2607:f8b0:4004:c06::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801112914/?random=1722307651866&cv=11&fst=1722304800000&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9169071275za200&gcd=13t3t3t3t5&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&hn=www.googleadservices.com&frm=0&tiba=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&npa=0&pscdl=noapi&auid=1595076106.1722307652&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&delc=United%20States&data=event%3Dpage_view%3Bartist%3DPost%20Malone%5C%2C%20Blake%20Shelton%3Balbum%3DPour%20Me%20A%20Drink%3Bupcs%3D00602465924589%3Bgenre%3DCountry%3Btags%3Dblake%20shelton%2Ccountry%2CPost%20Malone%2Cpour%20me%20a%20drink%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DPost%20Malone%3Burl%3Dposty.lnk.to%2Fpourmeadrink%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DNew%20York%3Bartists%3DPost%20Malone%3Baction%3Dpageview&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLNzxuArY-q1sN7v8fa6yq-lcP2cZx2l5nACI1FVRnNyFcNzsc&random=484574379&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 529815473883968 Show response
connect.facebook.net/signals/config/ 31 KB
5 KB 32ms
31ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/529815473883968?v=2.9.162&r=stable&domain=posty.lnk.to&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C121%2C223%2C157%2C113%2C129%2C117%2C146

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ce8dd3788420f43621712dce35b791a89c3da225cf40bd6ad077d240e7e5a0e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jul 2024 02:47:32 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5404
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=23, mss=1232, tbw=4616, tp=11, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: H/MDRFT40LhczqgbANpHR2xx6NpDZSuCauBN76HfT/dflz2wCqF4HjFellC7sV+Er59Opu5IM3/i1UB+yTkpbg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 116 B
271 B 23ms
22ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=0&partner_id=99&sync=1&domain=posty.lnk.to&url=https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?partner_id=99&sync=1&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 710142034a86256c62cec73b913ea932594cff58a258dae73d87eef099df23b2

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization,content-type
cf-ray: 8ab2064b1af141a9-EWR

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 140ms
21ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=0&partner_id=99&sync=1&domain=posty.lnk.to&url=https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://posty.lnk.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8ab2064aeac541a9-EWR
content-length: 0
content-type: application/json
date: Tue, 30 Jul 2024 02:47:32 GMT
debug: OPTIONS block
expires: Wed, 30 Jul 2025 02:47:32 GMT
server: cloudflare

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
655 B 32ms
31ms Script
text/javascript 2607:f8b0:4004:c1f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 30 Jul 2024 03:18:21 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 31ms
31ms Script
text/javascript 2607:f8b0:4004:c1f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:06:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 30 Jul 2024 03:06:49 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 252 KB
89 KB 42ms
41ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/99

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70d7df9d96e72966b1414f9dab03e643df64883fd1010175af4d69b5c0ec7905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90985
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Jul 2024 02:47:32 GMT

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
114 B 120ms
91ms XHR
text/plain 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/99
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://posty.lnk.to
date: Tue, 30 Jul 2024 02:47:32 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8ab2064a7d738cbd-EWR
vary: Origin

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
88 B 695ms
96ms Script
text/plain 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=4755caa265fe9afcf688606dedab3f14&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/99
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8ab2064ecd2e7d14-EWR

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/802909747/ 3 KB
2 KB 48ms
45ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/802909747/?random=1722307652244&cv=11&fst=1722307652244&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9161945549za200&gcd=13t3t3t3t5&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&hn=www.googleadservices.com&frm=0&tiba=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&npa=0&pscdl=noapi&auid=1595076106.1722307652&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-802909747&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f49192a63335705de7cfadfd6fb7858dbd8565e242dcbcbde96610fb437f76b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1536
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/802909747/ 3 KB
2 KB 51ms
44ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/802909747/?random=1722307652261&cv=11&fst=1722307652261&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9161945549za200&gcd=13t3t3t3t5&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&hn=www.googleadservices.com&frm=0&tiba=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&npa=0&pscdl=noapi&auid=1595076106.1722307652&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&delc=United%20States&data=event%3Dpage_view%3Bartist%3DPost%20Malone%5C%2C%20Blake%20Shelton%3Balbum%3DPour%20Me%20A%20Drink%3Bupcs%3D00602465924589%3Bgenre%3DCountry%3Btags%3Dblake%20shelton%2Ccountry%2CPost%20Malone%2Cpour%20me%20a%20drink%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DPost%20Malone%3Burl%3Dposty.lnk.to%2Fpourmeadrink%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DNew%20York%3Bartists%3DPost%20Malone%3Baction%3Dpageview&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-802909747&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dda1cc0a6d747b664efca58eb9365c500e200925de6dfd082f6921e8d351a7bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1712
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_c2008b8c.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 32ms
23ms Script
application/javascript 23.53.35.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_c2008b8c.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 5d05bb41
date: Tue, 30 Jul 2024 02:47:32 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024072912414053F84BDEC407641CA583
x-tt-trace-id: 00-24072912414053F84BDEC407641CA583-10A00AC1BF6DB8B7-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-52-15-69.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01801e093cc4e4fd45cc34d79d2d3001c8e1aa9d20b15e504123ade7b8b48ff0b444e9da2cadb946c323c5c623dd06067faf6ea279010b49c174e9b26b8d0a7631d7a61f15a8d68a38a8821124a6c4ed822f9279f7195e59d8c9ded48796a727fe
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=10
content-length: 39525

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
841 B 666ms
665ms Ping
text/plain 23.53.35.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3889e68b.5d05bd20
date: Tue, 30 Jul 2024 02:47:32 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240730024732E677082116C5CB5EBBE6-4FFCB71FF9379125-00
x-cache: TCP_MISS from a23-52-15-69.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 461,23.52.15.69
server-timing: cdn-cache; desc=MISS, edge; dur=503, origin; dur=66, inner; dur=28
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240730024732E677082116C5CB5EBBE6
x-cache-remote: TCP_MISS from a23-48-100-173.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 67,23.48.100.173
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d6d4a75e862f3b4380d29c1b31474e6dc8d2ca9ee12ab9eb495e325a2455ec8ed31a08769cc002686cb73cf95b0fd2ace8c1bc2dc0e8976bbbffd7c49392189adaa5ecf5bf30c932a37f5f742001333a18b2015aebb0bb112137d51ce968f66d9
access-control-allow-headers: Authorization,*
expires: Tue, 30 Jul 2024 02:47:32 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
696 B 92ms
90ms Ping
text/plain 23.53.35.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5d05bd21
date: Tue, 30 Jul 2024 02:47:32 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24073002473212B228A72B02AC658AA6-10BF5670E27E60E3-00
x-cache: TCP_MISS from a23-52-15-69.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=39, cdn-cache; desc=MISS, edge; dur=9, origin; dur=45
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024073002473212B228A72B02AC658AA6
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 45,23.52.15.69
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d551f5e8684db153b5e09ea73955f4a84663d90b4231dd7fa975a2d5be04678105e065f374b3929cd3248c06da41b56383e3360a7aa566424415e3cb2609adb52085d3a30e0c5411eb91e252748a2de61
access-control-allow-headers: Authorization,*
expires: Tue, 30 Jul 2024 02:47:32 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
842 B 269ms
266ms Ping
text/plain 23.53.35.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3889e985.5d05bd22
date: Tue, 30 Jul 2024 02:47:32 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240730024732B31DF71CA7B1787D5F94-6FABD5BF9A09802F-00
x-cache: TCP_MISS from a23-52-15-69.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 147,23.52.15.69
server-timing: cdn-cache; desc=MISS, edge; dur=161, origin; dur=63, inner; dur=37
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240730024732B31DF71CA7B1787D5F94
x-cache-remote: TCP_MISS from a23-48-100-173.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 63,23.48.100.173
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d6d4a75e862f3b4380d29c1b31474e6dc8d2ca9ee12ab9eb495e325a2455ec8ed64c99f96076dd5afa3c165cf78db3a61f3e8fb698493cf279be7dc11456b80ae7a123a31f7fa58148997f6f1c9076e39a25e6c0e446ce7f43f44e02ed6a16f8d
access-control-allow-headers: Authorization,*
expires: Tue, 30 Jul 2024 02:47:32 GMT

