anellaherim.lnk.to Open in urlscan Pro
52.208.114.85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://us.umusic-online.com/4YUH-8JTX-3D2TUT-7UJYR-1/c.aspx
Effective URL:
https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_D...
Submission: On November 04 via api (November 4th 2023, 7:16:08 am UTC) from BE — Scanned from DE

Summary HTTP 38 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 38 HTTP transactions. The main IP is 52.208.114.85, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is anellaherim.lnk.to.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 10th 2023. Valid for: a year.

This is the only time anellaherim.lnk.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.17.129.171 104.17.129.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.208.114.85 52.208.114.85	16509 (AMAZON-02) (AMAZON-02)
9	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
7	18.245.86.8 18.245.86.8	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
2	13.32.99.14 13.32.99.14	16509 (AMAZON-02) (AMAZON-02)
6	13.225.78.106 13.225.78.106	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1 3	18.245.60.107 18.245.60.107	16509 (AMAZON-02) (AMAZON-02)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
38	11

1 104.17.129.171 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

us.umusic-online.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.208.114.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-114-85.eu-west-1.compute.amazonaws.com

anellaherim.lnk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.245.86.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-8.fra60.r.cloudfront.net

static.assetlab.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-14.fra60.r.cloudfront.net

linkstorage.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.78.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-106.fra2.r.cloudfront.net

services.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.245.60.107 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-107.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

d347b1b29ce130c8946018f97b7e7d5e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	168 KB
8	linkfire.com linkstorage.linkfire.com — Cisco Umbrella Rank: 106922 services.linkfire.com — Cisco Umbrella Rank: 106333	176 KB
7	assetlab.io static.assetlab.io — Cisco Umbrella Rank: 87356	342 KB
4	lnk.to anellaherim.lnk.to	114 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 d347b1b29ce130c8946018f97b7e7d5e.safeframe.googlesyndication.com tpc.googlesyndication.com Failed	15 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
3	gstatic.com fonts.gstatic.com	47 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	umusic-online.com 1 redirects us.umusic-online.com — Cisco Umbrella Rank: 261376	581 B
38	9

	Domain	Requested by
9	securepubads.g.doubleclick.net	anellaherim.lnk.to securepubads.g.doubleclick.net
7	static.assetlab.io	anellaherim.lnk.to static.assetlab.io
6	services.linkfire.com	anellaherim.lnk.to
4	anellaherim.lnk.to	anellaherim.lnk.to static.assetlab.io
3	sb.scorecardresearch.com	1 redirects anellaherim.lnk.to
3	fonts.gstatic.com	fonts.googleapis.com
2	pagead2.googlesyndication.com	static.assetlab.io securepubads.g.doubleclick.net
2	linkstorage.linkfire.com	anellaherim.lnk.to
1	d347b1b29ce130c8946018f97b7e7d5e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fonts.googleapis.com	anellaherim.lnk.to
1	us.umusic-online.com	1 redirects
0	tpc.googlesyndication.com Failed	securepubads.g.doubleclick.net
38	12

This site contains links to these domains. Also see Links.

Domain
music.apple.com
music.amazon.com
open.spotify.com
itunes.apple.com
www.deezer.com
music.youtube.com

Subject Issuer	Validity	Valid
lnk.to Amazon RSA 2048 M02	`2023-07-10` - `2024-08-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
static.assetlab.io Amazon RSA 2048 M03	`2023-09-20` - `2024-10-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
linkfire.com Amazon RSA 2048 M02	`2023-04-19` - `2024-05-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
Frame ID: 00B01C2A8FA3961D8FF372FFA1CC3C65
Requests: 37 HTTP requests in this frame

Frame: https://d347b1b29ce130c8946018f97b7e7d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9D4D8554CE4DB936B53D066850912402
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anella Herim - Tennessee Love Song

Page URL History Show full URLs

https://us.umusic-online.com/4YUH-8JTX-3D2TUT-7UJYR-1/c.aspx HTTP 302
https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_... Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

38
Requests

95 %
HTTPS

0 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

865 kB
Transfer

2107 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://music.apple.com/us/album/1707321135?ls=1&at=1000lMJJ&app=music&ct=LFV_c331a2e7a3bd05fd37529f4a0cbd83a0&itscg=30440&itsct=catchall_p1&lId=29571695&cId=none&sr=1&src=Linkfire
Title: Abspielen

Search URL Search Domain Scan URL

URL: http://music.amazon.com/albums/B0CJLD82QF?tag=universal00-21&ie=UTF8&linkCode=as2&ascsubtag=c331a2e7a3bd05fd37529f4a0cbd83a0&ref=dmm_acq_soc_de_u_lfire_lp_x_c331a2e7a3bd05fd37529f4a0cbd83a0&utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH%2C8JTX%2C3D2TUT%2C180YY%2C1
Title: Abspielen

