jastinmartin.lnk.to Open in urlscan Pro
52.17.169.138 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://us.umusic-online.com/4YUH-6YSC-3D2TUT-6EVG4-0/c.aspx
Effective URL:
https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Ja...
Submission: On April 16 via api (April 16th 2023, 12:36:58 am UTC) from BE — Scanned from DE

Summary HTTP 69 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 14 domains to perform 69 HTTP transactions. The main IP is 52.17.169.138, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is jastinmartin.lnk.to.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 14th 2023. Valid for: 7 months.

This is the only time jastinmartin.lnk.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.16.209.86 104.16.209.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.17.169.138 52.17.169.138	16509 (AMAZON-02) (AMAZON-02)
1 11	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	65.9.95.7 65.9.95.7	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	18.154.63.102 18.154.63.102	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:21f... 2600:9000:21f3:4200:14:38a4:2ec0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 3	65.9.95.81 65.9.95.81	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
69	21

1 104.16.209.86 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

us.umusic-online.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.17.169.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-169-138.eu-west-1.compute.amazonaws.com

jastinmartin.lnk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.95.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-7.prg50.r.cloudfront.net

static.assetlab.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.154.63.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-102.dus51.r.cloudfront.net

linkstorage.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:21f3:4200:14:38a4:2ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

services.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.95.81 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-81.prg50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bf0b301514ca6c0523fac67e1898bfe3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 260	153 KB
11	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	920 KB
9	googlesyndication.com bf0b301514ca6c0523fac67e1898bfe3.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 138	40 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	95 KB
7	linkfire.com linkstorage.linkfire.com — Cisco Umbrella Rank: 143970 services.linkfire.com — Cisco Umbrella Rank: 146844	84 KB
7	assetlab.io static.assetlab.io — Cisco Umbrella Rank: 118233	349 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39 jnn-pa.googleapis.com — Cisco Umbrella Rank: 226	32 KB
4	lnk.to jastinmartin.lnk.to	107 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	16 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 159	3 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 241	1 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 109	69 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9047	531 B
1	umusic-online.com 1 redirects us.umusic-online.com — Cisco Umbrella Rank: 390410	611 B
69	14

	Domain	Requested by
11	www.youtube.com	static.assetlab.io www.youtube.com
9	securepubads.g.doubleclick.net	jastinmartin.lnk.to securepubads.g.doubleclick.net
7	static.assetlab.io	jastinmartin.lnk.to static.assetlab.io
6	services.linkfire.com	jastinmartin.lnk.to
5	pagead2.googlesyndication.com	static.assetlab.io securepubads.g.doubleclick.net tpc.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	jastinmartin.lnk.to	jastinmartin.lnk.to static.assetlab.io
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects jastinmartin.lnk.to
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	www.google.com	www.youtube.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	bf0b301514ca6c0523fac67e1898bfe3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	linkstorage.linkfire.com	jastinmartin.lnk.to
1	fonts.googleapis.com	jastinmartin.lnk.to
1	us.umusic-online.com	1 redirects
69	22

This site contains links to these domains. Also see Links.

Domain
music.apple.com
open.spotify.com
www.deezer.com
music.youtube.com
music.amazon.com

Subject Issuer	Validity	Valid
lnk.to Amazon RSA 2048 M02	`2023-02-14` - `2023-09-07`	7 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
static.assetlab.io Amazon RSA 2048 M02	`2023-03-01` - `2023-11-18`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
linkfire.com Amazon RSA 2048 M01	`2023-03-01` - `2023-04-25`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
Frame ID: 561259F28FF42E3E538D33F5FDCBB112
Requests: 41 HTTP requests in this frame

Frame: https://bf0b301514ca6c0523fac67e1898bfe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6493A866C5880C608782CD2A4AC31873
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Frame ID: 9776368046ED51571E6609768C2D5E4D
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5B0F1DAFFC9EAA47B692D238310CB7AC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 15293A1258C0C8FBC7176C00F7718606
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jastin Martin - Hurt Before

Page URL History Show full URLs

https://us.umusic-online.com/4YUH-6YSC-3D2TUT-6EVG4-0/c.aspx HTTP 302
https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.2... Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

69
Requests

97 %
HTTPS

76 %
IPv6

14
Domains

22
Subdomains

21
IPs

4
Countries

1868 kB
Transfer

5717 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://music.apple.com/us/album/1680236216?ls=1&app=music&at=1000lMJJ&ct=LFV_9629d9056b7fce6002630a597d9693a7&itscg=30440&itsct=catchall_p1&lId=28128059&cId=none&sr=1&src=Linkfire&utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH%2C6YSC%2C3D2TUT%2CZ8QY%2C0
Title: Abspielen

Search URL Search Domain Scan URL

URL: https://open.spotify.com/album/5Pp8b3ejvglrVW7D8EXOoV
Title: Abspielen

Search URL Search Domain Scan URL

URL: https://music.apple.com/us/album/1680236216?ls=1&app=itunes&at=1000lMJJ&ct=LFV_9629d9056b7fce6002630a597d9693a7&itscg=30440&itsct=catchall_p3&lId=28128059&cId=none&sr=3&src=Linkfire&utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH%2C6YSC%2C3D2TUT%2CZ8QY%2C0
Title: Laden

Search URL Search Domain Scan URL

URL: https://www.deezer.com/us/album/426827437?app_id=140685&utm_source=partner_linkfire&utm_campaign=9629d9056b7fce6002630a597d9693a7&utm_medium=Original&utm_term=def-jam-us&utm_content=album-426827437&dm_i=4YUH%2C6YSC%2C3D2TUT%2CZ8QY%2C0
Title: Abspielen

Search URL Search Domain Scan URL

URL: https://music.youtube.com/playlist?list=OLAK5uy_ni4H7lt8BF9tHR2bEGVNh0n4cgsffFq0E&src=Linkfire&lId=5dea7091-4d97-42eb-a647-b5d863f37cd1&cId=d3d58fd7-4c47-11e6-9fd0-066c3e7a8751&utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH%2C6YSC%2C3D2TUT%2CZ8QY%2C0
Title: Abspielen

Search URL Search Domain Scan URL

URL: http://music.amazon.com/albums/B0C1RBFL65?tag=universal00-21&ie=UTF8&linkCode=as2&ascsubtag=9629d9056b7fce6002630a597d9693a7&ref=dmm_acq_soc_de_u_lfire_lp_x_9629d9056b7fce6002630a597d9693a7&utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH%2C6YSC%2C3D2TUT%2CZ8QY%2C0
Title: Abspielen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://us.umusic-online.com/4YUH-6YSC-3D2TUT-6EVG4-0/c.aspx HTTP 302
https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://sb.scorecardresearch.com/cs/9923941/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 44

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

69 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request HurtBefore Show response
jastinmartin.lnk.to/
Redirect Chain

https://us.umusic-online.com/4YUH-6YSC-3D2TUT-6EVG4-0/c.aspx
https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YS...