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
825 B 576ms
25ms Ping
text/plain 104.126.119.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.119.98 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-119-98.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 757fac0d
date: Tue, 30 Jul 2024 02:47:32 GMT
x-bytefaas-request-id: 20240730024732AEB8D7E5273941657F5D
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240730024732AEB8D7E5273941657F5D-385C9DA7A31231D7-00
x-cache: TCP_MISS from a104-126-119-94.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57594475) (-)
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=0, origin; dur=17
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240730024732AEB8D7E5273941657F5D
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 4.75
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 0135c373c3262dd13518f99fb41fa3ea2d466a056d800e240775678e04e14e0b21b24905d95b118df5881af15ac57ce1b3f558b9efa0d79760cc156f472890b8c411ee49810499ae5ef5fa88a98f70c005f8fd85609ba9eae482832fde87101c8b
x-origin-response-time: 17,104.126.119.94
access-control-allow-headers: *
expires: Tue, 30 Jul 2024 02:47:32 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
701 B 178ms
175ms Ping
text/plain 23.53.35.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5d05bd23
date: Tue, 30 Jul 2024 02:47:32 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2407300247320FA4E66CAD2EBF6463AD-7FD09B3EEB7A679B-00
x-cache: TCP_MISS from a23-52-15-69.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=40, cdn-cache; desc=MISS, edge; dur=14, origin; dur=66
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202407300247320FA4E66CAD2EBF6463AD
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 66,23.52.15.69
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d551f5e8684db153b5e09ea73955f4a84cb43c293fa2c265703aa4c2b926deba923c560f9a940420c4a57687a2d9a74bb24d49795261ddd1c7619e72e630f25d16c04df5f312a76b00e959804b9a83f50
access-control-allow-headers: Authorization,*
expires: Tue, 30 Jul 2024 02:47:32 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
842 B 167ms
166ms Ping
text/plain 23.53.35.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 94a9467.5d05bd24
date: Tue, 30 Jul 2024 02:47:32 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2407300247321F2FADAFA8D5AE68EEC6-04B0816DEA406C15-00
x-cache: TCP_MISS from a23-52-15-69.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 59,23.52.15.69
server-timing: cdn-cache; desc=MISS, edge; dur=59, origin; dur=22, inner; dur=17
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202407300247321F2FADAFA8D5AE68EEC6
x-cache-remote: TCP_MISS from a23-220-107-155.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,23.220.107.155
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7dcb29dc049fe471b033d97f6dc8e8a3cab4c7247772bc74907ab6a8e667fe8aea446ce55dc84146315569573e28114188c05272dfb684d62cb32af0ba8d0a65751baa7d95ad56a0371f3da4404d83c45ed5512df5d5287538bc8959359e8e42f9
access-control-allow-headers: Authorization,*
expires: Tue, 30 Jul 2024 02:47:32 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
699 B 252ms
249ms Ping
text/plain 23.53.35.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5d05bd25
date: Tue, 30 Jul 2024 02:47:32 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24073002473212B228A72B02AC658AAD-48DC5E84A759E671-00
x-cache: TCP_MISS from a23-52-15-69.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=20, cdn-cache; desc=MISS, edge; dur=23, origin; dur=113
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024073002473212B228A72B02AC658AAD
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 114,23.52.15.69
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d551f5e8684db153b5e09ea73955f4a84663d90b4231dd7fa975a2d5be0467810aa43370f9f2a47ab92526745d24ddc3703459f634aa6eb56f9fb0fc5512716e4dc48663a204d28468191041675dcde2a
access-control-allow-headers: Authorization,*
expires: Tue, 30 Jul 2024 02:47:32 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
840 B 86ms
85ms Ping
text/plain 23.53.35.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 549e274.5d05bdb5
date: Tue, 30 Jul 2024 02:47:32 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24073002473238E4B3725C90DF847CCB-66170B44DF760F05-00
x-cache: TCP_MISS from a23-52-15-69.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 30,23.52.15.69
server-timing: cdn-cache; desc=MISS, edge; dur=13, origin; dur=24, inner; dur=19
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024073002473238E4B3725C90DF847CCB
x-cache-remote: TCP_MISS from a23-220-107-150.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,23.220.107.150
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7dcb29dc049fe471b033d97f6dc8e8a3ca535a702d4218c0bab8992547a0957a5273cb6df3fe14704c4497d474028c85c775aadea0326940ce4a1ec7cabec6bb74ecdd305290a0a28619d699ff96e98e17ba9b9a51746beba7aa552b691c0c345e
access-control-allow-headers: Authorization,*
expires: Tue, 30 Jul 2024 02:47:32 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
701 B 531ms
529ms Ping
text/plain 23.53.35.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5d05bdb7
date: Tue, 30 Jul 2024 02:47:32 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240730024732A4999BC1E8900D81691D-7CA5664E979C1549-00
x-cache: TCP_MISS from a23-52-15-69.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=479, cdn-cache; desc=MISS, edge; dur=6, origin; dur=484
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240730024732A4999BC1E8900D81691D
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 485,23.52.15.69
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d551f5e8684db153b5e09ea73955f4a84240addbace422dc31e2be45d78fc3c55f2ef878a4e99a4cc9d1e3b8f5e2980c58a45ba5abb7b82f4fe44bbe2cf5474e14a4b2de474c12806e7cbf6ac92ab3d7f
access-control-allow-headers: Authorization,*
expires: Tue, 30 Jul 2024 02:47:32 GMT

