urlscan.io logo urlscan.io
SecurityTrails logo

cruza.lnk.to Open in urlscan Pro
54.72.246.79  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://us.umusic-online.com/4YUH-8JTX-3D2TUT-7UJZP-0/c.aspx
Effective URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20...
Submission: On November 04 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 13 domains to perform 66 HTTP transactions. The main IP is 54.72.246.79, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is cruza.lnk.to.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 10th 2023. Valid for: a year.
This is the only time cruza.lnk.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    104.17.129.171 (None, )

ASN13335 (CLOUDFLARENET, US)
us.umusic-online.com
4    54.72.246.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-246-79.eu-west-1.compute.amazonaws.com
cruza.lnk.to
9    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
7    18.245.86.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-31.fra60.r.cloudfront.net
static.assetlab.io
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.32.99.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-114.fra60.r.cloudfront.net
linkstorage.linkfire.com
6    2600:9000:21f3:7400:14:38a4:2ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
services.linkfire.com
5    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
sb.scorecardresearch.com
10    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
834c62290fc3e2a84b63f090940890bc.safeframe.googlesyndication.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
2    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:81c::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
12 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
static.doubleclick.net — Cisco Umbrella Rank: 255
168 KB
10 youtube.com
www.youtube.com — Cisco Umbrella Rank: 68
1 MB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
834c62290fc3e2a84b63f090940890bc.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
42 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
95 KB
7 linkfire.com
linkstorage.linkfire.com — Cisco Umbrella Rank: 106922
services.linkfire.com — Cisco Umbrella Rank: 106333
87 KB
7 assetlab.io
static.assetlab.io — Cisco Umbrella Rank: 87356
355 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
jnn-pa.googleapis.com — Cisco Umbrella Rank: 207
33 KB
4 lnk.to
cruza.lnk.to
115 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
16 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 219
1 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 87
133 KB
1 umusic-online.com
us.umusic-online.com — Cisco Umbrella Rank: 261376
573 B
66 13
Domain Requested by
10 www.youtube.com static.assetlab.io
www.youtube.com
9 securepubads.g.doubleclick.net cruza.lnk.to
securepubads.g.doubleclick.net
7 static.assetlab.io cruza.lnk.to
static.assetlab.io
6 services.linkfire.com cruza.lnk.to
5 pagead2.googlesyndication.com static.assetlab.io
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
4 cruza.lnk.to cruza.lnk.to
static.assetlab.io
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 sb.scorecardresearch.com 1 redirects cruza.lnk.to
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 www.google.com www.youtube.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 834c62290fc3e2a84b63f090940890bc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 linkstorage.linkfire.com cruza.lnk.to
1 fonts.googleapis.com cruza.lnk.to
1 us.umusic-online.com 1 redirects
66 20

This site contains links to these domains. Also see Links.

Domain
music.apple.com
music.amazon.com
open.spotify.com
www.deezer.com
music.youtube.com
Subject Issuer Validity Valid
lnk.to
Amazon RSA 2048 M02		 2023-07-10 -
2024-08-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
static.assetlab.io
Amazon RSA 2048 M03		 2023-09-20 -
2024-10-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
linkfire.com
Amazon RSA 2048 M02		 2023-04-19 -
2024-05-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Frame ID: A4BA7450E8D115B60FBA6E4BE4585BDA
Requests: 39 HTTP requests in this frame

Frame: https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Frame ID: DE91400538415F42DDED89AA3868421E
Requests: 20 HTTP requests in this frame

Frame: https://834c62290fc3e2a84b63f090940890bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9B2D36D2C5679B61577F1D3C6ABCEF53
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E241BA9D6FA4AB2BF46F448B24A6D130
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CC5AFA09E06EA588676192DCB0C5AB90
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cruza - Hypnotherapy

Page URL History Show full URLs

  1. https://us.umusic-online.com/4YUH-8JTX-3D2TUT-7UJZP-0/c.aspx HTTP 302
    https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

66
Requests

97 %
HTTPS

75 %
IPv6

13
Domains

20
Subdomains

20
IPs

4
Countries

2107 kB
Transfer

6023 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://us.umusic-online.com/4YUH-8JTX-3D2TUT-7UJZP-0/c.aspx HTTP 302
    https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://sb.scorecardresearch.com/cs/9923941/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 42
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Hypnotherapy
cruza.lnk.to/
Redirect Chain
  • https://us.umusic-online.com/4YUH-8JTX-3D2TUT-7UJZP-0/c.aspx
  • https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
114 KB
114 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.246.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-246-79.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d4ed1763d48baa2d3d9c0902fbb24715011f9f6b0c7377613a74bff9b7c7bcdf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 04 Nov 2023 07:14:37 GMT
server
nginx
x-redirector-version
redirector-v3