106 KB
107 KB

282ms
150ms

Document
text/html

52.17.169.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.169.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-169-138.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 713e00f3406d9a32bd3e8a692047951d74433865c7cdbc0ad987cec8fad7bd37

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 16 Apr 2023 00:36:51 GMT
server: nginx
x-redirector-version: redirector-v3

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7b885b3d18733627-FRA
content-length: 0
date: Sun, 16 Apr 2023 00:36:51 GMT
location: https://jastinmartin.lnk.to:443/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
server: cloudflare

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 405ms
72ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jastinmartin.lnk.to
URL: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77287af1d5a16558f4ad1c24848abdd84cf7c6c87135d0fc6b2e80a0c6447ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25678
x-xss-protection: 0
server: cafe
etag: 472 / 19463 / 31073792 / config-hash: 11787412583201714567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 00:36:52 GMT

GET
H2 200 release-classic.css
static.assetlab.io/red3/549/ 73 KB
12 KB 377ms
41ms Stylesheet
text/css 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/549/release-classic.css
Requested by: Host: jastinmartin.lnk.to
URL: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-7.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e2732f469adbdf4b548253219f785c7bd7450bdf2ded4e8f8a0afa6b0053d82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: rHgDQxoSS8l9CLQfWdhr0vwOJBaZO.Vd
content-encoding: gzip
via: 1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
date: Sat, 15 Apr 2023 14:53:17 GMT
last-modified: Mon, 03 Apr 2023 11:39:35 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 35016
x-amz-server-side-encryption: AES256
etag: W/"25562c353e639c3e4e84b404d80e7b61"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: hTJjXXaHB2GhcB2xHqM3HPu75RctEdxmxW3QpCaNS1I-UBSRjVGPXA==

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 385ms
50ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cb00b3db2e68ae430cd96730d426b74a42cd138f3f2475564861aa1fdda0888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Apr 2023 00:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 00:21:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Apr 2023 00:36:52 GMT

GET
H2 200 release-classic-video.js Show response
static.assetlab.io/red3/549/ 530 KB
155 KB 430ms
95ms Script
application/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/549/release-classic-video.js
Requested by: Host: jastinmartin.lnk.to
URL: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-7.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3f6f836ee9133b958fe87a00fb175712a3249465b842ecf109df987e8c10fcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: R1fP1D16QCv3dFWVRbPNL554H7K5vVq0
content-encoding: gzip
via: 1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
date: Sun, 16 Apr 2023 00:36:52 GMT
last-modified: Mon, 03 Apr 2023 11:39:35 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 325
x-amz-server-side-encryption: AES256
etag: W/"bb1d8205cf13544d4969f82e059debfa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: _9DrJuJFqWGsXDrIytt3hgTxw-eIBPBjTYUp1rC9JOgUpen-GvfZSA==

GET
H2 200 artwork-440x440.jpg
linkstorage.linkfire.com/medialinks/images/209ba06e-e8a6-456d-8a7e-96984607e4ec/ 65 KB
65 KB 591ms
485ms Image
image/jpeg 18.154.63.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linkstorage.linkfire.com/medialinks/images/209ba06e-e8a6-456d-8a7e-96984607e4ec/artwork-440x440.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.63.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-63-102.dus51.r.cloudfront.net

Software

The Great Gig In The Sky / Master of Puppets

Resource Hash

7b63e304765c240b96fda4bb5b9654ada98ccdc28d082b2e00f2cf2c1af48e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: P1.GGIMUqOhmnc6iUjSQrDGXB_xYhaVN
strict-transport-security: max-age=10368000; includeSubdomains; preload
x-content-type-options: nosniff
date: Sun, 16 Apr 2023 00:36:53 GMT
via: 1.1 c9b630de734c38e36e97554a32ac1a68.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
x-amz-server-side-encryption: AES256
x-powered-by: Master of Puppets
x-cache: RefreshHit from cloudfront
content-length: 66256
x-xss-protection: 1; mode=block
x-linkfire-security: security@linkfire.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Apr 2023 21:14:43 GMT
server: The Great Gig In The Sky
etag: "3ccf059203ab9bd76aa51826b1199615"
expect-ct: max-age=0
x-frame-options: DENY
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: 5-55_R7suKCGRyRvEBjxOa-WLxIGswJFb5wAY3ormSoFMkzGp1LR5w==

GET
H2 200 logo_applemusic_onlight.svg
services.linkfire.com/ 7 KB
4 KB 131ms
41ms Image
image/svg+xml 2600:9000:21f3:4200:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_applemusic_onlight.svg
Requested by: Host: jastinmartin.lnk.to
URL: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: nGo7v092Ub92VgXy.O3WmDeRgTKJPui3
content-encoding: gzip
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
date: Wed, 12 Apr 2023 23:35:26 GMT
last-modified: Tue, 17 Nov 2020 11:13:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 262891
etag: W/"3d4894f0254dc9d917c86fffd766046a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: LY2DYhfPHkRdFya-tFSPO2tPBMrPZaOowF8CDM6BI_YcUUddnhYinw==