POST
H3 200 p
tr.snapchat.com/ 0
17 B 59ms
57ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://posty.lnk.to
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
143 B 79ms
79ms Image
image/gif 52.42.80.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001722307652-EMF58FPO-GESX&halo_id=060ixdlju6a65fki6dhja8hebk9cd86ea6juok0wi0e0yoyu0kswe4smgy6ik40me
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.80.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-80-15.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 440ms
16ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1846609132302434&ev=LF&dl=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&rl=&if=false&ts=1722307652468&cd[artist]=Post%20Malone%2C%20Blake%20Shelton&cd[album]=Pour%20Me%20A%20Drink&cd[upcs]=%5B%2200602465924589%22%5D&cd[genre]=%5B%22Country%22%5D&cd[tags]=%5B%22blake%20shelton%22%2C%22country%22%2C%22Post%20Malone%22%2C%22pour%20me%20a%20drink%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=Post%20Malone&cd[url]=posty.lnk.to%2Fpourmeadrink&cd[countryCode]=US&cd[country]=United%20States&cd[city]=New%20York&cd[artists]=%5B%22Post%20Malone%22%5D&cd[oid]=6ee969a8-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=461580f2-9cc2-43d5-9ec3-a9ce5a854d34&cd[linkId]=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cd[furl]=posty.lnk.to%2FpourmeadrinkEM&cd[domain]=posty.lnk.to&cd[subdomain]=posty&cd[luuid]=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cd[ouuid]=6ee969a8-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=461580f2-9cc2-43d5-9ec3-a9ce5a854d34&cd[sid]=9628361e1379ef4d648a2c3c97e3f8ea&cd[uid]=66a85442890564.12269805&cd[channel]=Email&cd[channelCode]=EM&cd[referrer]=direct&cd[timestamp]=29%3A07%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722307652465.999945137548582693&ler=empty&cdl=API_unavailable&it=1722307651780&coo=false&tm=2&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1328, tbw=2891, tp=-1, tpl=-1, uplat=2, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jul 2024 02:47:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 496ms
74ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1846609132302434&ev=LF&dl=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&rl=&if=false&ts=1722307652468&cd[artist]=Post%20Malone%2C%20Blake%20Shelton&cd[album]=Pour%20Me%20A%20Drink&cd[upcs]=%5B%2200602465924589%22%5D&cd[genre]=%5B%22Country%22%5D&cd[tags]=%5B%22blake%20shelton%22%2C%22country%22%2C%22Post%20Malone%22%2C%22pour%20me%20a%20drink%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=Post%20Malone&cd[url]=posty.lnk.to%2Fpourmeadrink&cd[countryCode]=US&cd[country]=United%20States&cd[city]=New%20York&cd[artists]=%5B%22Post%20Malone%22%5D&cd[oid]=6ee969a8-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=461580f2-9cc2-43d5-9ec3-a9ce5a854d34&cd[linkId]=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cd[furl]=posty.lnk.to%2FpourmeadrinkEM&cd[domain]=posty.lnk.to&cd[subdomain]=posty&cd[luuid]=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cd[ouuid]=6ee969a8-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=461580f2-9cc2-43d5-9ec3-a9ce5a854d34&cd[sid]=9628361e1379ef4d648a2c3c97e3f8ea&cd[uid]=66a85442890564.12269805&cd[channel]=Email&cd[channelCode]=EM&cd[referrer]=direct&cd[timestamp]=29%3A07%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722307652465.999945137548582693&ler=empty&cdl=API_unavailable&it=1722307651780&coo=false&tm=2&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
date: Tue, 30 Jul 2024 02:47:32 GMT
document-policy: force-load-at-top
x-fb-server-load: 25
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397255039152505096", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=19, mss=1328, tbw=3790, tp=-1, tpl=-1, uplat=57, ullat=0
pragma: no-cache
x-fb-debug: JjE9Ctr1b7nf4N0Q/+L3biBHFpyrfe+Iq9A/Nv3GT+yrhBD2fucIos4fh+UbOpjHJgRTkzR4zfWdPlabJ1Rt3Q==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397255039152505096"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397255039152505096"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 442ms
20ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1846609132302434&ev=LF_pageview&dl=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&rl=&if=false&ts=1722307652471&cd[artist]=Post%20Malone%2C%20Blake%20Shelton&cd[album]=Pour%20Me%20A%20Drink&cd[upcs]=%5B%2200602465924589%22%5D&cd[genre]=%5B%22Country%22%5D&cd[tags]=%5B%22blake%20shelton%22%2C%22country%22%2C%22Post%20Malone%22%2C%22pour%20me%20a%20drink%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=Post%20Malone&cd[url]=posty.lnk.to%2Fpourmeadrink&cd[countryCode]=US&cd[country]=United%20States&cd[city]=New%20York&cd[artists]=%5B%22Post%20Malone%22%5D&cd[oid]=6ee969a8-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=461580f2-9cc2-43d5-9ec3-a9ce5a854d34&cd[linkId]=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cd[furl]=posty.lnk.to%2FpourmeadrinkEM&cd[domain]=posty.lnk.to&cd[subdomain]=posty&cd[luuid]=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cd[ouuid]=6ee969a8-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=461580f2-9cc2-43d5-9ec3-a9ce5a854d34&cd[sid]=9628361e1379ef4d648a2c3c97e3f8ea&cd[uid]=66a85442890564.12269805&cd[channel]=Email&cd[channelCode]=EM&cd[referrer]=direct&cd[timestamp]=29%3A07%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.162&r=stable&ec=1&o=4126&fbp=fb.1.1722307652465.999945137548582693&ler=empty&cdl=API_unavailable&it=1722307651780&coo=false&tm=2&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1328, tbw=3178, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jul 2024 02:47:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1022 B 824ms
402ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1846609132302434&ev=LF_pageview&dl=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&rl=&if=false&ts=1722307652471&cd[artist]=Post%20Malone%2C%20Blake%20Shelton&cd[album]=Pour%20Me%20A%20Drink&cd[upcs]=%5B%2200602465924589%22%5D&cd[genre]=%5B%22Country%22%5D&cd[tags]=%5B%22blake%20shelton%22%2C%22country%22%2C%22Post%20Malone%22%2C%22pour%20me%20a%20drink%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=Post%20Malone&cd[url]=posty.lnk.to%2Fpourmeadrink&cd[countryCode]=US&cd[country]=United%20States&cd[city]=New%20York&cd[artists]=%5B%22Post%20Malone%22%5D&cd[oid]=6ee969a8-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=461580f2-9cc2-43d5-9ec3-a9ce5a854d34&cd[linkId]=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cd[furl]=posty.lnk.to%2FpourmeadrinkEM&cd[domain]=posty.lnk.to&cd[subdomain]=posty&cd[luuid]=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cd[ouuid]=6ee969a8-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=461580f2-9cc2-43d5-9ec3-a9ce5a854d34&cd[sid]=9628361e1379ef4d648a2c3c97e3f8ea&cd[uid]=66a85442890564.12269805&cd[channel]=Email&cd[channelCode]=EM&cd[referrer]=direct&cd[timestamp]=29%3A07%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.162&r=stable&ec=1&o=4126&fbp=fb.1.1722307652465.999945137548582693&ler=empty&cdl=API_unavailable&it=1722307651780&coo=false&tm=2&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
date: Tue, 30 Jul 2024 02:47:33 GMT
document-policy: force-load-at-top
x-fb-server-load: 42
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397255039540261012", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=21, mss=1328, tbw=12860, tp=-1, tpl=-1, uplat=386, ullat=1
pragma: no-cache
x-fb-debug: xDFcwHBTP/hYE+Lb0zvEtLJkRa4ko/5tRTpgNrHMFGYUadPSE6TfisItFcNkfT34ImbaTaTMsdonnPsex7SUKA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397255039540261012"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397255039540261012"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 441ms
19ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1846609132302434&ev=PageView&dl=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&rl=&if=false&ts=1722307652474&sw=1600&sh=1200&v=2.9.162&r=stable&ec=2&o=4126&fbp=fb.1.1722307652465.999945137548582693&ler=empty&cdl=API_unavailable&it=1722307651780&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1328, tbw=3178, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jul 2024 02:47:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1002 B 496ms
75ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1846609132302434&ev=PageView&dl=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&rl=&if=false&ts=1722307652474&sw=1600&sh=1200&v=2.9.162&r=stable&ec=2&o=4126&fbp=fb.1.1722307652465.999945137548582693&ler=empty&cdl=API_unavailable&it=1722307651780&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
date: Tue, 30 Jul 2024 02:47:32 GMT
document-policy: force-load-at-top
x-fb-server-load: 27
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397255039322877593", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=19, mss=1328, tbw=3790, tp=-1, tpl=-1, uplat=56, ullat=0
pragma: no-cache
x-fb-debug: FSXIk350GNDM+jkWPnWKUZX4t/l6hEJey0Z0q92FVOSV8n5bsgBwErW9F6spSFW3OU+FrpPR8g4fyX9JZrvlAw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397255039322877593"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397255039322877593"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 24ms
19ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=529815473883968&ev=PageView&dl=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&rl=&if=false&ts=1722307652485&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722307652465.999945137548582693&ler=empty&cdl=API_unavailable&hmd=187d9b5fb134ef991d91d601&pl=https%3A%2F%2Fposty.lnk.to%2Fpourmeadrink&it=1722307651780&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=19, mss=1328, tbw=3488, tp=-1, tpl=-1, uplat=2, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jul 2024 02:47:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 68ms
64ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=529815473883968&ev=PageView&dl=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&rl=&if=false&ts=1722307652485&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722307652465.999945137548582693&ler=empty&cdl=API_unavailable&hmd=187d9b5fb134ef991d91d601&pl=https%3A%2F%2Fposty.lnk.to%2Fpourmeadrink&it=1722307651780&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9d76d83311423192","source_keys":["1","2"]},{"key_piece":"0xb5300bb71e8eaa6c","source_keys":["1","2"]}],"aggregatable_values":{"1":1},"filters":{"2":["24:8547487138595505","7830:8547487138595505","10853:8547487138595505","41:8547487138595505","8046:8547487138595505"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 30 Jul 2024 02:47:32 GMT
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397255040183934982", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=19, mss=1328, tbw=11494, tp=-1, tpl=-1, uplat=47, ullat=0
pragma: no-cache
x-fb-debug: sUHzZt/ch2zCnGeSrlXA7ZEdIz/1IEgfv+6drAo5gEECWqkFRVR7ces2qm6i6BZI5HJHMAb/QDslZIMokpmHWg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397255040183934982"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397255040183934982"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 24ms
19ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=529815473883968&ev=LF&dl=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&rl=&if=false&ts=1722307652489&cd[artist]=Post%20Malone%2C%20Blake%20Shelton&cd[album]=Pour%20Me%20A%20Drink&cd[upcs]=%5B%2200602465924589%22%5D&cd[genre]=%5B%22Country%22%5D&cd[tags]=%5B%22blake%20shelton%22%2C%22country%22%2C%22Post%20Malone%22%2C%22pour%20me%20a%20drink%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=Post%20Malone&cd[url]=posty.lnk.to%2Fpourmeadrink&cd[countryCode]=US&cd[country]=United%20States&cd[city]=New%20York&cd[artists]=%5B%22Post%20Malone%22%5D&cd[oid]=6ee969a8-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=461580f2-9cc2-43d5-9ec3-a9ce5a854d34&cd[linkId]=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cd[furl]=posty.lnk.to%2FpourmeadrinkEM&cd[domain]=posty.lnk.to&cd[subdomain]=posty&cd[luuid]=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cd[ouuid]=6ee969a8-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=461580f2-9cc2-43d5-9ec3-a9ce5a854d34&cd[sid]=9628361e1379ef4d648a2c3c97e3f8ea&cd[uid]=66a85442890564.12269805&cd[channel]=Email&cd[channelCode]=EM&cd[referrer]=direct&cd[timestamp]=29%3A07%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.162&r=stable&ec=1&o=4126&fbp=fb.1.1722307652465.999945137548582693&ler=empty&cdl=API_unavailable&it=1722307651780&coo=false&tm=2&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=19, mss=1328, tbw=3603, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jul 2024 02:47:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 57ms
53ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=529815473883968&ev=LF&dl=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&rl=&if=false&ts=1722307652489&cd[artist]=Post%20Malone%2C%20Blake%20Shelton&cd[album]=Pour%20Me%20A%20Drink&cd[upcs]=%5B%2200602465924589%22%5D&cd[genre]=%5B%22Country%22%5D&cd[tags]=%5B%22blake%20shelton%22%2C%22country%22%2C%22Post%20Malone%22%2C%22pour%20me%20a%20drink%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=Post%20Malone&cd[url]=posty.lnk.to%2Fpourmeadrink&cd[countryCode]=US&cd[country]=United%20States&cd[city]=New%20York&cd[artists]=%5B%22Post%20Malone%22%5D&cd[oid]=6ee969a8-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=461580f2-9cc2-43d5-9ec3-a9ce5a854d34&cd[linkId]=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cd[furl]=posty.lnk.to%2FpourmeadrinkEM&cd[domain]=posty.lnk.to&cd[subdomain]=posty&cd[luuid]=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cd[ouuid]=6ee969a8-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=461580f2-9cc2-43d5-9ec3-a9ce5a854d34&cd[sid]=9628361e1379ef4d648a2c3c97e3f8ea&cd[uid]=66a85442890564.12269805&cd[channel]=Email&cd[channelCode]=EM&cd[referrer]=direct&cd[timestamp]=29%3A07%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.162&r=stable&ec=1&o=4126&fbp=fb.1.1722307652465.999945137548582693&ler=empty&cdl=API_unavailable&it=1722307651780&coo=false&tm=2&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1d214bf0975f875c","source_keys":["1","2"]},{"key_piece":"0xe2533abb19068b29","source_keys":["1","2"]}],"aggregatable_values":{"1":1},"filters":{"2":["23:4491271257586198","23:8547487138595505","7811:4491271257586198","7811:8547487138595505","10193:4491271257586198","10193:8547487138595505","10853:4491271257586198","10853:8547487138595505","40:4491271257586198","40:8547487138595505","8050:4491271257586198","8050:8547487138595505"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 30 Jul 2024 02:47:32 GMT
x-fb-server-load: 49
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397255040389409987", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=19, mss=1328, tbw=8314, tp=-1, tpl=-1, uplat=35, ullat=0
pragma: no-cache
x-fb-debug: +63Q/fTE07MJa+vNVY/ou80vI5YVHqDUceS6/8UlCalaetyR50J7WBPZhRizW9BV9PN0SazM4T8oQXFxuEMpyw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397255040389409987"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397255040389409987"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 22ms
18ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=529815473883968&ev=LF_pageview&dl=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&rl=&if=false&ts=1722307652496&cd[artist]=Post%20Malone%2C%20Blake%20Shelton&cd[album]=Pour%20Me%20A%20Drink&cd[upcs]=%5B%2200602465924589%22%5D&cd[genre]=%5B%22Country%22%5D&cd[tags]=%5B%22blake%20shelton%22%2C%22country%22%2C%22Post%20Malone%22%2C%22pour%20me%20a%20drink%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=Post%20Malone&cd[url]=posty.lnk.to%2Fpourmeadrink&cd[countryCode]=US&cd[country]=United%20States&cd[city]=New%20York&cd[artists]=%5B%22Post%20Malone%22%5D&cd[oid]=6ee969a8-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=461580f2-9cc2-43d5-9ec3-a9ce5a854d34&cd[linkId]=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cd[furl]=posty.lnk.to%2FpourmeadrinkEM&cd[domain]=posty.lnk.to&cd[subdomain]=posty&cd[luuid]=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cd[ouuid]=6ee969a8-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=461580f2-9cc2-43d5-9ec3-a9ce5a854d34&cd[sid]=9628361e1379ef4d648a2c3c97e3f8ea&cd[uid]=66a85442890564.12269805&cd[channel]=Email&cd[channelCode]=EM&cd[referrer]=direct&cd[timestamp]=29%3A07%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.162&r=stable&ec=2&o=4126&fbp=fb.1.1722307652465.999945137548582693&ler=empty&cdl=API_unavailable&it=1722307651780&coo=false&tm=2&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=19, mss=1328, tbw=3603, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jul 2024 02:47:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
2 KB 65ms
61ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=529815473883968&ev=LF_pageview&dl=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&rl=&if=false&ts=1722307652496&cd[artist]=Post%20Malone%2C%20Blake%20Shelton&cd[album]=Pour%20Me%20A%20Drink&cd[upcs]=%5B%2200602465924589%22%5D&cd[genre]=%5B%22Country%22%5D&cd[tags]=%5B%22blake%20shelton%22%2C%22country%22%2C%22Post%20Malone%22%2C%22pour%20me%20a%20drink%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=Post%20Malone&cd[url]=posty.lnk.to%2Fpourmeadrink&cd[countryCode]=US&cd[country]=United%20States&cd[city]=New%20York&cd[artists]=%5B%22Post%20Malone%22%5D&cd[oid]=6ee969a8-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=461580f2-9cc2-43d5-9ec3-a9ce5a854d34&cd[linkId]=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cd[furl]=posty.lnk.to%2FpourmeadrinkEM&cd[domain]=posty.lnk.to&cd[subdomain]=posty&cd[luuid]=861f0f96-d1c1-4548-9f37-d394a3e74f4f&cd[ouuid]=6ee969a8-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=461580f2-9cc2-43d5-9ec3-a9ce5a854d34&cd[sid]=9628361e1379ef4d648a2c3c97e3f8ea&cd[uid]=66a85442890564.12269805&cd[channel]=Email&cd[channelCode]=EM&cd[referrer]=direct&cd[timestamp]=29%3A07%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.162&r=stable&ec=2&o=4126&fbp=fb.1.1722307652465.999945137548582693&ler=empty&cdl=API_unavailable&it=1722307651780&coo=false&tm=2&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x8e1be71e1978e242","source_keys":["1","2"]},{"key_piece":"0xae533c23d563e139","source_keys":["1","2"]}],"aggregatable_values":{"1":1},"filters":{"2":["23:8547487138595505","7811:8547487138595505","10193:8547487138595505","10853:8547487138595505","40:8547487138595505","8050:8547487138595505"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 30 Jul 2024 02:47:32 GMT
x-fb-server-load: 61
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397255040035813057", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=19, mss=1328, tbw=9859, tp=-1, tpl=-1, uplat=39, ullat=0
pragma: no-cache
x-fb-debug: YkQI/8qWTGF1nC2a19/nTCuTwks+tNgklMX8ZOYT6K0maYtscx7duKh1cjYtPWK49lMM9SwlYch5/bzVCboVFw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397255040035813057"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397255040035813057"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