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
820b0fa14fd99150-FRA
content-length
0
date
Sat, 04 Nov 2023 07:14:36 GMT
location
https://cruza.lnk.to:443/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc8185bd841e6d0d2fe005aa849ac1a6c3f19770086582003cf2d7253098b322
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31164
x-xss-protection
0
server
cafe
etag
239 / 19665 / 31079420 / config-hash: 7101305502720886139
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 07:14:38 GMT
release-classic.css
static.assetlab.io/red3/605/ 		70 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.assetlab.io/red3/605/release-classic.css
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20cefe38c853522bcb2a20df60781c234f0b064189ab37d23e6f4927df695469

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
dzpRQ43MRffPcMQ5asORKB7ZbylQoCiK
content-encoding
gzip
via
1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
date
Fri, 03 Nov 2023 23:28:53 GMT
last-modified
Tue, 31 Oct 2023 08:57:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
27947
x-amz-server-side-encryption
AES256
etag
W/"4cf3ccfe0aee7a3592dd340310582f20"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
jk6dFuyAybb0e0uUll5QHHbHplyqFvxptc33ULF-kCiiKtdojidvdw==
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 04 Nov 2023 07:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 Nov 2023 06:41:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Nov 2023 07:14:38 GMT
release-classic-video.js
static.assetlab.io/red3/605/ 		544 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.assetlab.io/red3/605/release-classic-video.js
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4443487649a93fb6e92c4b54c932e6cd7ccf88977073849e8071cd24237169ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
dlezVJNl0RC9cZe09rAI3MUpkFNvSlv_
content-encoding
gzip
via
1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
date
Fri, 03 Nov 2023 09:29:15 GMT
last-modified
Tue, 31 Oct 2023 08:57:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
78324
x-amz-server-side-encryption
AES256
etag
W/"8b138e7c95661e272459a8b24c314640"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
qwVDq8cqrBRMXxn2xua-SNP3xymbKoLonOC_jzojoEhqjekWP7bkzw==
artwork-440x440.jpg
linkstorage.linkfire.com/medialinks/images/4b81e990-f086-4635-a846-e63f701d4182/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkstorage.linkfire.com/medialinks/images/4b81e990-f086-4635-a846-e63f701d4182/artwork-440x440.jpg
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-114.fra60.r.cloudfront.net
Software
The Great Gig In The Sky / Master of Puppets
Resource Hash
20a0b5b5cec8395a21ca5f176e8e1dbc910a0bae3c81da2a4b86997216c04c9e
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 10:01:29 GMT
x-amz-version-id
oUcCoVGI9Ib79mDzWYt_UuV1b53crj_K
x-content-type-options
nosniff
strict-transport-security
max-age=10368000; includeSubdomains; preload
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
76390
x-amz-server-side-encryption
AES256
x-powered-by
Master of Puppets
x-cache
Hit from cloudfront
content-length
66553
x-xss-protection
1; mode=block
x-linkfire-security
security@linkfire.com
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 28 Sep 2023 18:14:37 GMT
server
The Great Gig In The Sky
etag
"86995e31de7b4924385c71cbb47f51ed"
expect-ct
max-age=0
x-frame-options
DENY
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
334-O4FpL1OYlTbgAgt4GCWsReotRIKb0OYOzw7ag8mf6E4LO9eDog==
logo_applemusic_onlight.svg
services.linkfire.com/ 		7 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.linkfire.com/logo_applemusic_onlight.svg
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7400:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 18:59:10 GMT
x-amz-version-id
nGo7v092Ub92VgXy.O3WmDeRgTKJPui3
content-encoding
gzip
last-modified
Tue, 17 Nov 2020 11:13:55 GMT
server
AmazonS3
via
1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"3d4894f0254dc9d917c86fffd766046a"
age
562529
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
leOxd0fexkY5RwY5XfvE7aRo7XLGcFUKEw3NpxYqBEKkjVS1f1i-Bw==
logo_amazonmusic_onlight.svg
services.linkfire.com/ 		13 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.linkfire.com/logo_amazonmusic_onlight.svg
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7400:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
975f93c89036852225cae57756ec08a8a54b479e5084889dd5b7c1c5c4ea3533