Search URL Search Domain Scan URL

URL: https://open.spotify.com/album/2pWBzztGG1t2ZHs3aeqwS2?go=1
Title: Abspielen

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/album/1707321135?ls=1&at=1000lMJJ&app=itunes&ct=LFV_c331a2e7a3bd05fd37529f4a0cbd83a0&itscg=30440&itsct=catchall_p4&lId=29571695&cId=none&sr=4&src=Linkfire
Title: Laden

Search URL Search Domain Scan URL

URL: https://www.deezer.com/us/album/491145615?app_id=140685&utm_source=partner_linkfire&utm_campaign=c331a2e7a3bd05fd37529f4a0cbd83a0&utm_medium=Original&utm_term=def-jam-us&utm_content=album-491145615&dm_i=4YUH%2C8JTX%2C3D2TUT%2C180YY%2C1
Title: Abspielen

Search URL Search Domain Scan URL

URL: https://music.youtube.com/playlist?list=OLAK5uy_mQJOtyZ2zZ9rJjy5og2LHLuqMl-xSutFM&src=Linkfire&lId=00e2ae5c-6cd1-4e45-a06c-527583063e7e&cId=d3d58fd7-4c47-11e6-9fd0-066c3e7a8751&utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH%2C8JTX%2C3D2TUT%2C180YY%2C1
Title: Abspielen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://us.umusic-online.com/4YUH-8JTX-3D2TUT-7UJYR-1/c.aspx HTTP 302
https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://sb.scorecardresearch.com/cs/9923941/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request TennesseeLoveSong Show response
anellaherim.lnk.to/
Redirect Chain

https://us.umusic-online.com/4YUH-8JTX-3D2TUT-7UJYR-1/c.aspx
https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1

113 KB
114 KB

348ms
126ms

Document
text/html

52.208.114.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.114.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-114-85.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac418b0703374e2246b0fd3ba725931bab2d3a619b3936983202b74a1864c806

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 04 Nov 2023 07:15:39 GMT
server: nginx
x-redirector-version: redirector-v3

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 820b1128be6a3722-FRA
content-length: 0
date: Sat, 04 Nov 2023 07:15:39 GMT
location: https://anellaherim.lnk.to:443/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
server: cloudflare

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
31 KB 1383ms
226ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: anellaherim.lnk.to
URL: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

4069900229530986c79845ef62e38f20ff5472d8775ca67c8969fecbe9186a30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31026
x-xss-protection: 0
server: cafe
etag: 452 / 19665 / m202310310101 / config-hash: 7101305502720886139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 07:15:41 GMT

GET
H2 200 release-classic.css
static.assetlab.io/red3/605/ 70 KB
11 KB 809ms
0ms Stylesheet
text/css 18.245.86.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/605/release-classic.css
Requested by: Host: anellaherim.lnk.to
URL: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20cefe38c853522bcb2a20df60781c234f0b064189ab37d23e6f4927df695469

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: dzpRQ43MRffPcMQ5asORKB7ZbylQoCiK
content-encoding: gzip
via: 1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
date: Fri, 03 Nov 2023 23:28:53 GMT
last-modified: Tue, 31 Oct 2023 08:57:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 28009
x-amz-server-side-encryption: AES256
etag: W/"4cf3ccfe0aee7a3592dd340310582f20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: GgC7yR5yncBXDH4b_U67UZ77uBW6O1iK8pdZUZVqWo4ampU49bKynQ==

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 1327ms
174ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Nov 2023 07:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Nov 2023 05:37:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Nov 2023 07:15:41 GMT

GET
H2 200 release-classic-nosample.js Show response
static.assetlab.io/red3/605/ 483 KB
148 KB 928ms
0ms Script
application/javascript 18.245.86.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/605/release-classic-nosample.js
Requested by: Host: anellaherim.lnk.to
URL: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: daea7639e53f9946259adb85e1f98a65dda3bc1c0b43854e65eea7b37b6b4ec3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: AGAOvp2Eolbz4sGgyjv.dP9C4szSZxsk
content-encoding: gzip
via: 1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
date: Fri, 03 Nov 2023 09:29:04 GMT
last-modified: Tue, 31 Oct 2023 08:57:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 78397
x-amz-server-side-encryption: AES256
etag: W/"38b2a0cd442f711707e1f20f92ea34a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: gHtSbcP-q_d-IOeSDLPirkrjKoIDHRYpCkh098qUUyuy9NbVcDjd4A==