GET
H2 200 logo_spotify_onlight.svg
services.linkfire.com/ 6 KB
3 KB 133ms
43ms Image
image/svg+xml 2600:9000:21f3:4200:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_spotify_onlight.svg
Requested by: Host: jastinmartin.lnk.to
URL: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
date: Fri, 14 Apr 2023 19:57:55 GMT
last-modified: Wed, 02 Nov 2016 12:14:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 103138
etag: W/"10ebad8fc307d85d6ed34e9fa95a7577"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: YgVAMOPAWJsuzcnGDmg6-JWtuTpDbSCskrUaIf7JwhJaE2Sfe8I57Q==

GET
H2 200 logo_itunes_onlight.svg
services.linkfire.com/ 19 KB
5 KB 135ms
45ms Image
image/svg+xml 2600:9000:21f3:4200:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_itunes_onlight.svg
Requested by: Host: jastinmartin.lnk.to
URL: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 00:56:38 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 23 Mar 2018 08:26:33 GMT
server: AmazonS3
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"db14889932940c59c989f46bcff71c80"
age: 517215
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 4v1moTBYQHrTBplKjtiImrArZA4nu4htcK5ATEBVqrrFE9vydyurEw==

GET
H2 200 logo_deezer_onlight.svg
services.linkfire.com/ 7 KB
2 KB 137ms
47ms Image
image/svg+xml 2600:9000:21f3:4200:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_deezer_onlight.svg
Requested by: Host: jastinmartin.lnk.to
URL: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8a9b6a12cd203128f1fbde87d4fb396511cec3492ae458f654e44a97afb9d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
date: Mon, 10 Apr 2023 22:04:39 GMT
last-modified: Tue, 07 May 2019 14:18:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 441134
etag: W/"c488f62a2b4ec4cc5f9368f3f9969eed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 6HrnScyoHykNefk-WmXUbVYA4pnuXz3IYOFYqFaQSKyZAf4y2WRf0g==

GET
H2 200 logo_youtubemusic_onlight.svg
services.linkfire.com/ 6 KB
3 KB 137ms
47ms Image
image/svg+xml 2600:9000:21f3:4200:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_youtubemusic_onlight.svg
Requested by: Host: jastinmartin.lnk.to
URL: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc0d8191ca9bacc9a33b5aa1a79a8e9a4dde46ec1e7133242f10500456e6b2e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: UeleBMRRAgzkCE7yjb7LHjMGLzKWgsch
content-encoding: gzip
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
date: Mon, 10 Apr 2023 19:35:08 GMT
last-modified: Fri, 26 Mar 2021 15:08:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 450105
etag: W/"d2de296d98c733c648651b948706f9dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: _LOCh5bOqX12hoDM8TQggSs7WThsll7iy2f-LoIwcnlA9i7vimnZVQ==

GET
H2 200 logo_amazonmusic_onlight.svg
services.linkfire.com/ 6 KB
2 KB 138ms
48ms Image
image/svg+xml 2600:9000:21f3:4200:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_amazonmusic_onlight.svg
Requested by: Host: jastinmartin.lnk.to
URL: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 012d4cc53ce9470d70ee381caa4ee89f4b4f5229922af1db0a5b23dbf0b67610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
date: Tue, 11 Apr 2023 19:42:47 GMT
last-modified: Tue, 28 May 2019 09:23:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 363246
etag: W/"767a82b484396b01dc4295b10e20c5a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: fj_L5lqFaZfdM46XrIj7ECsOQL0NzyOcO__2fBLuoOwxwo7Q700_1A==

GET
H2 200 skin.js Show response
static.assetlab.io/red3/549/ 537 KB
158 KB 43ms
41ms Script
application/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/549/skin.js
Requested by: Host: jastinmartin.lnk.to
URL: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-7.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7112c3a8d7660d7b74255eaaca91403369dcb715105c46901f2adfbbe3347a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: RMgbt4.GroDEU7vMvC2JkCokqOlR79i5
content-encoding: gzip
via: 1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
date: Sat, 15 Apr 2023 12:24:35 GMT
last-modified: Mon, 03 Apr 2023 11:39:35 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 43938
x-amz-server-side-encryption: AES256
etag: W/"2cec222a697fec79b414ed687cb2c9fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: JJNReeGBpBaow_3SVnlPZGbOkQ3oWJh8HgXtNWhv5RCs_OyKpQKJXw==

GET
H2 200 consent.js Show response
static.assetlab.io/consent/1.5.15/ 53 KB
17 KB 130ms
129ms Script
application/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.5.15/consent.js
Requested by: Host: jastinmartin.lnk.to
URL: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-7.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e7b29707ddd9bf0b1604fcbc8d6f4741d886de7361a9cba0cd0d1b38860af1d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: G2bubUOnP1lz17CgMSXE1IK5HdcOok6P
content-encoding: gzip
via: 1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
date: Sat, 15 Apr 2023 15:00:28 GMT
last-modified: Wed, 22 Jun 2022 14:15:24 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 34585
x-amz-server-side-encryption: AES256
etag: W/"f71041de856bdbd4558fdaa65aeaf30d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 8QFpUjtAYXuA9BdkiPJegpbfspj4djKsvB4yfiOrugRCPlcpHwdBYA==

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 144ms
51ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jastinmartin.lnk.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 396348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 132ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jastinmartin.lnk.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 23:14:47 GMT
x-content-type-options: nosniff
age: 4925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Apr 2024 23:14:47 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/ 401 KB
124 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/pubads_impl.js?cb=31073792

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

783acc04174098c9e538ec02074dfe433e1ce8067720c240def1178c83252a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36028
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127160
x-xss-protection: 0
server: cafe
etag: 12554150418764173266
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 14 Apr 2024 14:36:24 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 71 B
86 B 164ms
74ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=jastinmartin.lnk.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73bbec9426c7befa44a12dfc409e56d124d0da7b6a1ac3557ef8552be4266636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
x-xss-protection: 0
expires: Sun, 16 Apr 2023 00:36:52 GMT