google
c.lytics.io/c/provider/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm&google_nid=lytics&google_hm=YzNkN2JmYTQtY2RiZS00YmQ1LWJiY2UtZDIwNDEzNDU1NzI3
https://c.lytics.io/c/provider/google?google_gid=CAESEDQ9Y_AZh6IgGynVfrzm-0M&google_cver=1

35 B
355 B

51ms
50ms

Image
image/gif

2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/provider/google?google_gid=CAESEDQ9Y_AZh6IgGynVfrzm-0M&google_cver=1

Requested by

Protocol

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:32 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
x-error-message: Not found
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JeJ%2FYKzXkLcDqPhOANhNO372jwGPtBdYPsQlFs1ZvFqE1yv5TEmZualezekiuDTE4Lh0fTGn0fmmR2PMMuIgbZAJ4qqsw7NU1P42vv9XzTU8KU8hW89g5xiycufqtRGhAPMoRUYfVEwd"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: dc2c3c1b4cb6c212042aeac503112bf9
cf-ray: 8ab2064e9dbbc46d-EWR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c.lytics.io/c/provider/google?google_gid=CAESEDQ9Y_AZh6IgGynVfrzm-0M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/802909747/ 42 B
64 B 30ms
29ms Image
image/gif 2607:f8b0:4004:c06::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/802909747/?random=1722307652244&cv=11&fst=1722304800000&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9161945549za200&gcd=13t3t3t3t5&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&hn=www.googleadservices.com&frm=0&tiba=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&npa=0&pscdl=noapi&auid=1595076106.1722307652&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLj-cE_KMOqfbIPNbZNkRiYx7BEBG941XnFpBupQ5TDPGGpazu&random=3278016293&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/802909747/ 42 B
64 B 30ms
29ms Image
image/gif 2607:f8b0:4004:c06::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/802909747/?random=1722307652261&cv=11&fst=1722304800000&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9161945549za200&gcd=13t3t3t3t5&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&hn=www.googleadservices.com&frm=0&tiba=Post%20Malone%2C%20Blake%20Shelton%20-%20Pour%20Me%20A%20Drink&npa=0&pscdl=noapi&auid=1595076106.1722307652&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&delc=United%20States&data=event%3Dpage_view%3Bartist%3DPost%20Malone%5C%2C%20Blake%20Shelton%3Balbum%3DPour%20Me%20A%20Drink%3Bupcs%3D00602465924589%3Bgenre%3DCountry%3Btags%3Dblake%20shelton%2Ccountry%2CPost%20Malone%2Cpour%20me%20a%20drink%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DPost%20Malone%3Burl%3Dposty.lnk.to%2Fpourmeadrink%3BcountryCode%3DUS%3Bcountry%3DUnited%20States%3Bcity%3DNew%20York%3Bartists%3DPost%20Malone%3Baction%3Dpageview&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooL96jq1PDjSIsWCl7UG2jjjtjXozJOZLauH5W4ZuVysQGAeAhU&random=3539421800&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:47:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
57 B 104ms
98ms XHR
text/plain 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://posty.lnk.to
date: Tue, 30 Jul 2024 02:47:33 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8ab2064ec96b8cbd-EWR
vary: Origin

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
30 B 102ms
98ms Script
text/plain 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=41a013688b85c32e2372699df1738f59&url=https%3A%2F%2Fposty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8ab2064ecd307d14-EWR

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
34 B 95ms
92ms XHR
text/plain 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://posty.lnk.to
date: Tue, 30 Jul 2024 02:47:33 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8ab2064ee9888cbd-EWR
vary: Origin

GET
H/1.1 206
Partial Content 49d293c80a03794069f6ec6ad9df8c250714358e
p.scdn.co/mp3-preview/ 64 KB
0 106ms
10ms Media
audio/mpeg 2a04:4e42:4e::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.scdn.co/mp3-preview/49d293c80a03794069f6ec6ad9df8c250714358e?cid=18fc7b00a64d447393f6ee0dd98a70be
Requested by: Host: posty.lnk.to
URL: https://posty.lnk.to/pourmeadrinkEM?utm_source=dotmailer&utm_medium=email&utm_campaign=553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US&dm_i=4YU9,BUUW,3D2TUN,1S82I,0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://posty.lnk.to/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 30 Jul 2024 02:47:33 GMT
Age: 1076601
X-Cache: HIT, HIT
Content-Range: bytes 0-360287/360288
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 360288
X-Served-By: cache-chi-kigq8000083-CHI, cache-lga21938-LGA
Last-Modified: Sat, 08 Jun 2024 06:01:00 GMT
ETag: "c3a1a6d54e5f2f3e4c48dc911418f043"
x-goog-generation: 1717826460814384
Content-Type: audio/mpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, no-transform
x-goog-stored-content-length: 360288
x-amz-checksum-crc32c: ELxOsw==
Accept-Ranges: bytes
X-Cache-Hits: 166, 0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
699 B 183ms
179ms Ping
text/plain 23.53.35.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5d05d62c
date: Tue, 30 Jul 2024 02:47:33 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2407300247334D7B10DB1A3478865F50-4E2A28C5B09119BF-00
x-cache: TCP_MISS from a23-52-15-69.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=47, cdn-cache; desc=MISS, edge; dur=17, origin; dur=71
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202407300247334D7B10DB1A3478865F50
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 72,23.52.15.69
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d551f5e8684db153b5e09ea73955f4a8458eb7df6a8010586b68db03d80bf967b751ec8e0884466918293cca216a58ee635b16eba4b51f91b2f6d604e8b535ceba43e950a5aa63e70a5a8a9b68714e486
access-control-allow-headers: Authorization,*
expires: Tue, 30 Jul 2024 02:47:33 GMT

GET
H/1.1 200
OK 49d293c80a03794069f6ec6ad9df8c250714358e Show response
p.scdn.co/mp3-preview/ 352 KB
352 KB 122ms
11ms XHR
audio/mpeg 2a04:4e42:4e::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.scdn.co/mp3-preview/49d293c80a03794069f6ec6ad9df8c250714358e?cid=18fc7b00a64d447393f6ee0dd98a70be
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MA.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4e::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a38410bc5a49a631c04ed2e65ae1c16153e95591d97bacea9e196642a293ffc8

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 02:47:33 GMT
Age: 1076601
X-Cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 360288
X-Served-By: cache-chi-kigq8000083-CHI, cache-lga21959-LGA
Last-Modified: Sat, 08 Jun 2024 06:01:00 GMT
ETag: "c3a1a6d54e5f2f3e4c48dc911418f043"
x-goog-generation: 1717826460814384
Content-Type: audio/mpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, no-transform
x-goog-stored-content-length: 360288
x-amz-checksum-crc32c: ELxOsw==
Accept-Ranges: bytes
X-Cache-Hits: 166, 1

GET
H2 200 google_dv360
c.lytics.io/c/f1d9d94ded8b13388a12e4bb69e532f1/ 35 B
452 B 51ms
50ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/f1d9d94ded8b13388a12e4bb69e532f1/google_dv360?_ts=1722307652977&_nmob=t&_device=desktop&url=posty.lnk.to%2FpourmeadrinkEM%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D553208_07.29.2024_PostMalone_F1Trillion_Country_V4_231777_US%26dm_i%3D4YU9%2CBUUW%2C3D2TUN%2C1S82I%2C0&_ga=GA1.2.601100387.1722307652&_uid=c3d7bfa4-cdbe-4bd5-bbce-d20413455727&_v=3.0.36

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:33 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zotb0UTyyFR2GGPiMoD8fuGqr8RxSYFmDa%2Brfz%2BWIjOHd88XO0WODqr%2F%2FqE%2BFQXAurg5ycKUEhlYNtTr407HnTXKrkmAt9Ea5zu1emc7YHR78zYxU2ElfH4%2B9qKbR%2FdRC%2F7IScglesbo"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: f008f26c3c2090004629fc3ece36ae5e
cf-ray: 8ab2064f2e66c46d-EWR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 play_button.svg
static.assetlab.io/music-player/img/refresh/ 2 KB
1 KB 27ms
26ms Image
image/svg+xml 108.156.120.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/music-player/img/refresh/play_button.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.120.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-120-53.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4601e6cd3682181d1b4d848bf0489f3ed31e13bb0acb0f7644700e4003384096

Request headers

Referer: https://static.assetlab.io/redirector-prod/3.153.0/release-refresh.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: s9hjxzwxVVT_MW.raFSY0xxMrHWuW0SM
content-encoding: gzip
via: 1.1 47f81868b329bf877f7a46684a31c756.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 11:03:53 GMT
last-modified: Wed, 21 Feb 2024 09:12:02 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P3
age: 56626
x-amz-server-side-encryption: AES256
etag: W/"dbba70514c1c467e839c19df0c7713d4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: k7kwOWR8v7HfxL7-MAn5TatFH7jmYpleXhyXjx0NJ7REIHBl_1Sz3Q==

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 103 KB
22 KB 37ms
37ms Script
text/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:33 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 30 Jul 2024 01:24:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4959
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yXq%2B80OLwRNwZVofTryYrZw747A9DORuNyq4oHtarYihQBs6z0FgQhLSs3qqnVyC0uXmg5%2BpTpDVqSRubNQalxlfO3U95tLWMzFPKf3AwZAG5mh6obzmHg5T0ZKFKpGyUAJWLul9eQDZ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 8ab2065138f6c46d-EWR

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:33 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 30 Jul 2024 01:17:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5376
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jD4N27pvwuDjq5gJY6%2FFZ215fZhVMSJA1VA%2FBeovEq4Rzv75Za9KIQeHo3IeYJ6%2FV8KTmUln5T5tnv1vOcCIjPdofoZvS8eyH%2FNlkp4rxLSJAvBZB2G6C99uitlyFsmznF5PKpSCc2nu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 8ab206524a69c46d-EWR