GET
H2 200 artwork-440x440.jpg
linkstorage.linkfire.com/medialinks/images/c88cc313-d1e4-41c4-95de-ef42fa3f532b/ 76 KB
77 KB 1422ms
496ms Image
image/jpeg 13.32.99.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linkstorage.linkfire.com/medialinks/images/c88cc313-d1e4-41c4-95de-ef42fa3f532b/artwork-440x440.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-14.fra60.r.cloudfront.net

Software

The Great Gig In The Sky / Master of Puppets

Resource Hash

d503f93270a0b3ae7e798cf3bc6853aee75ab54b2a871c4a47ae2eef5c9ad66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:15:42 GMT
x-amz-version-id: .yYLFvvKmrv87QhCn9Mu6XfygWWVTX7U
x-content-type-options: nosniff
strict-transport-security: max-age=10368000; includeSubdomains; preload
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-powered-by: Master of Puppets
x-cache: Miss from cloudfront
content-length: 78270
x-xss-protection: 1; mode=block
x-linkfire-security: security@linkfire.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Sep 2023 18:08:01 GMT
server: The Great Gig In The Sky
etag: "b4b37eb0c1d3c4d51487835d5442a38f"
expect-ct: max-age=0
x-frame-options: DENY
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: qs1YcTG6Na2z2TxvneROCyfvJSPN7eRPE817l-_U7Xt2Gjlp2rP_Aw==

GET
H2 200 logo_applemusic_onlight.svg
services.linkfire.com/ 7 KB
4 KB 1325ms
155ms Image
image/svg+xml 13.225.78.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_applemusic_onlight.svg
Requested by: Host: anellaherim.lnk.to
URL: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-106.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 18:59:10 GMT
x-amz-version-id: nGo7v092Ub92VgXy.O3WmDeRgTKJPui3
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 11:13:55 GMT
server: AmazonS3
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"3d4894f0254dc9d917c86fffd766046a"
age: 562592
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: jogo9KDvBfWboGv44iu547u2kjPdvN4HNUvoaLJIHQDKLkdIQq9_6Q==

GET
H2 200 logo_amazonmusic_onlight.svg
services.linkfire.com/ 13 KB
6 KB 816ms
0ms Image
image/svg+xml 13.225.78.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_amazonmusic_onlight.svg
Requested by: Host: anellaherim.lnk.to
URL: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-106.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 975f93c89036852225cae57756ec08a8a54b479e5084889dd5b7c1c5c4ea3533

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: t.6xwhzUsEMabMOAcrU_ahq8gb2zQE2F
content-encoding: gzip
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
date: Tue, 31 Oct 2023 18:30:17 GMT
last-modified: Thu, 14 Sep 2023 12:43:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 305125
x-amz-server-side-encryption: AES256
etag: W/"8431baffada660f88a05cf5c64654842"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 1yVgjhpBfWCoUKUUhvtvQGVpVHWQgDFy_sIpupdyG_wZQtmlxS1WCg==

GET
H2 200 logo_spotify_onlight.svg
services.linkfire.com/ 6 KB
3 KB 817ms
0ms Image
image/svg+xml 13.225.78.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_spotify_onlight.svg
Requested by: Host: anellaherim.lnk.to
URL: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-106.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
date: Wed, 01 Nov 2023 04:24:02 GMT
last-modified: Wed, 02 Nov 2016 12:14:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 270116
etag: W/"10ebad8fc307d85d6ed34e9fa95a7577"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: YsagTgHvN-NZyl8dV5hM41sjz-ImBwXowil6yHDSgLU8FhCW_ZksaQ==

GET
H2 200 logo_itunes_onlight.svg
services.linkfire.com/ 19 KB
5 KB 815ms
0ms Image
image/svg+xml 13.225.78.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_itunes_onlight.svg
Requested by: Host: anellaherim.lnk.to
URL: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-106.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
date: Fri, 03 Nov 2023 16:49:00 GMT
last-modified: Fri, 23 Mar 2018 08:26:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 52003
etag: W/"db14889932940c59c989f46bcff71c80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: HqFMtz_UQUENk7FpYmtTV69-Hy1AZOIA3iTZyJlUntVdKKQ0wfSWcg==

GET
H2 200 logo_deezer_onlight.svg
services.linkfire.com/ 7 KB
2 KB 817ms
0ms Image
image/svg+xml 13.225.78.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_deezer_onlight.svg
Requested by: Host: anellaherim.lnk.to
URL: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-106.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f8a9b6a12cd203128f1fbde87d4fb396511cec3492ae458f654e44a97afb9d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
date: Wed, 01 Nov 2023 04:24:02 GMT
last-modified: Tue, 07 May 2019 14:18:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 269605
etag: W/"c488f62a2b4ec4cc5f9368f3f9969eed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: NjRhyB80hqL2npPO__hMsRk3LYzXHobXuPmZGI0TNhyAenfDrhrteQ==