GET
H2 200 consent.css
static.assetlab.io/consent/1.5.15/ 23 KB
4 KB 48ms
44ms Stylesheet
text/css 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.5.15/consent.css
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.5.15/consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-7.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52da3158656fa25f0cf23f4c607cec939b53480478e9f72dbc79c98aeeae664d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: ZztqAdLKuuTcx96RVIbPdB_CAI0ozWZx
content-encoding: gzip
via: 1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
date: Sat, 15 Apr 2023 14:53:20 GMT
last-modified: Wed, 22 Jun 2022 14:15:24 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 35013
x-amz-server-side-encryption: AES256
etag: W/"df42cc979f3e0534af60d4cf312c4ff1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: Mvt7kBBywHiWI1iEFNE2ORc7NB958i3GJ7ULpEA5ejtzGxw0NHk3zA==

POST
H2 200 / Show response
jastinmartin.lnk.to/~/tr/visit/ 70 B
186 B 129ms
129ms XHR
application/json 52.17.169.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jastinmartin.lnk.to/~/tr/visit/
Requested by: Host: jastinmartin.lnk.to
URL: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.169.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-169-138.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dd6d8cc341a5899151e56527fb1f9fe3be7197def03d103bb875c3d617ffe08b

Request headers

Referer: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 Apr 2023 00:36:52 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/9923941/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

40ms
40ms

Script
application/javascript

65.9.95.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: jastinmartin.lnk.to
URL: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
Protocol: H2
Server: 65.9.95.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-81.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:09:35 GMT
content-encoding: gzip
via: 1.1 3da92f19744e3229b09a019ec66be172.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 10:02:11 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 1642
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 4DTyHIppdDRWdG1h0T0rnx18WJU2rIXjMDV0pR3iiUCP6n657Bvgww==

Redirect headers

date: Sun, 16 Apr 2023 00:36:52 GMT
via: 1.1 3da92f19744e3229b09a019ec66be172.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: sYzWWqx8MJ9--Tkh4-LT26JrLwCeXR6GWwXHoDh6zgwIZ4l4ly6XUQ==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 138ms
49ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=jastinmartin.lnk.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/pubads_impl.js?cb=31073792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 141ms
52ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=jastinmartin.lnk.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/pubads_impl.js?cb=31073792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 908 B
564 B 70ms
70ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3647716113354115&correlator=2272931738443757&eid=31072020%2C31073792&output=ldjh&gdfp_req=1&vrg=2023041101&ptt=17&impl=fif&iu_parts=22051246401%2CHeader_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2736067097&sfv=1-0-40&cust_params=genre%3DRB%252FSoul%252CRB%252FSoul%26explicit%3Dno%26artist%3Djastin%2520martin%26album%3DHurt%2520Before%26linkid%3D5dea7091-4d97-42eb-a647-b5d863f37cd1%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DBerlin%26days%3D0%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&sc=1&cookie_enabled=1&abxe=1&dt=1681605412733&lmt=1681605412&dlt=1681605412011&idt=663&adxs=0&adys=-160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjastinmartin.lnk.to%2FHurtBefore%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D325020_04.14.23_Def%2520Jam_Def%2520Jam%2520Newsletter%2520%2528New%2520Template%2529_Full%2520List_231785_US%26dm_i%3D4YUH%2C6YSC%2C3D2TUT%2CZ8QY%2C0&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&ga_vid=286650046.1681605413&ga_sid=1681605413&ga_hid=1825282643&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/pubads_impl.js?cb=31073792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1db9305504714c23116b51ba0be8ab8c19e8c4da74d0c127587ed1068f7b00d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 534
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jastinmartin.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bf0b301514ca6c0523fac67e1898bfe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6493 6 KB
3 KB 162ms
51ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bf0b301514ca6c0523fac67e1898bfe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/pubads_impl.js?cb=31073792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jastinmartin.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 00:36:52 GMT
expires: Mon, 15 Apr 2024 00:36:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 521 B
292 B 74ms
74ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3647716113354115&correlator=2272931738443757&eid=31072020%2C31073792&output=ldjh&gdfp_req=1&vrg=2023041101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-Click_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=1338496054&sfv=1-0-40&ists=1&cust_params=genre%3DRB%252FSoul%252CRB%252FSoul%26explicit%3Dno%26artist%3Djastin%2520martin%26album%3DHurt%2520Before%26linkid%3D5dea7091-4d97-42eb-a647-b5d863f37cd1%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DBerlin%26days%3D0%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&sc=1&cookie_enabled=1&abxe=1&dt=1681605412743&lmt=1681605412&dlt=1681605412011&idt=663&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjastinmartin.lnk.to%2FHurtBefore%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D325020_04.14.23_Def%2520Jam_Def%2520Jam%2520Newsletter%2520%2528New%2520Template%2529_Full%2520List_231785_US%26dm_i%3D4YUH%2C6YSC%2C3D2TUT%2CZ8QY%2C0&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=286650046.1681605413&ga_sid=1681605413&ga_hid=1825282643&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/pubads_impl.js?cb=31073792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eaf78d7fd121acadcc787b64a057b804f28f8b8c423c607c11e7db547d1b4ee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 262
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jastinmartin.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 528 B
294 B 75ms
75ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3647716113354115&correlator=2272931738443757&eid=31072020%2C31073792&output=ldjh&gdfp_req=1&vrg=2023041101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-amazon-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&adks=1902184223&sfv=1-0-40&ists=1&cust_params=genre%3DRB%252FSoul%252CRB%252FSoul%26explicit%3Dno%26artist%3Djastin%2520martin%26album%3DHurt%2520Before%26linkid%3D5dea7091-4d97-42eb-a647-b5d863f37cd1%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DBerlin%26days%3D0%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&sc=1&cookie_enabled=1&abxe=1&dt=1681605412747&lmt=1681605412&dlt=1681605412011&idt=663&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjastinmartin.lnk.to%2FHurtBefore%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D325020_04.14.23_Def%2520Jam_Def%2520Jam%2520Newsletter%2520%2528New%2520Template%2529_Full%2520List_231785_US%26dm_i%3D4YUH%2C6YSC%2C3D2TUT%2CZ8QY%2C0&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=286650046.1681605413&ga_sid=1681605413&ga_hid=1825282643&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/pubads_impl.js?cb=31073792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