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/f1d9d94ded8b13388a12e4bb69e532f1/ 302 B
579 B 18ms
18ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/program/campaign/config/f1d9d94ded8b13388a12e4bb69e532f1/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebb10e03bfe495ef4a51f61ab2e3c9e3b94cb8bc1e4b2c5294e9d8c94550fb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:33 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7054
content-length: 215
last-modified: Tue, 30 Jul 2024 00:49:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WmpDmjCKHLI5V%2B%2B30W9b9VfM%2FsF9XL3sJgiSOlxzRVq5nknDALTm6%2BuvZ5yAA2qWPhtFTDi5zbS%2BcdpgOdNGxKfrcemmQoq09B4sCQU0gfRV3D9ND%2B0GJ1dJ54AxkcEgnqlKD18taGna"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
x-lytics-trace: 18ecd38d64663f2b69894de8f98eb9b1
accept-ranges: bytes
cf-ray: 8ab206525a73c46d-EWR

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 151ms
84ms XHR
application/json 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407250101&st=env

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWViM2RlMTc3MA.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94b7955fae5e58ea7676187d57b8b06896d77dd124c707eebcad04834674b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12994
x-xss-protection: 0

GET
H2 200 favicon.ico
static.assetlab.io/redirector-prod/3.153.0/img/icons/ 1 KB
2 KB 27ms
27ms Other
image/vnd.microsoft.icon 108.156.120.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.153.0/img/icons/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.120.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-120-53.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6612dd210a4b7623c5c1f4e0d1cc38745fe818da57d3af521527d4cae9d06df1

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: n5Or.8Uxh7EJjsdrOnZnSiCF7e2ORrxT
date: Mon, 29 Jul 2024 11:37:57 GMT
via: 1.1 47f81868b329bf877f7a46684a31c756.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jul 2024 11:31:28 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P3
age: 54576
x-amz-server-side-encryption: AES256
etag: "a1dc412a42d1c7f6a905633a93f0fe06"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
content-length: 1150
x-amz-cf-id: c5u9Vk7uMhuO8JtWkavNyqXVVONnd31A6-iHVYUvKllW0njUdzWCow==

GET
H2 200 favicon-32x32.png
static.assetlab.io/redirector-prod/3.153.0/img/icons/ 890 B
1 KB 35ms
34ms Other
image/png 108.156.120.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.153.0/img/icons/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.120.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-120-53.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bb9eaf55f6b1925fd4cd5c541bbecf276034beaeb6709556bfbce24990239de

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 0mz6jYZcvyB_KhhF4nw1AiieqMQ4EXO.
date: Mon, 29 Jul 2024 10:36:17 GMT
via: 1.1 47f81868b329bf877f7a46684a31c756.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jul 2024 11:31:28 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P3
age: 58277
x-amz-server-side-encryption: AES256
etag: "a55d7209ea91a404dd1317f89985f559"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 890
x-amz-cf-id: t-1-yKK-cTRn3bHcT4npM0RswRTE_znDPTAj7Q7vghYz6TmY-4U1Hg==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 62ms
18ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Jul 2024 02:47:33 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DFA0 0
0 48ms
17ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posty.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 97497
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jul 2024 23:42:36 GMT
expires: Mon, 28 Jul 2025 23:42:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame EA56 0
0 72ms
33ms Document
text/html 2607:f8b0:4004:c06::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5JzTdOdWx8X_k0odoYjZwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://posty.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5JzTdOdWx8X_k0odoYjZwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jul 2024 02:47:33 GMT
expires: Tue, 30 Jul 2024 02:47:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407250101&jk=3872087307521902&bg=!9Pel97jNAAZTFZZkcxU7ADQBe5WfOBLRjaY1CbSvZuKHSzy4T96XxaJWPgsRHGvB6QSpmsWGZR60LpkLQp4aCP4eLq-6AgAAAHJSAAAABGgBB34ANmEu07IRA7DyTUKhJ34vxobeExwWywToir96PMNmN_iQrl5NTy_wUWNhqraTyvEoEkHyIQfq7ZkC7nrUSbFT--UXTCqVYFNTCV6Kf2kaX1tPdnKZ9u9L5kzXfbGNl_dNko2FppPkmU1q4VqMjYIhmCLF6dqtod3oZmiKCthZ6cj8C3PYuE25rxMf0X9YMoWnbRMela2g1zOyjd5q-Zz4cam_ft7M3Th6nwBop8kP69KxU7hNr-l6j0Wo2tkllXkm1rOwgmCLmzdFwekqxWsqzzQSiB8Ck_httwpASOnuaw_UeSMLOB61jGcTfD3TCtl1nSaNPqLPGrbHhpGTPSCYT4vZwG3XKYhScCYiMlQ9Ybe-ING6154uf-RMTlF6S2TSMF7muTLH_fpmr-AvpHht_77dbnTV-8bggH183sc3gYTuW9SGcogMVfPy_deKspBeav7JqTZU5bS5F59gy0rPy0pYakXg4UScMTHdlJoygmw1jRq4WdR_ppCrQmyNYW0Jo1aSuXdjVKr9Bj_X_92ocKAGCPUZZ4gOoEx4lwVjrc3qWk9FZPVtCK8ANE3rMyfDUvoHy-qEvat7W-pF8hxgx0AobwshnfoXCWnUqXoYXN3VbtgDm_cg3wOwymf90R0tNO3u3qLG1SNP_Gc0Ow_iNw1lYxafQSJqkFR03WolmylFi6fIqH9HJtLFhX0QBrhYaGXH6n__VbLMAWHd2A66Ugnj_N3I7Ne1XLXqwzwVA8PjPAMkyrMIqjFsTdOfwQ_qXzopllBQpriwb6FO3_vZ9EH7IbzxkWmibtql0UpFe57yqxrwtOnMm-7SRj6bRsK7qV5lzVqDzJXlRZcMKKGQ8cp7-6OcMI_IxxI90rM0JF8IhjUmllIDjQWzGyMTCv0TmxNzfH2yupZ5OExr_hx5gZK_lYclanIHB2dry62ycnkfjrThjv8BH8ulmB7dJ3mb219Begsaw0OA_1Xv9jYQq2tOGoNgaBqyPAiMzWnJ05ZLqlQBIGsoGyGAWjnWqIF6FdMx9cpSdh5ot_Gs7dgO0u5ihmtJZRAIY6HPV4jA2l9-16wYgHVUsw