GET
H2 200 logo_youtubemusic_onlight.svg
services.linkfire.com/ 5 KB
2 KB 814ms
0ms Image
image/svg+xml 13.225.78.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_youtubemusic_onlight.svg
Requested by: Host: anellaherim.lnk.to
URL: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-106.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ce9c869d01258f4e024478cbb35d9c6d905e247fe95a11984e5277a96dde0fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: G1rOQPF3JpQef3z0Vi5fsLBWAO__tg2E
content-encoding: gzip
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
date: Wed, 01 Nov 2023 04:24:03 GMT
last-modified: Fri, 23 Jun 2023 08:30:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 269817
x-amz-server-side-encryption: AES256
etag: W/"d074b492d1d7017ee94ac92a3891a8c7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: A4TmU__Xn-r3-ahl_DLt9WaTvEewzuV14fpraA_6VzPEL1vi9ZUDPA==

GET
H2 200 skin.js Show response
static.assetlab.io/red3/605/ 542 KB
160 KB 834ms
0ms Script
application/javascript 18.245.86.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/605/skin.js
Requested by: Host: anellaherim.lnk.to
URL: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac249b48798ccead26366674370ddf4abee656db85543842fd1643b6d6bd33c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: k3p4HYhdsHTnwfuJwC4K1Kw1yx5UV2BF
content-encoding: gzip
via: 1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
date: Fri, 03 Nov 2023 23:28:54 GMT
last-modified: Tue, 31 Oct 2023 08:57:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 28011
x-amz-server-side-encryption: AES256
etag: W/"fb16fb19975d9f1bc757dd3d42b68e9e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 3uJxmLrItpC5fcHWrACpIDfEdU3KALgWj_p6z-yk_eSNJ8N6485W7A==

GET
H2 200 consent.js Show response
static.assetlab.io/consent/1.11.4/ 53 KB
17 KB 1160ms
326ms Script
application/javascript 18.245.86.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.11.4/consent.js
Requested by: Host: anellaherim.lnk.to
URL: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fa2916552b7c847586b1150413a4626cb87e310dd751544091125f86fa46fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: DO3Y.PjwotHLU6BR1DmWQNj5.HnLCS5k
content-encoding: gzip
via: 1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
date: Sat, 04 Nov 2023 05:22:17 GMT
last-modified: Mon, 11 Sep 2023 15:03:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 6807
x-amz-server-side-encryption: AES256
etag: W/"bf5bf954f85d2f7c8c7788597ca69cec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: xAmgXkpCKLsP-wJcBe2L4P66ss56AP1t5xzNA6m1W3UDnjPwew5-9g==

GET
H2 200 artwork-440x440.jpg
linkstorage.linkfire.com/medialinks/images/c88cc313-d1e4-41c4-95de-ef42fa3f532b/ 76 KB
77 KB 834ms
0ms Image
image/jpeg 13.32.99.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linkstorage.linkfire.com/medialinks/images/c88cc313-d1e4-41c4-95de-ef42fa3f532b/artwork-440x440.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-14.fra60.r.cloudfront.net

Software

The Great Gig In The Sky / Master of Puppets

Resource Hash

d503f93270a0b3ae7e798cf3bc6853aee75ab54b2a871c4a47ae2eef5c9ad66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:15:42 GMT
x-amz-version-id: .yYLFvvKmrv87QhCn9Mu6XfygWWVTX7U
x-content-type-options: nosniff
strict-transport-security: max-age=10368000; includeSubdomains; preload
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 1
x-amz-server-side-encryption: AES256
x-powered-by: Master of Puppets
x-cache: Hit from cloudfront
content-length: 78270
x-xss-protection: 1; mode=block
x-linkfire-security: security@linkfire.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Sep 2023 18:08:01 GMT
server: The Great Gig In The Sky
etag: "b4b37eb0c1d3c4d51487835d5442a38f"
expect-ct: max-age=0
x-frame-options: DENY
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: 1iiveFsuiRVscnklqtPd9_FdOFZqE0C3LdRnsWs2nT5gm0BQcywgMw==