084e200b1cc3e7829f87f77b0985ab462683584b15c127424c61f44e1e45a11e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 264
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jastinmartin.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 529 B
299 B 77ms
77ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3647716113354115&correlator=2272931738443757&eid=31072020%2C31073792&output=ldjh&gdfp_req=1&vrg=2023041101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-spotify-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&adks=4288002596&sfv=1-0-40&ists=1&cust_params=genre%3DRB%252FSoul%252CRB%252FSoul%26explicit%3Dno%26artist%3Djastin%2520martin%26album%3DHurt%2520Before%26linkid%3D5dea7091-4d97-42eb-a647-b5d863f37cd1%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DBerlin%26days%3D0%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&sc=1&cookie_enabled=1&abxe=1&dt=1681605412750&lmt=1681605412&dlt=1681605412011&idt=663&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjastinmartin.lnk.to%2FHurtBefore%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D325020_04.14.23_Def%2520Jam_Def%2520Jam%2520Newsletter%2520%2528New%2520Template%2529_Full%2520List_231785_US%26dm_i%3D4YUH%2C6YSC%2C3D2TUT%2CZ8QY%2C0&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=286650046.1681605413&ga_sid=1681605413&ga_hid=1825282643&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/pubads_impl.js?cb=31073792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16083fab56c652d566747b22bebc44b3de626c446044ca2d369d9b0551ffaf8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 269
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jastinmartin.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 534 B
305 B 76ms
75ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3647716113354115&correlator=2272931738443757&eid=31072020%2C31073792&output=ldjh&gdfp_req=1&vrg=2023041101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-tidal-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&adks=3635752911&sfv=1-0-40&ists=1&cust_params=genre%3DRB%252FSoul%252CRB%252FSoul%26explicit%3Dno%26artist%3Djastin%2520martin%26album%3DHurt%2520Before%26linkid%3D5dea7091-4d97-42eb-a647-b5d863f37cd1%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DBerlin%26days%3D0%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&sc=1&cookie_enabled=1&abxe=1&dt=1681605412753&lmt=1681605412&dlt=1681605412011&idt=663&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjastinmartin.lnk.to%2FHurtBefore%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D325020_04.14.23_Def%2520Jam_Def%2520Jam%2520Newsletter%2520%2528New%2520Template%2529_Full%2520List_231785_US%26dm_i%3D4YUH%2C6YSC%2C3D2TUT%2CZ8QY%2C0&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=286650046.1681605413&ga_sid=1681605413&ga_hid=1825282643&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/pubads_impl.js?cb=31073792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2b6ee5ab62e9100af78dab7e35f1bb327faef7d2fbfa778e16e42c7abdb411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 275
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jastinmartin.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 521 B
290 B 74ms
73ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3647716113354115&correlator=2272931738443757&eid=31072020%2C31073792&output=ldjh&gdfp_req=1&vrg=2023041101&ptt=17&impl=fif&iu_parts=22051246401%2CFooter_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x100%7C300x250%7C320x50%7C320x100%7C320x120&ifi=6&adks=309253681&sfv=1-0-40&cust_params=genre%3DRB%252FSoul%252CRB%252FSoul%26explicit%3Dno%26artist%3Djastin%2520martin%26album%3DHurt%2520Before%26linkid%3D5dea7091-4d97-42eb-a647-b5d863f37cd1%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DBerlin%26days%3D0%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&sc=1&cookie_enabled=1&abxe=1&dt=1681605412757&lmt=1681605412&dlt=1681605412011&idt=663&adxs=640&adys=855&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjastinmartin.lnk.to%2FHurtBefore%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D325020_04.14.23_Def%2520Jam_Def%2520Jam%2520Newsletter%2520%2528New%2520Template%2529_Full%2520List_231785_US%26dm_i%3D4YUH%2C6YSC%2C3D2TUT%2CZ8QY%2C0&frm=20&vis=1&psz=320x0&msz=320x0&fws=4&ohw=1600&ga_vid=286650046.1681605413&ga_sid=1681605413&ga_hid=1825282643&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/pubads_impl.js?cb=31073792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da04bebb674049d36267c5c9fd0a52b15da7d6f5f7189c7f7e8430b61d6a63e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jastinmartin.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 155ms
63ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/red3/549/release-classic-video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1fffe142658ede54ea109d3864f003ebb11170d4ea0110f752ec4b51cc8646c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 16 Apr 2023 00:36:52 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 145ms
56ms Fetch
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/red3/549/release-classic-video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47842
x-xss-protection: 0
server: cafe
etag: 4208404979414314221
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 00:36:52 GMT

GET
H2 200 evW3rdcp0Lo Show response
www.youtube.com/embed/ Frame 9776 71 KB
30 KB 190ms
103ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/red3/549/release-classic-video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98f197e54117ddb76729a5e1efa00ed23f485054473ff6cdd1be42fcbb348de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jastinmartin.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 00:36:52 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
224 B 55ms
55ms Image
text/plain 65.9.95.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1681605412875&ns_c=UTF-8&cs_ucfr=&comscorekw=umg&c7=https%3A%2F%2Fjastinmartin.lnk.to%2FHurtBefore%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D325020_04.14.23_Def%2520Jam_Def%2520Jam%2520Newsletter%2520%2528New%2520Template%2529_Full%2520List_231785_US%26dm_i%3D4YUH%2C6YSC%2C3D2TUT%2CZ8QY%2C0&c8=Jastin%20Martin%20-%20Hurt%20Before&c9=
Requested by: Host: jastinmartin.lnk.to
URL: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-81.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:52 GMT
via: 1.1 3da92f19744e3229b09a019ec66be172.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: VaFBWquh_dPyKfnLrjrXm6Dt0jmdDLbcPsOA4y7Dct9U5YD5kA8zKw==
x-cache: Miss from cloudfront