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 22:26:34	Name: X-AB Value: fdcf6e462b6e488abffd4929ae370321
.us.umusic-online.com/	1970-01-20 22:25:09	Name: __cf_bm Value: rSDAkBiR4FYlJBK1GkMjlnLfO0qtYufaCQr5YEPpM_Q-1722307650-1.0.1.1-9VPOgNFLMypLwaeMlJSc8YwVsx0.biMYzzYT8BJdkvOkXRVnrJgs6gPglizPwxOIS7Ige39A82RKyQxwK0wptA
.lnk.to/	1970-01-20 22:25:08	Name: LF_session_8cfc090caa6d1d7c66e3adfc48128272 Value: 1
.lnk.to/	1970-01-21 07:46:43	Name: __gads Value: ID=802c0d7361806458:T=1722307651:RT=1722307651:S=ALNI_MY5EOPK8_Ono7Y8OuAlUPdkwia7GA
.lnk.to/	1970-01-21 07:46:43	Name: __gpi Value: UID=00000ebc6b6b9c63:T=1722307651:RT=1722307651:S=ALNI_MYDdf2vg47KVjr5z84fqMLse5YVQA
.lnk.to/	1970-01-21 02:44:19	Name: __eoi Value: ID=bd40cb63793b775e:T=1722307651:RT=1722307651:S=AA-AfjafczHnMD3HrnG4v7yL1u8Z
.lnk.to/	1970-01-21 08:01:07	Name: __td_signed Value: true
.lnk.to/	1970-01-21 08:01:07	Name: _td Value: 0bc749fe-febd-45ba-9242-dd470e97cf52
.scorecardresearch.com/	1970-01-21 07:46:43	Name: UID Value: 1BFabb0278a7db2b15e09361722307651
.scorecardresearch.com/	1970-01-21 07:46:43	Name: XID Value: 1BFabb0278a7db2b15e09361722307651
.lnk.to/	1970-01-21 07:54:54	Name: _scid Value: a549759d-eefe-40e4-99cb-1a49587272ab
.ad.gt/	1969-12-31 23:59:59	Name: au_3p_check Value: 1
.lnk.to/	1970-01-21 07:54:54	Name: _scid_r Value: a549759d-eefe-40e4-99cb-1a49587272ab
.posty.lnk.to/	1970-01-20 22:25:09	Name: seerses Value: e
.lnk.to/	1970-01-21 00:34:43	Name: _gcl_au Value: 1.1.1595076106.1722307652
.posty.lnk.to/	1970-01-21 07:10:43	Name: _au_1d Value: AU1D-0100-001722307652-EMF58FPO-GESX
.in.treasuredata.com/	1970-01-21 08:01:07	Name: _td_global Value: fc063ad5-1fbf-4304-9574-a5416da92e5e
.adnxs.com/	1970-01-21 00:34:43	Name: XANDR_PANID Value: yYPE-T5jFyoqFw0-h5zVc3DUyWSeyWPpkIFst-bCUZkJXTcG40vbWpLWqP8RlBt9ejkhmPqnXPUKwEteb1bww2aLCmU4IjVGp2Wny8M577E.
.adnxs.com/	1970-01-21 08:01:07	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:34:43	Name: uuid2 Value: 3930559862573526092
.tiktok.com/	1970-01-21 07:46:43	Name: _ttp Value: 2jwolVdeH2C1xlg1kqkYo8Xv9Qh
.doubleclick.net/	1970-01-21 08:01:07	Name: IDE Value: AHWqTUnkOIWJvE-nsisrgjVPufl2eQqZ7NAi8dsQL-4_PU-yFLjXUa80oHRwY2tK
.adsrvr.org/	1970-01-21 07:10:43	Name: TDID Value: e929fc2b-786f-427a-91e4-7e8269165912
.lnk.to/	1970-01-21 08:01:07	Name: _ga_SK2KRMG100 Value: GS1.1.1722307652.1.0.1722307652.0.0.0
.tapad.com/	1970-01-20 23:51:31	Name: TapAd_TS Value: 1722307652038
.tapad.com/	1970-01-20 23:51:31	Name: TapAd_DID Value: 06f526cd-60ae-451f-b77b-2b62d89fb83c
.pubmatic.com/	1970-01-21 00:34:43	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-21 07:10:43	Name: KADUSERCOOKIE Value: 3B64A4F2-2606-443B-BF0E-B5D8DF01F62F
.snapchat.com/	1970-01-21 07:46:43	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GuRHAIAwEwIo0c3rQYXcjQRkUb4dstK0Y7qT0qpRo2//8EaI0cy5WxNHAqzRzMIedq/gAuKCop0AAAAA=
.lnk.to/	1970-01-21 08:01:07	Name: _ga Value: GA1.2.601100387.1722307652
.lnk.to/	1970-01-20 22:26:34	Name: _gid Value: GA1.2.1938003549.1722307652
.lnk.to/	1970-01-20 22:25:07	Name: _gat_gtag_UA_54175133_1 Value: 1
.adsrvr.org/	1970-01-21 07:10:43	Name: TDCPM Value: CAESFAoFdGFwYWQSCwiqt9Tf_5KYPRAFGAEgASgCMgsIgq3XjJaTmD0QBTgBWgV0YXBhZGAC
.lnk.to/	1970-01-20 22:35:12	Name: _ScCbts Value: %5B%5D
.posty.lnk.to/	1970-01-21 08:01:07	Name: seerid Value: c3d7bfa4-cdbe-4bd5-bbce-d20413455727
.ad.gt/	1970-01-21 07:10:43	Name: au_id Value: AU1D-0100-001722307652-EMF58FPO-GESX
.tapad.com/	1970-01-20 23:51:31	Name: TapAd_3WAY_SYNCS Value:
.lytics.io/	1970-01-21 08:01:07	Name: seerid Value: c3d7bfa4-cdbe-4bd5-bbce-d20413455727
.turn.com/	1970-01-21 02:44:19	Name: uid Value: 8081864309992959030
.lnk.to/	1970-01-21 07:46:43	Name: _tt_enable_cookie Value: 1
.lnk.to/	1970-01-21 07:46:43	Name: _ttp Value: LU_MnyNKXM7AYC5sakvM4Db_877
.colossusssp.com/	1970-01-21 07:10:43	Name: gtm_usr Value: 615a215d-f906-42ae-ba19-fa2f4d3c0428
.colossusssp.com/	1970-01-21 07:10:43	Name: lmg_r Value: 66
.demdex.net/	1970-01-21 02:44:19	Name: demdex Value: 66339806884452292841397619527934413114
.t.co/	1970-01-21 08:01:07	Name: muc_ads Value: a5d4692c-2258-4f00-a080-b9abab075969
.go.sonobi.com/	1970-01-21 07:10:43	Name: __uis Value: e478b4d1-6fb1-473d-acac-1939ef1d1b4a
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85149\|ZqhUR
.dpm.demdex.net/	1970-01-21 02:44:19	Name: dpm Value: 66339806884452292841397619527934413114
.openx.net/	1970-01-21 07:10:43	Name: i Value: a762e79b-dfc8-4cd5-8dc3-9f9c23e154bd\|1722307652
.lnk.to/	1970-01-21 07:54:54	Name: _sctr Value: 1%7C1722247200000
.twitter.com/	1970-01-21 08:01:07	Name: personalization_id Value: "v1_QeCejGY5YbVhevqsZMP6wg=="
.lnk.to/	1970-01-21 00:34:43	Name: _fbp Value: fb.1.1722307652465.999945137548582693
.rubiconproject.com/	1970-01-21 07:10:43	Name: audit_p Value: 1\|Gx1XVgCimE3FHJTDK7Egy8BeZVex1eBZkIuXUZVuMpOMaGpsUGBQ3gPbM5DouSFiIIvKhuQ/VgPyUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnc00dFcxMz1IQl0n1AamZ8euGxAu1mmJ+bOYuVGJdyUZYPDxny9O7hNPVHjylZIeXNAPlTu0R9RN
.rubiconproject.com/	1970-01-21 07:10:43	Name: khaos Value: LZ7TI9WP-3-2UMH
.rubiconproject.com/	1970-01-21 07:10:43	Name: khaos_p Value: LZ7TI9WP-3-2UMH
.rubiconproject.com/	1970-01-21 07:10:43	Name: audit Value: 1\|Gx1XVgCimE3FHJTDK7Egy8BeZVex1eBZkIuXUZVuMpOMaGpsUGBQ3gPbM5DouSFiIIvKhuQ/VgPyUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnc00dFcxMz1IQl0n1AamZ8euGxAu1mmJ+bOYuVGJdyUZYPDxny9O7hNPVHjylZIeXNAPlTu0R9RN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
c.lytics.io
cdn.hadronid.net
cdn.linkfire.com
cdn.treasuredata.com
cdnjs.cloudflare.com
cf3eab2a6c9fea51ef678e45343674a5.safeframe.googlesyndication.com
cm.g.doubleclick.net
connect.facebook.net
d.turn.com
dpm.demdex.net
googleads.g.doubleclick.net
id.hadron.ad.gt
ids.ad.gt
image2.pubmatic.com
linkstorage.linkfire.com
match.adsrvr.org
onetag-sys.com
p.ad.gt
p.scdn.co
pagead2.googlesyndication.com
pixel.tapad.com
pixels.ad.gt
platform.twitter.com
posty.lnk.to
sb.scorecardresearch.com
sc-static.net
secure.adnxs.com
securepubads.g.doubleclick.net
services.linkfire.com
static.ads-twitter.com
static.assetlab.io
sync.1rx.io
sync.colossusssp.com
sync.go.sonobi.com
t.co
token.rubiconproject.com
tpc.googlesyndication.com
tr.snapchat.com
tr6.snapchat.com
u.openx.net
us.umusic-online.com
us01.records.in.treasuredata.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
pagead2.googlesyndication.com
104.126.119.98
104.244.42.131
108.139.47.8
108.156.120.53
13.249.39.75
142.251.163.155
146.75.28.157
162.159.140.128
172.240.155.100
172.253.122.156
18.154.227.51
18.238.49.25
23.53.35.133
2600:1901:0:7628::
2600:9000:247b:dc00:14:38a4:2ec0:93a1