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 1700ms
0ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://anellaherim.lnk.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 15:18:02 GMT
x-content-type-options: nosniff
age: 57461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 15:18:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 1531ms
0ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://anellaherim.lnk.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 97730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 04:06:52 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/ 425 KB
133 KB 619ms
0ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:57:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73117
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136288
x-xss-protection: 0
server: cafe
etag: 17302374607849014435
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 02 Nov 2024 10:57:06 GMT

GET
H2 200 consent.css
static.assetlab.io/consent/1.11.4/ 26 KB
5 KB 236ms
35ms Stylesheet
text/css 18.245.86.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.11.4/consent.css
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.4/consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1132a5cc479c9e343ff008ea74229bcf3fdb2d3494d591819a71566c721b9790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 4bBojVfCoDE4N1uE31wXkg0227ImqABr
content-encoding: gzip
via: 1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
date: Fri, 03 Nov 2023 08:20:40 GMT
last-modified: Mon, 11 Sep 2023 15:03:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 82503
x-amz-server-side-encryption: AES256
etag: W/"55d1af0e3653af219c2e49295a1deb97"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: Lr0423ou_7m3JML4n7LqrQgX1P8MJGFzwT7VZ3vHoGN8lYf4iKPj1g==

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/9923941/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

575ms
0ms

Script
application/javascript

18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: anellaherim.lnk.to
URL: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
Protocol: H2
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 06:02:38 GMT
content-encoding: gzip
via: 1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 09:10:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 4389
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: Ft0AfRpmEKV4vqzNi8Vk1nvc3vzs8fePZDg-fFP9S8Z3XbVEBZfBwg==

Redirect headers

date: Sat, 04 Nov 2023 07:15:45 GMT
via: 1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: xi8w7jrbPFhjFtNPmZ3caeIS95MZqz6qxWf2ZFLZEM491EzLH52PLw==

POST
H2 200 / Show response
anellaherim.lnk.to/~/tr/visit/ 70 B
186 B 1206ms
775ms XHR
application/json 52.208.114.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://anellaherim.lnk.to/~/tr/visit/
Requested by: Host: anellaherim.lnk.to
URL: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.114.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-114-85.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 99ff6dccbbf5883e915975d34369491c3353410eb0241fdf23161bd91cdf81e4

Request headers

Referer: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 04 Nov 2023 07:15:44 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 2965ms
0ms Fetch
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/red3/605/release-classic-nosample.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:15:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52155
x-xss-protection: 0
server: cafe
etag: 4632507420068479449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 07:15:46 GMT

GET
H2 200 ic-shield-blue.svg
static.assetlab.io/consent/1.11.4/assets/ 1 KB
1 KB 675ms
563ms Image
image/svg+xml 18.245.86.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/consent/1.11.4/assets/ic-shield-blue.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.4/consent.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.assetlab.io/consent/1.11.4/consent.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: pWZvTnA3egbODOBHt3YiW1LxOA9z3QN4
content-encoding: gzip
via: 1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
date: Fri, 03 Nov 2023 17:37:46 GMT
last-modified: Mon, 11 Sep 2023 15:03:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 49079
x-amz-server-side-encryption: AES256
etag: W/"560dd3386ebf80f78c934aeff4a6a82c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: wjhfbRD3cbrIh-nMC5zK_2s_6Yf_5wh7GWBtN0gR0gqFl_br24P3xQ==

GET
H2 200 ic-close-s.svg
static.assetlab.io/consent/1.11.4/assets/ 351 B
759 B 676ms
563ms Image
image/svg+xml 18.245.86.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/consent/1.11.4/assets/ic-close-s.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.4/consent.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.assetlab.io/consent/1.11.4/consent.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: LrzdVbZgK6lD2zo6k1X64zN4gxf_tmH8
date: Sat, 04 Nov 2023 02:42:31 GMT
via: 1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
last-modified: Mon, 11 Sep 2023 15:03:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 16398
x-amz-server-side-encryption: AES256
etag: "d303b6c7d844d91101e1e4c63156cfec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 351
x-amz-cf-id: mzesy2HNzQUbtnTPXYXi03_z5PYarypebldaxZG_7SdPGyqQGZBYZQ==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 711ms
599ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://anellaherim.lnk.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 581905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 13:37:19 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 901 B
695 B 631ms
264ms Fetch
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3239825724122060&correlator=28847092833103&eid=31079165&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=22051246401%2CHeader_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699082145076&lmt=1699082145&adxs=0&adys=-160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fanellaherim.lnk.to%2FTennesseeLoveSong%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D398949_09.29.23_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C8JTX%2C3D2TUT%2C180YY%2C1&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&ga_vid=397945330.1699082145&ga_sid=1699082145&ga_hid=2084412049&ga_fc=false&dlt=1699082139729&idt=4448&cust_params=genre%3DHip-Hop%252FRap%252CFolk%252CCountry%252CHip-Hop%252FRap%252CFolk%252CCountry%26subgenre%3DHip%2520hop%252FRap%252CFolk%26explicit%3Dno%26artist%3Danella%2520herim%26album%3DTennessee%2520Love%2520Song%26linkid%3D00e2ae5c-6cd1-4e45-a06c-527583063e7e%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DUnknown%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=2736067097&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