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
t.6xwhzUsEMabMOAcrU_ahq8gb2zQE2F
content-encoding
gzip
via
1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
date
Tue, 31 Oct 2023 18:30:17 GMT
last-modified
Thu, 14 Sep 2023 12:43:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
305061
x-amz-server-side-encryption
AES256
etag
W/"8431baffada660f88a05cf5c64654842"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
Am3Axi2W-pUJG3HLslXkIqnLu56fwOxu1evnyVPJPeBK4cc6mDVA_Q==
logo_spotify_onlight.svg
services.linkfire.com/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.linkfire.com/logo_spotify_onlight.svg
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7400:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
date
Wed, 01 Nov 2023 04:24:02 GMT
last-modified
Wed, 02 Nov 2016 12:14:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
270052
etag
W/"10ebad8fc307d85d6ed34e9fa95a7577"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
vMJHMTAvaMq3xrJW90-4O1CH8gECiIObhMyJP-LDpEPF7s-KujwlZg==
logo_itunes_onlight.svg
services.linkfire.com/ 		19 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.linkfire.com/logo_itunes_onlight.svg
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7400:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
date
Fri, 03 Nov 2023 16:49:00 GMT
last-modified
Fri, 23 Mar 2018 08:26:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
51939
etag
W/"db14889932940c59c989f46bcff71c80"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
zmq6MPc8yO8VpISVfz5asIyMJQgu-eRgSSl8CoA21XlWcmsLmvFQCw==
logo_deezer_onlight.svg
services.linkfire.com/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.linkfire.com/logo_deezer_onlight.svg
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7400:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8a9b6a12cd203128f1fbde87d4fb396511cec3492ae458f654e44a97afb9d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
date
Wed, 01 Nov 2023 04:24:02 GMT
last-modified
Tue, 07 May 2019 14:18:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
269541
etag
W/"c488f62a2b4ec4cc5f9368f3f9969eed"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
6aIbHNGzvzsh2syNtalAkNP-X4r7yVQuQV2PoOlY1G2feaTIpmCwzA==
logo_youtubemusic_onlight.svg
services.linkfire.com/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.linkfire.com/logo_youtubemusic_onlight.svg
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7400:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ce9c869d01258f4e024478cbb35d9c6d905e247fe95a11984e5277a96dde0fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
G1rOQPF3JpQef3z0Vi5fsLBWAO__tg2E
content-encoding
gzip
via
1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
date
Wed, 01 Nov 2023 04:24:03 GMT
last-modified
Fri, 23 Jun 2023 08:30:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
269753
x-amz-server-side-encryption
AES256
etag
W/"d074b492d1d7017ee94ac92a3891a8c7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
XG7A9UXouoqEsmRQZ5NXvg2dhxjUSoSiqm53U76I3tLQcxnisulb_w==
skin.js
static.assetlab.io/red3/605/ 		542 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.assetlab.io/red3/605/skin.js
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac249b48798ccead26366674370ddf4abee656db85543842fd1643b6d6bd33c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
k3p4HYhdsHTnwfuJwC4K1Kw1yx5UV2BF
content-encoding
gzip
via
1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
date
Fri, 03 Nov 2023 23:28:54 GMT
last-modified
Tue, 31 Oct 2023 08:57:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
27947
x-amz-server-side-encryption
AES256
etag
W/"fb16fb19975d9f1bc757dd3d42b68e9e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
CxLo1_JLqJKzehzgkmkg-auBXbZrevwP2yQul1pv-SYeLLUSQAFZkw==
consent.js
static.assetlab.io/consent/1.11.4/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.assetlab.io/consent/1.11.4/consent.js
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fa2916552b7c847586b1150413a4626cb87e310dd751544091125f86fa46fdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
DO3Y.PjwotHLU6BR1DmWQNj5.HnLCS5k
content-encoding
gzip
via
1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
date
Sat, 04 Nov 2023 05:22:17 GMT
last-modified
Mon, 11 Sep 2023 15:03:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
6743
x-amz-server-side-encryption
AES256
etag
W/"bf5bf954f85d2f7c8c7788597ca69cec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
bY7YGSOGYBkQgOkewlUW6fBu0k0fRWmUuXYFua9uy_Z52cCColLlmw==
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cruza.lnk.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:18:02 GMT
x-content-type-options
nosniff
age
57396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 15:18:02 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cruza.lnk.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 04:06:52 GMT
x-content-type-options
nosniff
age
97666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 04:06:52 GMT
consent.css
static.assetlab.io/consent/1.11.4/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.assetlab.io/consent/1.11.4/consent.css
Requested by
Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.4/consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1132a5cc479c9e343ff008ea74229bcf3fdb2d3494d591819a71566c721b9790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
4bBojVfCoDE4N1uE31wXkg0227ImqABr
content-encoding
gzip
via
1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
date
Fri, 03 Nov 2023 08:20:40 GMT
last-modified
Mon, 11 Sep 2023 15:03:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
82439
x-amz-server-side-encryption
AES256
etag
W/"55d1af0e3653af219c2e49295a1deb97"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
MkKkij7sjqRYuieJsCYz6BVIkucS7tcaMayOGUGcTEZYVYVmHXTyxQ==
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/9923941/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:04:19 GMT
content-encoding
gzip
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jul 2023 09:10:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
4321
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
Du2hi0RWQblo2NgniI2iZCqe7dyqL5oFQzxjC4DS--PAjpKbfibi5w==