2606:2800:220:131d:1d30:1f1d:238b:1e56
2606:4700:10::6816:34ad
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:20::681a:216
2606:4700::6811:190e
2607:f350:3:2569:0:10:0:200d
2607:f8b0:4004:c06::63
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c07::9d
2607:f8b0:4004:c0b::61
2607:f8b0:4004:c1b::9a
2607:f8b0:4004:c1d::84
2607:f8b0:4004:c1d::9a
2607:f8b0:4004:c1f::64
2607:f8b0:4004:c21::84
2620:112:f008:200::101
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a04:4e42:4e::760
3.163.245.4
3.212.25.222
3.225.90.137
3.33.220.150
34.111.113.62
35.190.43.134
35.244.159.8
44.195.106.66
51.222.39.186
52.42.80.15
68.67.160.132
69.173.151.100
69.194.240.13
72.21.81.130
8.28.7.83
01dac44a76268f6303045e3680733d2f56492bc3a8224adf4ac5fe89c8e80bd5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05a5fac03580933e0a88b0749020180b52b3f53580684264a0cae62686739071
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b94ae30beaa7a731be46e19ff6eaa948bbe5b3369bf36b62cf8645f777dfac4
135f38fde765ee68085c1ae7aa191a4b179cfb99ca6853c2b42f9fb8849d5b17
18f49c5cb5c574c53ef04470a71ea5d30679011e70a0f1c2b7405af20bb870d0
1abcfe03b13c9e5e8ff2ef9307c57fb816bfef850f9ce1ae90c07384ef98ae70
1df9c953053965fc56c34399bc55ac59f6ab462e6027ce3cb0643d8028319ab3
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
1faa3922866d8fc8facd5042a5a189a9850a3b1af57b64dff652617c6649e4d8
1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe
23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e
24893d75a4b75d8c8252b5c192e1040d82e5ba14c29b3ebc768877fb7e3f9168
26e1284c3a3c640732e9899e5ed5c6be689c4d21bd7f35025816f983edd408c0
27c621bcf54245087460636275667abc0fada8175d4a824dd9bdca25ad3440d4
2953217b5e320afbe57db90ecb6b3081e7eeae485330fe325b8b1ff17519f3c4
2b985f625322e527136515dcda7a6fa29ffdbfa4bf40ebb661d1d84706b0612f
34078200e60ca43461630face48ad447b8f0b168fb47690f478072e2c1a9e5f5
34a8415bb0f342e98d977466d700d0f02d41eb934f63c851c08506978e051bd5
3ce9c869d01258f4e024478cbb35d9c6d905e247fe95a11984e5277a96dde0fd
3e34287a2517dbb99602d53933cc75cd9208dbf1627218ff1422d4016f411367
40039e484599ff9d06a8b426c17036fd4808e27f9f80f36857f0dd43e398df35
4296b357302c4a1d889d19d8bd507a5687afd5f0c9d44e400e3ffd8b3ed27169
4601e6cd3682181d1b4d848bf0489f3ed31e13bb0acb0f7644700e4003384096
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
47adf75a8692efb19308f90e2458bf48677051ced568f88f3ab364cbf2bbe0c6
48442a68a245429c0b9e568a6aa953928ddfa30d565551ecf09fe2420479f2af
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4bb9eaf55f6b1925fd4cd5c541bbecf276034beaeb6709556bfbce24990239de
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4fe1f2aa9d9425ea5c968a1944c7e48cc5a521a981afb7d358cc5849f8efbe94
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3
5114f94a479198c25803b0fd303e8e1c0268f9f7540aeb0ba58cf3387e3188c1
5eb7c05770cfc55921a70c64e63de994a684c9c78e9b1aa34ffc97f494d464f2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63
62ed4d7198d9c78a9668d6a639e81d1a3dde7d0d4174011fc26a7f76641a1e1c
65d381b3a4bc51220c507dc5037f012f983b0ecfa0e3c0c650983b141f6f2861
6612dd210a4b7623c5c1f4e0d1cc38745fe818da57d3af521527d4cae9d06df1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70d7df9d96e72966b1414f9dab03e643df64883fd1010175af4d69b5c0ec7905
710142034a86256c62cec73b913ea932594cff58a258dae73d87eef099df23b2
722b26d758f702021fef6429f0720ed30daa8f299fa1e4db2479bbe66d1ee50e
75e3292cc9b65abbfbbf4d00bb9ec8862057d54ff51b60364f3c518d3be3edfe
763c09aa56110b05ed4d4d716ba81736b6fe696c57d66cbef6d850d9bfe35782
797a598920fb381cdba04d95a0cafb839833535f129b8439b2f9aa6a6f304499
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8c63223633a72b439f8ba6eafbe2db2db554a7c50d9a8e5b86ac9721ce98e1c1
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
93f9d8b7b6894e6c2a50c10cb550195929fc2e5d57e4d04c5b1fcb36389e40d4
94b7955fae5e58ea7676187d57b8b06896d77dd124c707eebcad04834674b88a
975f93c89036852225cae57756ec08a8a54b479e5084889dd5b7c1c5c4ea3533
9886a3f808e1ccc128682351d014c9d704f176449c7f7ec4bedfff745d60bd87
9d43c9276e1e2a8ec8714289f1d6d232bee0e0f394fea3d7a92e8794e244f43d
a38410bc5a49a631c04ed2e65ae1c16153e95591d97bacea9e196642a293ffc8
a3a59a7af0c06345372359c3e0326c03d02e7076beee6ed480aa5acde25bdedc
a3dc77da3079dd2038fbcbaee116b7f3ff7d4af243b9666a5e1f9256e372d97b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68
b278c9fa55878e3d1c18e60c68d2a0fb7127f36e57cd9c490717982ad3cfa8a3
b5236c1a7e797c8e1bd444bf333b3426e6faa79a80076278dc5b552234efbb62
bd36e885cb5adefc8c12432e4d8d0747a80aa9045c5d4a5d195c95e3a7d56aa8
c04ae677cad338840ba6212d85eb12cbef2aa877d338d10cf940daea2b87be3e
c4446f839fc90df1a9cf2857be70c3fa2304d199f645767af9008df71cd7f77b
c84990400258eb37cf137a823a1c5d69ba72315c4c3bef8c5c7160178134e04d
c9bd2a0834b4f41db972be823eb7152df0e4a3d74c5326fe8ebf2ce880ddcf4c
ccec011844fbf48474385dc5d3f63bd821a39f107012b8d10e6fc2b0e7ddb07b
ce8dd3788420f43621712dce35b791a89c3da225cf40bd6ad077d240e7e5a0e2
ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff
cfa4e5cc65fe1b15b8b9066c0521026ef8b3c6ff0d8cdd5b1a2322c6eadb0830
d4feee07cc8d5272a6c10443de46e3df0e586f99bac96569ba408d92c0383002
d65091d82bae08431b230ca67c78eda5997343fba14533f00d8be6d7c6f1ad77
da0c5870836a5450370f318edf8fd417c62ae42447d6c86c422017f2a3f56ee7
dac4699c9424abe7676e03ae72fb34c631738ab87d49ab3255c31d58106ce21c
dbd25991de0aaa583a5fd300dd2c579343d4459bf87a6485d31151224628adeb
dc242f2acb69deaa2c17cce616c89430cd666771b2e8303465bbfdc340d39663
dda1cc0a6d747b664efca58eb9365c500e200925de6dfd082f6921e8d351a7bb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0d3cadfb83a62a1da36fe8ab53c43b6c55d984392c2185bed5a9090a9b38f58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ebb10e03bfe495ef4a51f61ab2e3c9e3b94cb8bc1e4b2c5294e9d8c94550fb95
eeba3ace9cbfefe01391c267ac236776ebe26bf6cd629ea90a9fb07f7253042b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c24b3475640eeea101d42d9ae80686d9e54dfd2c5666638845b1e9b63c75dc
f49192a63335705de7cfadfd6fb7858dbd8565e242dcbcbde96610fb437f76b9
fdaf641251a8854b64e807fef8f115f1e47cf644cfe6c76e0e36d067962bb9a3
ff362590942cd8bb93423aefea52b6f7c6cdabbc9e43e8e8833d6b3164959133

posty.lnk.to Open in urlscan Pro 44.195.106.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

160 Requests

89 %HTTPS

45 %IPv6

38 Domains

51 Subdomains

41 IPs

3 Countries

2112 kBTransfer

5763 kBSize

56 Cookies

11 Outgoing links

Page URL History

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

posty.lnk.to Open in urlscan Pro
44.195.106.66 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

89 %
HTTPS

45 %
IPv6

38
Domains

51
Subdomains

41
IPs

3
Countries

2112 kB
Transfer

5763 kB
Size

56
Cookies

160 HTTP transactions
0 data transactions