79a502a382fff422cee01468240d5bdb5a9f6d0d6f7de66218e8c17a2d098a48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 517
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://anellaherim.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 535 B
639 B 391ms
25ms Fetch
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3239825724122060&correlator=28847092833103&eid=31079165&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-Click_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1699082145121&lmt=1699082145&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fanellaherim.lnk.to%2FTennesseeLoveSong%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D398949_09.29.23_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C8JTX%2C3D2TUT%2C180YY%2C1&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=397945330.1699082145&ga_sid=1699082145&ga_hid=2084412049&ga_fc=false&dlt=1699082139729&idt=4448&cust_params=genre%3DHip-Hop%252FRap%252CFolk%252CCountry%252CHip-Hop%252FRap%252CFolk%252CCountry%26subgenre%3DHip%2520hop%252FRap%252CFolk%26explicit%3Dno%26artist%3Danella%2520herim%26album%3DTennessee%2520Love%2520Song%26linkid%3D00e2ae5c-6cd1-4e45-a06c-527583063e7e%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DUnknown%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=1338496054&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

327346e7dffff4d221ceb70de64f769a3e80993854d833038d62fa01caa88a42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://anellaherim.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 542 B
437 B 417ms
51ms Fetch
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3239825724122060&correlator=28847092833103&eid=31079165&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-amazon-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1699082145157&lmt=1699082145&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fanellaherim.lnk.to%2FTennesseeLoveSong%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D398949_09.29.23_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C8JTX%2C3D2TUT%2C180YY%2C1&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=397945330.1699082145&ga_sid=1699082145&ga_hid=2084412049&ga_fc=false&dlt=1699082139729&idt=4448&cust_params=genre%3DHip-Hop%252FRap%252CFolk%252CCountry%252CHip-Hop%252FRap%252CFolk%252CCountry%26subgenre%3DHip%2520hop%252FRap%252CFolk%26explicit%3Dno%26artist%3Danella%2520herim%26album%3DTennessee%2520Love%2520Song%26linkid%3D00e2ae5c-6cd1-4e45-a06c-527583063e7e%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DUnknown%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=1902184223&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

92642e547553cd198e094c4f230bfe1523db1c61808f994cd7d99de879d69667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://anellaherim.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 543 B
447 B 629ms
263ms Fetch
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3239825724122060&correlator=28847092833103&eid=31079165&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-spotify-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1699082145187&lmt=1699082145&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fanellaherim.lnk.to%2FTennesseeLoveSong%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D398949_09.29.23_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C8JTX%2C3D2TUT%2C180YY%2C1&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=397945330.1699082145&ga_sid=1699082145&ga_hid=2084412049&ga_fc=false&dlt=1699082139729&idt=4448&cust_params=genre%3DHip-Hop%252FRap%252CFolk%252CCountry%252CHip-Hop%252FRap%252CFolk%252CCountry%26subgenre%3DHip%2520hop%252FRap%252CFolk%26explicit%3Dno%26artist%3Danella%2520herim%26album%3DTennessee%2520Love%2520Song%26linkid%3D00e2ae5c-6cd1-4e45-a06c-527583063e7e%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DUnknown%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=4288002596&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

11e6d63b5259f7bead290c0a16dbeb379798fe226fed12da9b4dcf1d6538a8ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 270
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://anellaherim.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 541 B
444 B 630ms
265ms Fetch
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3239825724122060&correlator=28847092833103&eid=31079165&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-tidal-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1699082145192&lmt=1699082145&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fanellaherim.lnk.to%2FTennesseeLoveSong%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D398949_09.29.23_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C8JTX%2C3D2TUT%2C180YY%2C1&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=397945330.1699082145&ga_sid=1699082145&ga_hid=2084412049&ga_fc=false&dlt=1699082139729&idt=4448&cust_params=genre%3DHip-Hop%252FRap%252CFolk%252CCountry%252CHip-Hop%252FRap%252CFolk%252CCountry%26subgenre%3DHip%2520hop%252FRap%252CFolk%26explicit%3Dno%26artist%3Danella%2520herim%26album%3DTennessee%2520Love%2520Song%26linkid%3D00e2ae5c-6cd1-4e45-a06c-527583063e7e%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DUnknown%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=3635752911&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