GET
H2 200 ic-shield-blue.svg
static.assetlab.io/consent/1.5.15/assets/ 1 KB
1 KB 96ms
95ms Image
image/svg+xml 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/consent/1.5.15/assets/ic-shield-blue.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.5.15/consent.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-7.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.assetlab.io/consent/1.5.15/consent.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: GexGEXWrKbErY7uVJiOBePDhbEsoNeWq
content-encoding: gzip
via: 1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
date: Sat, 15 Apr 2023 14:19:35 GMT
last-modified: Wed, 22 Jun 2022 14:15:24 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 37038
x-amz-server-side-encryption: AES256
etag: W/"560dd3386ebf80f78c934aeff4a6a82c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: K18K5d6G8AvnZ5-CJZE-NrW0I8iBj82NGnJgxzP4qxoE67IrasPvPw==

GET
H2 200 ic-close-s.svg
static.assetlab.io/consent/1.5.15/assets/ 351 B
759 B 52ms
51ms Image
image/svg+xml 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/consent/1.5.15/assets/ic-close-s.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.5.15/consent.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-7.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.assetlab.io/consent/1.5.15/consent.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: u1ZeqXODDID7yOlAp1Ue7kMFg5Oq11V1
date: Sat, 15 Apr 2023 14:19:34 GMT
via: 1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 14:15:24 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 37039
x-amz-server-side-encryption: AES256
etag: "d303b6c7d844d91101e1e4c63156cfec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 351
x-amz-cf-id: XmYNTxNkTirxlRftPdKMpcZIeMuKM5zPcHODNMkuRBU4rONBVde9QQ==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 47ms
45ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jastinmartin.lnk.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:10 GMT
x-content-type-options: nosniff
age: 396342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:10 GMT

POST
H2 200 interact Show response
jastinmartin.lnk.to/~/tr/ 70 B
186 B 110ms
110ms Fetch
application/json 52.17.169.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jastinmartin.lnk.to/~/tr/interact
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/red3/549/release-classic-video.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.169.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-169-138.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dd6d8cc341a5899151e56527fb1f9fe3be7197def03d103bb875c3d617ffe08b

Request headers

Referer: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 16 Apr 2023 00:36:53 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/36754c51/www-widgetapi.vflset/ 184 KB
62 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/36754c51/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26a7c417f67159ae3e9ef95aa85ee360b0ba0d07608d9f9c8e615052b1da1400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 23:39:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63301
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 00:21:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 14 Apr 2024 23:39:06 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/36754c51/ Frame 9776 399 KB
51 KB 76ms
76ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/36754c51/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfb14c36ee35bd07cb95bb56428c4b63c99a2818ed5fb70c4fe81f8bc10c8126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 21:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51993
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 00:21:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 14 Apr 2024 21:30:50 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9776 15 KB
15 KB 57ms
56ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:05 GMT
x-content-type-options: nosniff
age: 396348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9776 15 KB
15 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:02 GMT
x-content-type-options: nosniff
age: 396351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:02 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/36754c51/www-embed-player.vflset/ Frame 9776 349 KB
108 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/36754c51/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9d7f0384afc048bb87d17f73d7636ed88251864d13d29f3be46cc6abbda067f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:33:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110882
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 00:21:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 15 Apr 2024 00:33:02 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/ Frame 9776 2 MB
619 KB 111ms
110ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b7bf70786630f93ce0accd9c42a90918e77a0617a266fbdf317ed54b65a57a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 633325
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 00:21:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 14 Apr 2024 15:43:11 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/36754c51/fetch-polyfill.vflset/ Frame 9776 9 KB
3 KB 116ms
116ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/36754c51/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 00:21:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 15 Apr 2024 00:02:18 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 9776
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

48ms
48ms

XHR
application/json

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1

Protocol

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc2f258b5bad5c5b6ec34f8a53e4a3a758cf47b60d9a68e62c5532e41b9542fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 16 Apr 2023 00:36:53 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 9776 29 B
494 B 127ms
39ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:08 GMT
x-content-type-options: nosniff
age: 45
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 16 Apr 2023 00:51:08 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 177ms
48ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 16 Apr 2023 00:36:53 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9776 66 KB
31 KB 55ms
54ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b67ab11fd261fc3342eed1d119515b6228dcd9e247f97e7657f4e33a778fa161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 16 Apr 2023 00:36:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31222
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/ Frame 9776 116 KB
36 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23f0974f5a5a9578fa2bf2b7211a29d4c6df1fca74f8291e5258c43482df534b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 02:14:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80546
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36566
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 00:21:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 14 Apr 2024 02:14:27 GMT

GET
H2 200 E2xtljRepN-eFPlyfWIcviFlpiWi6Q6bMRPMqXz0nbk.js Show response
www.google.com/js/th/ Frame 9776 36 KB
15 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/E2xtljRepN-eFPlyfWIcviFlpiWi6Q6bMRPMqXz0nbk.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

136c6d96345ea4df9e14f9727d621cbe2165a625a2e90e9b3113cca97cf49db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 13:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14410
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 13:56:00 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/evW3rdcp0Lo/ Frame 9776 68 KB
69 KB 139ms
49ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/evW3rdcp0Lo/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ab41704e8c465c187cbf2fb13428fec0b771bf3fbd8d3ae035c353ac89b8a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:53 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69785
x-xss-protection: 0
server: sffe
etag: "1681379380"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 16 Apr 2023 00:41:53 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/ Frame 9776 29 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c4dc5924fd04f9ebd8bb7367ace6362e2e9f497d3b4cd556b10eb1215785ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:43:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9035
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 00:21:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 14 Apr 2024 12:43:35 GMT

GET
DATA 200
OK truncated
/ Frame 9776 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AGIKgqNNCm_ReSg0NWWxyrNmpwhLOuCuJ_XxfMFfURolrIiESg5nyGqfrzFe3D7yC_p5=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9776 876 B
1 KB 144ms
40ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AGIKgqNNCm_ReSg0NWWxyrNmpwhLOuCuJ_XxfMFfURolrIiESg5nyGqfrzFe3D7yC_p5=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

550ca7fbfb3d9732f12c617335b44237cb2e45f288a14bb04ed94ab2dfeaab71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:00:05 GMT
x-content-type-options: nosniff
server: fife
age: 2208
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 876
x-xss-protection: 0
expires: Mon, 17 Apr 2023 00:00:05 GMT