Redirect headers

date
Sat, 04 Nov 2023 07:14:38 GMT
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
sUo_8Rd-FVa1rdrOxCi9ZK_LLl-wu0ZkvBnaWengVA0tfs9EerRLgQ==
/
cruza.lnk.to/~/tr/visit/ 		70 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cruza.lnk.to/~/tr/visit/
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.246.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-246-79.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bb46dff52a41d7c4bee3d9890eacb0ff481d10902dfc8592c38dac5cb0126fd5

Request headers

Referer
https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 04 Nov 2023 07:14:38 GMT
x-redirector-version
redirector-v3
server
nginx
content-type
application/json; charset=UTF-8
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: static.assetlab.io
URL: https://static.assetlab.io/red3/605/release-classic-video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9f8a2c12a04d9ac4408a2e31569abedeac96e4817b3e3b25e10a80cff9fc200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /cspreport
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sat, 04 Nov 2023 07:14:38 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: static.assetlab.io
URL: https://static.assetlab.io/red3/605/release-classic-video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51900
x-xss-protection
0
server
cafe
etag
15221290042193533627
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 07:14:38 GMT
f3nP2Gw66mA
www.youtube.com/embed/ Frame DE91 		90 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Requested by
Host: static.assetlab.io
URL: https://static.assetlab.io/red3/605/release-classic-video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50ab2238c77f56062b1a922827d1c26cb5ffeca6acab895d30df387fd9e820d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cruza.lnk.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Nov 2023 07:14:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ 		426 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 13:49:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
62696
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136626
x-xss-protection
0
server
cafe
etag
12374074705736737879
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 02 Nov 2024 13:49:42 GMT
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1699082078415&ns_c=UTF-8&cs_ucfr=&comscorekw=umg&c7=https%3A%2F%2Fcruza.lnk.to%2FHypnotherapy%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D398949_09.29.23_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C8JTX%2C3D2TUT%2C180YW%2C0&c8=Cruza%20-%20Hypnotherapy&c9=
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:38 GMT
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
H16gUJYc4AG0oL1eyRuuyAR0Rt2t4H7HoliHDTvRgLSDLTWwG0R0Pw==
x-cache
Miss from cloudfront
ic-shield-blue.svg
static.assetlab.io/consent/1.11.4/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.assetlab.io/consent/1.11.4/assets/ic-shield-blue.svg
Requested by
Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.4/consent.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.assetlab.io/consent/1.11.4/consent.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
pWZvTnA3egbODOBHt3YiW1LxOA9z3QN4
content-encoding
gzip
via
1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
date
Fri, 03 Nov 2023 17:37:46 GMT
last-modified
Mon, 11 Sep 2023 15:03:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
49013
x-amz-server-side-encryption
AES256
etag
W/"560dd3386ebf80f78c934aeff4a6a82c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
y49zMpcSiZnETOLr3a2-IoUiM95_0AGhbzMBQ6dVrCBvsJ4zbKOLNg==
ic-close-s.svg
static.assetlab.io/consent/1.11.4/assets/ 		351 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.assetlab.io/consent/1.11.4/assets/ic-close-s.svg
Requested by
Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.4/consent.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.assetlab.io/consent/1.11.4/consent.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
LrzdVbZgK6lD2zo6k1X64zN4gxf_tmH8
date
Sat, 04 Nov 2023 02:42:31 GMT
via
1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
last-modified
Mon, 11 Sep 2023 15:03:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
16332
x-amz-server-side-encryption
AES256
etag
"d303b6c7d844d91101e1e4c63156cfec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
351
x-amz-cf-id
IrkT7lVmhATplh4cV7-a65X3zUb0LJ8ZkAlvD3xoJ3NtGaUj8KS6Rg==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cruza.lnk.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 13:37:19 GMT
x-content-type-options
nosniff
age