310c195bb4b71f0c0cc3a114897eace4e65d4b0acb3b45401e6b5666f744009c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 266
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://anellaherim.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 554 B
453 B 631ms
265ms Fetch
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3239825724122060&correlator=28847092833103&eid=31079165&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-apple-music-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=6&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1699082145247&lmt=1699082145&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fanellaherim.lnk.to%2FTennesseeLoveSong%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D398949_09.29.23_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C8JTX%2C3D2TUT%2C180YY%2C1&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=397945330.1699082145&ga_sid=1699082145&ga_hid=2084412049&ga_fc=false&dlt=1699082139729&idt=4448&cust_params=genre%3DHip-Hop%252FRap%252CFolk%252CCountry%252CHip-Hop%252FRap%252CFolk%252CCountry%26subgenre%3DHip%2520hop%252FRap%252CFolk%26explicit%3Dno%26artist%3Danella%2520herim%26album%3DTennessee%2520Love%2520Song%26linkid%3D00e2ae5c-6cd1-4e45-a06c-527583063e7e%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DUnknown%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=3334755453&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ac5e7dd66ff4282b363e5062bf8c8ba19626b2607e2bc5ad9e13a3f599bf4993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 275
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://anellaherim.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 535 B
442 B 631ms
266ms Fetch
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3239825724122060&correlator=28847092833103&eid=31079165&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=22051246401%2CFooter_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x100%7C300x250%7C320x50%7C320x100%7C320x120&ifi=7&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699082145305&lmt=1699082145&adxs=640&adys=879&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fanellaherim.lnk.to%2FTennesseeLoveSong%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D398949_09.29.23_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C8JTX%2C3D2TUT%2C180YY%2C1&vis=1&psz=320x0&msz=320x0&fws=4&ohw=1600&ga_vid=397945330.1699082145&ga_sid=1699082145&ga_hid=2084412049&ga_fc=false&dlt=1699082139729&idt=4448&cust_params=genre%3DHip-Hop%252FRap%252CFolk%252CCountry%252CHip-Hop%252FRap%252CFolk%252CCountry%26subgenre%3DHip%2520hop%252FRap%252CFolk%26explicit%3Dno%26artist%3Danella%2520herim%26album%3DTennessee%2520Love%2520Song%26linkid%3D00e2ae5c-6cd1-4e45-a06c-527583063e7e%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DUnknown%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=309253681&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

87802552a1247e473b030040a6c3fd675df686468bb70c7c6085ed37960801e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 264
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://anellaherim.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d347b1b29ce130c8946018f97b7e7d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9D4D 6 KB
3 KB 1742ms
30ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d347b1b29ce130c8946018f97b7e7d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://anellaherim.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 07:15:47 GMT
expires: Sun, 03 Nov 2024 07:15:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 / Show response
anellaherim.lnk.to/~/tr/consent/ 70 B
186 B 330ms
0ms XHR
application/json 52.208.114.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://anellaherim.lnk.to/~/tr/consent/
Requested by: Host: anellaherim.lnk.to
URL: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.114.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-114-85.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 99ff6dccbbf5883e915975d34369491c3353410eb0241fdf23161bd91cdf81e4

Request headers

Referer: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 04 Nov 2023 07:15:45 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

POST
H2 200 interact Show response
anellaherim.lnk.to/~/tr/ 70 B
186 B 580ms
0ms Fetch
application/json 52.208.114.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://anellaherim.lnk.to/~/tr/interact
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/red3/605/release-classic-nosample.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.114.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-114-85.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 99ff6dccbbf5883e915975d34369491c3353410eb0241fdf23161bd91cdf81e4

Request headers

Referer: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 04 Nov 2023 07:15:47 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 456ms
0ms Image
text/plain 18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1699082147264&ns_c=UTF-8&cs_ucfr=&comscorekw=umg&c7=https%3A%2F%2Fanellaherim.lnk.to%2FTennesseeLoveSong%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D398949_09.29.23_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C8JTX%2C3D2TUT%2C180YY%2C1&c8=Anella%20Herim%20-%20Tennessee%20Love%20Song&c9=
Requested by: Host: anellaherim.lnk.to
URL: https://anellaherim.lnk.to/TennesseeLoveSong?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YY,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:15:47 GMT
via: 1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-amz-cf-id: qP-4lhmF44HeGGdhZhwSwS8qJKJnbGiMOQi7HJMGAkrkz3anjelfOA==
x-cache: Miss from cloudfront

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 278ms
0ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