POST
H2 200 / Show response
jastinmartin.lnk.to/~/tr/consent/ 70 B
186 B 123ms
123ms XHR
application/json 52.17.169.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jastinmartin.lnk.to/~/tr/consent/
Requested by: Host: jastinmartin.lnk.to
URL: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.169.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-169-138.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dd6d8cc341a5899151e56527fb1f9fe3be7197def03d103bb875c3d617ffe08b

Request headers

Referer: https://jastinmartin.lnk.to/HurtBefore?utm_source=dotmailer&utm_medium=email&utm_campaign=325020_04.14.23_Def%20Jam_Def%20Jam%20Newsletter%20%28New%20Template%29_Full%20List_231785_US&dm_i=4YUH,6YSC,3D2TUT,Z8QY,0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 Apr 2023 00:36:53 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 9776 4 KB
2 KB 143ms
53ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 16 Apr 2023 00:36:53 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 9776 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?7PJvhw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/112/ Frame 9776 50 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/112/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 04:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 16:06:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 16 Apr 2023 04:50:30 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
47ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 16 Apr 2023 00:36:53 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9776 90 B
134 B 51ms
50ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b62e4c3551eab2bfaed39f7220370d543439fc5c37a614e1bd1df41f4d61866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 16 Apr 2023 00:36:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 90ms
90ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m2023041101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/pubads_impl.js?cb=31073792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