581839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 13:37:19 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		886 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4048987274456662&correlator=3990609861296932&eid=31079420%2C31079240&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=22051246401%2CHeader_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699082078512&lmt=1699082078&adxs=0&adys=-160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcruza.lnk.to%2FHypnotherapy%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D398949_09.29.23_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C8JTX%2C3D2TUT%2C180YW%2C0&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&ga_vid=744014101.1699082079&ga_sid=1699082079&ga_hid=1540716214&ga_fc=false&dlt=1699082078054&idt=390&cust_params=genre%3DRock%252CEDM%252CHip-Hop%252FRap%252CRock%252CEDM%252CHip-Hop%252FRap%26subgenre%3DAlternative%252CDance%252CHip%2520hop%252FRap%26contextualgenre%3DInstrumental%26explicit%3Dno%26artist%3Dcruza%26album%3DHypnotherapy%26linkid%3D5da37475-7146-4633-8df6-559506babea0%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DUnknown%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=2736067097&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13b831490cc998dce3df94e3bbd4b37802d282ae0a202a4c36e556163c295515
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
508
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cruza.lnk.to
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		535 B
296 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4048987274456662&correlator=3990609861296932&eid=31079420%2C31079240&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-Click_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1699082078520&lmt=1699082078&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcruza.lnk.to%2FHypnotherapy%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D398949_09.29.23_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C8JTX%2C3D2TUT%2C180YW%2C0&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=744014101.1699082079&ga_sid=1699082079&ga_hid=1540716214&ga_fc=false&dlt=1699082078054&idt=390&cust_params=genre%3DRock%252CEDM%252CHip-Hop%252FRap%252CRock%252CEDM%252CHip-Hop%252FRap%26subgenre%3DAlternative%252CDance%252CHip%2520hop%252FRap%26contextualgenre%3DInstrumental%26explicit%3Dno%26artist%3Dcruza%26album%3DHypnotherapy%26linkid%3D5da37475-7146-4633-8df6-559506babea0%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DUnknown%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=1338496054&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b4721f3373f9fc8aa8c2c4b7c068781ed70d835df99b23e4e5b2fcd959be2f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
266
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cruza.lnk.to
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		542 B
296 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4048987274456662&correlator=3990609861296932&eid=31079420%2C31079240&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-amazon-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1699082078524&lmt=1699082078&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcruza.lnk.to%2FHypnotherapy%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D398949_09.29.23_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C8JTX%2C3D2TUT%2C180YW%2C0&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=744014101.1699082079&ga_sid=1699082079&ga_hid=1540716214&ga_fc=false&dlt=1699082078054&idt=390&cust_params=genre%3DRock%252CEDM%252CHip-Hop%252FRap%252CRock%252CEDM%252CHip-Hop%252FRap%26subgenre%3DAlternative%252CDance%252CHip%2520hop%252FRap%26contextualgenre%3DInstrumental%26explicit%3Dno%26artist%3Dcruza%26album%3DHypnotherapy%26linkid%3D5da37475-7146-4633-8df6-559506babea0%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DUnknown%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=1902184223&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4afa1dbac155539c3e37663060e2d04c9babb1bb001b99050e512c10c3f64626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
266
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cruza.lnk.to
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		543 B
296 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4048987274456662&correlator=3990609861296932&eid=31079420%2C31079240&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-spotify-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1699082078526&lmt=1699082078&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcruza.lnk.to%2FHypnotherapy%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D398949_09.29.23_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C8JTX%2C3D2TUT%2C180YW%2C0&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=744014101.1699082079&ga_sid=1699082079&ga_hid=1540716214&ga_fc=false&dlt=1699082078054&idt=390&cust_params=genre%3DRock%252CEDM%252CHip-Hop%252FRap%252CRock%252CEDM%252CHip-Hop%252FRap%26subgenre%3DAlternative%252CDance%252CHip%2520hop%252FRap%26contextualgenre%3DInstrumental%26explicit%3Dno%26artist%3Dcruza%26album%3DHypnotherapy%26linkid%3D5da37475-7146-4633-8df6-559506babea0%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DUnknown%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=4288002596&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fbb7fcda44ffd2ed5ef396fd0783435e9e85e3f87124816fa13786dd7f0391e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
266
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cruza.lnk.to
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		541 B