87a97c03a810cdc079554cb3351cc8d7968a215455b2f4f186faa412d82a3e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://anellaherim.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:15:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12011
x-xss-protection: 0

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.us.umusic-online.com/	1970-01-20 15:58:03	Name: __cf_bm Value: 2GYc2L5cbC8rrcW4zBcirqmcPSFSRRiVy.j3h9BBDKc-1699082139-0-ATF2fwokBLVmaSon8dTXGVMih9jahie1c934NLFZ2RqrLRJa4XhPN5FuHgdtAP8BjEMLGdArTQV5KIbyExEHslM=
us.umusic-online.com/	1970-01-20 15:59:24	Name: __cflb Value: 0H28vu4buNPVYsdfD2gridndJkHgRRTZPEz6pnUp6ua
.lnk.to/	1970-01-20 15:58:02	Name: LF_session_3ed2b1bd77ed47e46f8c401490ade938 Value: 1
.doubleclick.net/	1970-01-20 15:58:03	Name: test_cookie Value: CheckForPermission
.lnk.to/	1970-01-21 01:19:38	Name: __gads Value: ID=fa985f3d2188958e:T=1699082145:RT=1699082145:S=ALNI_MbGwpDGKDyjRHIIp0Fqp6XXyLm8Yg
.lnk.to/	1970-01-21 01:19:38	Name: __gpi Value: UID=00000cb3c3ddb571:T=1699082145:RT=1699082145:S=ALNI_MbiOMjdBNd36bmmJQNZzklbv4GwZw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tpc.googlesyndication.com/sodar/sodar2.js Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anellaherim.lnk.to
d347b1b29ce130c8946018f97b7e7d5e.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
linkstorage.linkfire.com
pagead2.googlesyndication.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
services.linkfire.com
static.assetlab.io
tpc.googlesyndication.com
us.umusic-online.com
tpc.googlesyndication.com
104.17.129.171
13.225.78.106
13.32.99.14
142.250.185.131
142.250.185.202
142.250.186.161
172.217.18.2
18.245.60.107
18.245.86.8
216.58.206.34
52.208.114.85
1132a5cc479c9e343ff008ea74229bcf3fdb2d3494d591819a71566c721b9790
11e6d63b5259f7bead290c0a16dbeb379798fe226fed12da9b4dcf1d6538a8ed
20cefe38c853522bcb2a20df60781c234f0b064189ab37d23e6f4927df695469
23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e
310c195bb4b71f0c0cc3a114897eace4e65d4b0acb3b45401e6b5666f744009c
327346e7dffff4d221ceb70de64f769a3e80993854d833038d62fa01caa88a42
3ce9c869d01258f4e024478cbb35d9c6d905e247fe95a11984e5277a96dde0fd
4069900229530986c79845ef62e38f20ff5472d8775ca67c8969fecbe9186a30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
5fa2916552b7c847586b1150413a4626cb87e310dd751544091125f86fa46fdd
623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63
79a502a382fff422cee01468240d5bdb5a9f6d0d6f7de66218e8c17a2d098a48
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
87802552a1247e473b030040a6c3fd675df686468bb70c7c6085ed37960801e1
87a97c03a810cdc079554cb3351cc8d7968a215455b2f4f186faa412d82a3e86
92642e547553cd198e094c4f230bfe1523db1c61808f994cd7d99de879d69667
975f93c89036852225cae57756ec08a8a54b479e5084889dd5b7c1c5c4ea3533
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99ff6dccbbf5883e915975d34369491c3353410eb0241fdf23161bd91cdf81e4
ac249b48798ccead26366674370ddf4abee656db85543842fd1643b6d6bd33c0
ac418b0703374e2246b0fd3ba725931bab2d3a619b3936983202b74a1864c806
ac5e7dd66ff4282b363e5062bf8c8ba19626b2607e2bc5ad9e13a3f599bf4993
ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68
ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff
d503f93270a0b3ae7e798cf3bc6853aee75ab54b2a871c4a47ae2eef5c9ad66f
daea7639e53f9946259adb85e1f98a65dda3bc1c0b43854e65eea7b37b6b4ec3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8a9b6a12cd203128f1fbde87d4fb396511cec3492ae458f654e44a97afb9d90

anellaherim.lnk.to Open in urlscan Pro 52.208.114.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

95 %HTTPS

0 %IPv6

9 Domains

12 Subdomains

11 IPs

3 Countries

865 kBTransfer

2107 kBSize

6 Cookies

6 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

anellaherim.lnk.to Open in urlscan Pro
52.208.114.85 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

95 %
HTTPS

0 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

865 kB
Transfer

2107 kB
Size

6
Cookies

38 HTTP transactions
0 data transactions