802e05660182e04bba3b4cf89fe2028fd2fb75625389a78455efb596ae69772f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11428
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 249ms
53ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/pubads_impl.js?cb=31073792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 16 Apr 2023 00:36:53 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5B0F 13 KB
5 KB 43ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jastinmartin.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 22:44:33 GMT
expires: Sun, 14 Apr 2024 22:44:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1529 783 B
963 B 90ms
89ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb9820b72444f380829257678e118b81fa4bfbcef206dc6c58e96b0a5648374f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wYZrkpraajIDY24UHP5olw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jastinmartin.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-wYZrkpraajIDY24UHP5olw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 16 Apr 2023 00:36:54 GMT
expires: Sun, 16 Apr 2023 00:36:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B0F 36 KB
14 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ec74085fc1675967497029f672a2da0a31815bc6792fd36c4da8086d1b20133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 13:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14296
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 13:54:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1529 0
0 113ms
74ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m2023041101&jk=3647716113354115&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5B0F 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Kl4aLQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 00:36:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m2023041101&jk=3647716113354115&bg=!QkGlQRXNAAZA7GLoYOw7ADkAdvg8WpvvLe1VigzJ8czkchxPw03rtDsRsY-LxyhL17oSYZzBu66tTJAvGrjpCR0KiBACyCUOsKkCAAAAUVIAAAAEaAEHmQLQ-bGTiES91TzEgozo79An87P9JDYLfR86erji-sp8dfYg1kSkkNuyFD-0_uP3UfogUS6pUcWemeqL0b9awdqfTNW40RSGLwJjITrwCfdCLuKZqNGR1Rqdh9tflv7ynqKWUlDtoXSwKzg3ITpAiC88lnYf7EAdqe0oBGtKQkaF15s2Z_N0RTO-Izj0U3ZTTN_3KmFjZt4yfZs7zcYpQXowHBgiaJgrI5omlkebZ0-gSsz79zfwTdIG6Bb9eu3Zi0LiWOzNU_0W_t3WhqAzGVmFMLpvehuBq9ymBW6-BtThGACB-BNKyFGJelS-4rKDXdIObN3tIMDvD6YCLhMnCYfdneQ13UyNqpcZQv7x19U6ehl1PPGPJJvvci9IEmtQyQQl3vcE5CVaC03ZDmdd3q5O-4U7EDp9wWQhoTVxXNG0w-Dy5F_5d-l9OWSSn6LYZmRrSYMZO0bwDIhexrtK636Rg7r3YOnNTFPJwzJJsOrubY4ObyCjX3YjMe3bUC65w2IqaylKtx-WNFFMC_bgq_iz7IQJEGloIlP7KHjusVTuoA7v0nNHkelOOMRZiabirgMKpgVCJW8WSf6VUz483Bw7bFHCsG-LnccAWntSVXCiXN9qBAE9lup56drI9Sca9l7-XpPSm2SnPo4q84IGWorsNVQY-YfBSh1RX88JvZQSkZdTbwl4XhLCNmZiYVg8TksFghABS74Vxc1xLLD1cQug20-u6LhuFhlEZWg4ztR-qfshT2erHPBYgQyXwFOm_8geqEwDiMk2OyDQ5lWLzn18gGURU9Zl99vBjRGVSnJ3PIe2hZbmxnAGQYrqTXieO2JQtd8HGGQoiS7IsGGG6BSwrPm7sJxe55vBhqhYOHNZVkffZkJDiaUmQC-CH_sYZDdl2kYS_Fcppt2cU31Jd3lvPIwwxcHRYCWoWv_87WSFGeJF1W92jpYZysqcUZvw6MBY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jastinmartin.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9776 28 B
54 B 54ms
52ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
X-Goog-Request-Time: 1681605415700
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/evW3rdcp0Lo?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
X-YouTube-Client-Version: 1.20230411.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtnU29aT3VhOXZOUSikhu2hBg%3D%3D
X-YouTube-Ad-Signals: dt=1681605413148&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C720%2C405&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 16 Apr 2023 00:36:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 16 Apr 2023 00:36:55 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.us.umusic-online.com/	1970-01-20 11:06:47	Name: __cf_bm Value: u631gGx4ilLr83WaUrDqDYmwErnkzuI7.vbbjqmBuk4-1681605411-0-AW3iye9WbINgynMb13/idK0uMb2dyfGEUgUZsYYn8ecLCCzC79xKd4acwPzhQ2amRR0eos+RK8dlRVf6bGz9x7Y=
us.umusic-online.com/	1970-01-20 11:08:08	Name: __cflb Value: 0H28vu4buNPVYsdfD2gridndJkHgRRTf2xzmw3JRgTN
.lnk.to/	1970-01-20 11:06:46	Name: LF_session_37a6f0981605dbff9d99e8412acbfe90 Value: 1
.doubleclick.net/	1970-01-20 11:06:46	Name: test_cookie Value: CheckForPermission
.lnk.to/	1970-01-20 20:28:21	Name: __gads Value: ID=39f1e78806a83fb7:T=1681605412:S=ALNI_Ma60kj7m4cW1LvOgCb3A1Gv1RFupA
.lnk.to/	1970-01-20 20:28:21	Name: __gpi Value: UID=00000bd698668404:T=1681605412:RT=1681605412:S=ALNI_MZJz0A6V4t5W2YJzm3ZQ7L25dq2xQ
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: AsSkxlWGtdQ
.youtube.com/	1970-01-20 15:25:57	Name: VISITOR_INFO1_LIVE Value: gSoZOua9vNQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bf0b301514ca6c0523fac67e1898bfe3.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jastinmartin.lnk.to
jnn-pa.googleapis.com
linkstorage.linkfire.com
pagead2.googlesyndication.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
services.linkfire.com
static.assetlab.io
static.doubleclick.net
tpc.googlesyndication.com
us.umusic-online.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.16.209.86
18.154.63.102
2600:9000:21f3:4200:14:38a4:2ec0:93a1
2a00:1450:4001:806::2001
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:827::2016
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
52.17.169.138
65.9.95.7
65.9.95.81
012d4cc53ce9470d70ee381caa4ee89f4b4f5229922af1db0a5b23dbf0b67610
084e200b1cc3e7829f87f77b0985ab462683584b15c127424c61f44e1e45a11e
136c6d96345ea4df9e14f9727d621cbe2165a625a2e90e9b3113cca97cf49db9
16083fab56c652d566747b22bebc44b3de626c446044ca2d369d9b0551ffaf8f
1db9305504714c23116b51ba0be8ab8c19e8c4da74d0c127587ed1068f7b00d7
1fffe142658ede54ea109d3864f003ebb11170d4ea0110f752ec4b51cc8646c9
23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e
23f0974f5a5a9578fa2bf2b7211a29d4c6df1fca74f8291e5258c43482df534b
26a7c417f67159ae3e9ef95aa85ee360b0ba0d07608d9f9c8e615052b1da1400
2ab41704e8c465c187cbf2fb13428fec0b771bf3fbd8d3ae035c353ac89b8a13
2b62e4c3551eab2bfaed39f7220370d543439fc5c37a614e1bd1df41f4d61866
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
52da3158656fa25f0cf23f4c607cec939b53480478e9f72dbc79c98aeeae664d
550ca7fbfb3d9732f12c617335b44237cb2e45f288a14bb04ed94ab2dfeaab71
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6e2732f469adbdf4b548253219f785c7bd7450bdf2ded4e8f8a0afa6b0053d82
6ec74085fc1675967497029f672a2da0a31815bc6792fd36c4da8086d1b20133
713e00f3406d9a32bd3e8a692047951d74433865c7cdbc0ad987cec8fad7bd37
73bbec9426c7befa44a12dfc409e56d124d0da7b6a1ac3557ef8552be4266636
77287af1d5a16558f4ad1c24848abdd84cf7c6c87135d0fc6b2e80a0c6447ed6
783acc04174098c9e538ec02074dfe433e1ce8067720c240def1178c83252a0c
7b63e304765c240b96fda4bb5b9654ada98ccdc28d082b2e00f2cf2c1af48e54
802e05660182e04bba3b4cf89fe2028fd2fb75625389a78455efb596ae69772f
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
87b7bf70786630f93ce0accd9c42a90918e77a0617a266fbdf317ed54b65a57a
8cb00b3db2e68ae430cd96730d426b74a42cd138f3f2475564861aa1fdda0888
98f197e54117ddb76729a5e1efa00ed23f485054473ff6cdd1be42fcbb348de6
9c4dc5924fd04f9ebd8bb7367ace6362e2e9f497d3b4cd556b10eb1215785ebd
a3f6f836ee9133b958fe87a00fb175712a3249465b842ecf109df987e8c10fcb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ae2b6ee5ab62e9100af78dab7e35f1bb327faef7d2fbfa778e16e42c7abdb411
ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68
b67ab11fd261fc3342eed1d119515b6228dcd9e247f97e7657f4e33a778fa161
b7112c3a8d7660d7b74255eaaca91403369dcb715105c46901f2adfbbe3347a8
bfb14c36ee35bd07cb95bb56428c4b63c99a2818ed5fb70c4fe81f8bc10c8126
ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da04bebb674049d36267c5c9fd0a52b15da7d6f5f7189c7f7e8430b61d6a63e6
dc0d8191ca9bacc9a33b5aa1a79a8e9a4dde46ec1e7133242f10500456e6b2e2
dc2f258b5bad5c5b6ec34f8a53e4a3a758cf47b60d9a68e62c5532e41b9542fc
dd6d8cc341a5899151e56527fb1f9fe3be7197def03d103bb875c3d617ffe08b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b29707ddd9bf0b1604fcbc8d6f4741d886de7361a9cba0cd0d1b38860af1d1
eaf78d7fd121acadcc787b64a057b804f28f8b8c423c607c11e7db547d1b4ee2
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8a9b6a12cd203128f1fbde87d4fb396511cec3492ae458f654e44a97afb9d90
f9d7f0384afc048bb87d17f73d7636ed88251864d13d29f3be46cc6abbda067f
fb9820b72444f380829257678e118b81fa4bfbcef206dc6c58e96b0a5648374f

jastinmartin.lnk.to Open in urlscan Pro 52.17.169.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

97 %HTTPS

76 %IPv6

14 Domains

22 Subdomains

21 IPs

4 Countries

1868 kBTransfer

5717 kBSize

8 Cookies

6 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

jastinmartin.lnk.to Open in urlscan Pro
52.17.169.138 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

97 %
HTTPS

76 %
IPv6

14
Domains

22
Subdomains

21
IPs

4
Countries

1868 kB
Transfer

5717 kB
Size

8
Cookies

69 HTTP transactions
1 data transactions