294 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4048987274456662&correlator=3990609861296932&eid=31079420%2C31079240&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-tidal-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1699082078528&lmt=1699082078&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcruza.lnk.to%2FHypnotherapy%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D398949_09.29.23_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C8JTX%2C3D2TUT%2C180YW%2C0&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=744014101.1699082079&ga_sid=1699082079&ga_hid=1540716214&ga_fc=false&dlt=1699082078054&idt=390&cust_params=genre%3DRock%252CEDM%252CHip-Hop%252FRap%252CRock%252CEDM%252CHip-Hop%252FRap%26subgenre%3DAlternative%252CDance%252CHip%2520hop%252FRap%26contextualgenre%3DInstrumental%26explicit%3Dno%26artist%3Dcruza%26album%3DHypnotherapy%26linkid%3D5da37475-7146-4633-8df6-559506babea0%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DUnknown%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=3635752911&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e98520532d3c39f8536b16f8961568b636e3b7c0bb0f5ab468005df9111e0d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
264
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cruza.lnk.to
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		547 B
294 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4048987274456662&correlator=3990609861296932&eid=31079420%2C31079240&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-apple-music-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=6&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1699082078530&lmt=1699082078&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcruza.lnk.to%2FHypnotherapy%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D398949_09.29.23_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C8JTX%2C3D2TUT%2C180YW%2C0&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=744014101.1699082079&ga_sid=1699082079&ga_hid=1540716214&ga_fc=false&dlt=1699082078054&idt=390&cust_params=genre%3DRock%252CEDM%252CHip-Hop%252FRap%252CRock%252CEDM%252CHip-Hop%252FRap%26subgenre%3DAlternative%252CDance%252CHip%2520hop%252FRap%26contextualgenre%3DInstrumental%26explicit%3Dno%26artist%3Dcruza%26album%3DHypnotherapy%26linkid%3D5da37475-7146-4633-8df6-559506babea0%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DUnknown%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=3334755453&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5bcbd5142d3688fc9ceb2b92209f9f093389b4dedff157e1c58aeb1c9e1cdec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
264
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cruza.lnk.to
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		535 B
293 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4048987274456662&correlator=3990609861296932&eid=31079420%2C31079240&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=22051246401%2CFooter_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x100%7C300x250%7C320x50%7C320x100%7C320x120&ifi=7&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699082078531&lmt=1699082078&adxs=640&adys=855&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcruza.lnk.to%2FHypnotherapy%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D398949_09.29.23_Def%2520Jam_Def%2520Jam%2520Newsletter_Full%2520List_231785_US%26dm_i%3D4YUH%2C8JTX%2C3D2TUT%2C180YW%2C0&vis=1&psz=320x0&msz=320x0&fws=4&ohw=1600&ga_vid=744014101.1699082079&ga_sid=1699082079&ga_hid=1540716214&ga_fc=false&dlt=1699082078054&idt=390&cust_params=genre%3DRock%252CEDM%252CHip-Hop%252FRap%252CRock%252CEDM%252CHip-Hop%252FRap%26subgenre%3DAlternative%252CDance%252CHip%2520hop%252FRap%26contextualgenre%3DInstrumental%26explicit%3Dno%26artist%3Dcruza%26album%3DHypnotherapy%26linkid%3D5da37475-7146-4633-8df6-559506babea0%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DUnknown%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=309253681&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f78975f3ead0e43815ac9c9f59eec4ddbf82bc28e9d8208a6a5e9513c375fd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
263
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cruza.lnk.to
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
834c62290fc3e2a84b63f090940890bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9B2D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://834c62290fc3e2a84b63f090940890bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cruza.lnk.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Nov 2023 07:14:38 GMT
expires
Sun, 03 Nov 2024 07:14:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
interact
cruza.lnk.to/~/tr/ 		70 B
186 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cruza.lnk.to/~/tr/interact
Requested by
Host: static.assetlab.io
URL: https://static.assetlab.io/red3/605/release-classic-video.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.246.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-246-79.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bb46dff52a41d7c4bee3d9890eacb0ff481d10902dfc8592c38dac5cb0126fd5

Request headers

Referer
https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 04 Nov 2023 07:14:38 GMT
x-redirector-version
redirector-v3
server
nginx
content-type
application/json; charset=UTF-8
www-player.css
www.youtube.com/s/player/9d15588c/ Frame DE91 		377 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9d15588c/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59640f904cf8abdc7a1d4189f3bb6ab83bfd60a8dd251a0abb5d5d3ab8a11b24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 03:16:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14308
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48897
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 01:51:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 03 Nov 2024 03:16:10 GMT
embed.js
www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/ Frame DE91 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
890510c615fdee7f81632edaa59169c46685c90f04c61eb2ca5775f9c0a7beaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 07:28:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
258384
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17569
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 01:51:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 31 Oct 2024 07:28:14 GMT
www-embed-player.js
www.youtube.com/s/player/9d15588c/www-embed-player.vflset/ Frame DE91 		321 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9d15588c/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
781ca116ffbdbcc5677786946676f2fa8bd27fbb34137972524a4a11cc885a28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 06:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2087
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98339
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 01:51:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 03 Nov 2024 06:39:51 GMT
base.js
www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/ Frame DE91 		2 MB
758 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9f5dd47b5db0069121fdc563e65be4def3075c1216ed36c77d337a7b1c24307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 07:28:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258384
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
775976
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 01:51:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 31 Oct 2024 07:28:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DE91 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:12:15 GMT
x-content-type-options
nosniff
age
100943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 03:12:15 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DE91 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 21:26:35 GMT
x-content-type-options
nosniff
age
121683
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 21:26:35 GMT
www-widgetapi.js
www.youtube.com/s/player/9d15588c/www-widgetapi.vflset/ 		215 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9d15588c/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1442bd1e775db156e5e8dfdac18d3363e323fe5dcaa648224124fb898b97b441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 06:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
1746
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68259
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 01:51:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 03 Nov 2024 06:45:32 GMT
id
googleads.g.doubleclick.net/pagead/ Frame DE91
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H2
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80ad2b9428cdbb15e984de6aa0bea129908da0c9655b47be9f1092787cc434c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 04 Nov 2023 07:14:38 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame DE91 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9d15588c/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:05:08 GMT
x-content-type-options
nosniff
age
570
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Nov 2023 07:20:08 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 04 Nov 2023 07:14:38 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DE91 		69 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
089366b3fa3d3d67b8a8152665b287b32b8c99f29a0e4d86aca7105e6692e972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 04 Nov 2023 07:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32140
x-xss-protection
0
remote.js
www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/ Frame DE91 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4011afacad08f6d29ce3cb37c0c5e7fdca91235bebc9c25c766c0072937361a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 07:28:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
258380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33753
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 01:51:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 31 Oct 2024 07:28:18 GMT
PCqCuqRWleJvAFB5HssaUTeU1BO5ETzC_zrpZ-5DxRc.js
www.google.com/js/th/ Frame DE91 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/PCqCuqRWleJvAFB5HssaUTeU1BO5ETzC_zrpZ-5DxRc.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c2a82baa45695e26f0050791ecb1a513794d413b9113cc2ff3ae967ee43c517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 02:34:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
189627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14755
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Nov 2024 02:34:11 GMT
maxresdefault.jpg
i.ytimg.com/vi/f3nP2Gw66mA/ Frame DE91 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/f3nP2Gw66mA/maxresdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
797028d9e0676fa1c16e00bf94194b6850f86b38480020dddccad2de7c29e13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:38 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135407
x-xss-protection
0
server
sffe
etag
"1696006556"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 04 Nov 2023 09:14:38 GMT
truncated
/ Frame DE91 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
APkrFKYEraqHXRAuiwYF_zQNTDDQw3wcf8o9fc6wvw0WPQLQNx1CGMyx22jeRSPG2ro3=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame DE91 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/APkrFKYEraqHXRAuiwYF_zQNTDDQw3wcf8o9fc6wvw0WPQLQNx1CGMyx22jeRSPG2ro3=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
64f89df64b5d1534767d0a29272c9a9e2b957388842c91fae79aeaaca8417cfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 03:20:02 GMT
x-content-type-options
nosniff
server
fife
age
14076
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1098
x-xss-protection
0
expires
Sun, 05 Nov 2023 03:20:02 GMT
/
cruza.lnk.to/~/tr/consent/ 		70 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cruza.lnk.to/~/tr/consent/
Requested by
Host: cruza.lnk.to
URL: https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.246.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-246-79.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bb46dff52a41d7c4bee3d9890eacb0ff481d10902dfc8592c38dac5cb0126fd5

Request headers

Referer
https://cruza.lnk.to/Hypnotherapy?utm_source=dotmailer&utm_medium=email&utm_campaign=398949_09.29.23_Def%20Jam_Def%20Jam%20Newsletter_Full%20List_231785_US&dm_i=4YUH,8JTX,3D2TUT,180YW,0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 04 Nov 2023 07:14:39 GMT
x-redirector-version
redirector-v3
server
nginx
content-type
application/json; charset=UTF-8
generate_204
www.youtube.com/ Frame DE91 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?N17gRg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame DE91 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 07:14:39 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DE91 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
28e5d032c67ac823250901b4ef4885dea2cceee5eb734fa8d4b4e91d7681d187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 04 Nov 2023 07:14:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 04 Nov 2023 07:14:39 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/119/ Frame DE91 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/119/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 08:42:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 04 Nov 2023 08:42:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
767b61f2361b63fa4ae40e21d94b772c2ef050e6cb3fbceb2548ad9fc1f940f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12230
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 07:14:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E241 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cruza.lnk.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
63279
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 13:40:00 GMT
expires
Sat, 02 Nov 2024 13:40:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CC5A 		829 B
989 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3a475f6990c1c5d16a7ea7ca891b39ac0bdb70181329fe3951c495c96c1f11a5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qkyaE4EpUcMll-_lDabIng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cruza.lnk.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-qkyaE4EpUcMll-_lDabIng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 Nov 2023 07:14:39 GMT
expires
Sat, 04 Nov 2023 07:14:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame E241 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 13:40:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
63278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 13:40:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CC5A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311020101&jk=4048987274456662&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E241 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?lCnffA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:14:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311020101&jk=4048987274456662&bg=!Z2SlZCvNAAb4oU7C2KE7ADQBe5WfOM9yC0EU-KriQMhXvjOrXcbvYqssw3-PpeaXCQh-afOf2RPgS9od8MxaNiqHN3N-AgAAAFRSAAAADWgBB5kC57AvA74BH3bRrnwFf7hmXLHZ7zPDmygcocrS853PU3FW62N359_zyfnMCips1PKTa3jxXv9IM3s6rbbeD9bin29xV7tFjh9fVzlNlRYCRU9Fwz2hItfW_UjoPP_TkusLLXCS4s7AZDnRvhLEL0UJoWDFt_O2a8Upbc7GNkdTOLH6HpkVkHeM-5HGkWpeyObbRoAgWkxJc8DRBgfScjpbfnYOF3AbEyxiIQB0gq_Bf5V-GaCHMuIEwhhAKadm6vUwyKLdWW-cemct_FUaznjw7fhtXKm9vk_OpItAUETuXBI7fNlPIFjrUGCmURnu316PjjqMz8vVl71hWniCEV0jD_bRmxBXckCA3G9JzPMIywmWtypt5J3xxa9wQZqICvfqacj0bkwD6wP0E5z4i9deZa47YlQGn2lQmCaoi9IVeKGZE5Z8jAWPjlVk3ZG9pnAxFQk4i5x5bqIm0xwNeVr4zlTLLt2rCmeWsAs6qpJ2nPemeWu5TuBPz1UsgwzA2Ww7tRYcSWQf-nHAT3MApo_t_oS963h7kAcgxXwEn0DLFOAxPYQVt0ZGTegNaE6HOPayNj2FKxn7djat64ZjQG2NyVLOsUMlopdlhUJSTTN9CW3ajDKyM67-KelDL7LaqbUivvZAmowpiG5idLeyqA1daaISN7l8DugI5NnfXDKWp0IVv2FGG6e930yDTZm5cgiyVH5TqLGGPaAweOo_IBLeBzc4nOSMw3Psx_zLks4Xi__Q-vgxCp5Wsi01kmoE5Ee8xWLEtGp1zPEeeYpOBEyzIvA4ksE4gn_vr8Mh0Vm-8QhtzGkvL_0BX7RKhHnsLreEpfczEAGPmCd-7YfShmqq5WRBluzd1hP1f2-zP3QR2ud6Ko1Xp04fCyzaj8iSCeuq8z0SsB2azdAmifZgP9M0iCfI6Gi5HbVXKys6JuTz-q_64PjneI083fT1QIxCHXnJSGYf0aOodtcRG80VFhQqZyKankTQ3raV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cruza.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
log_event
www.youtube.com/youtubei/v1/ Frame DE91 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9d15588c/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
X-Goog-Request-Time
1699082081141
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/f3nP2Gw66mA?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
X-YouTube-Client-Version
1.20231031.01.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtFcWhPanUtMzlSbyje3peqBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals
dt=1699082078623&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C720%2C405&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 04 Nov 2023 07:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Sat, 04 Nov 2023 07:14:41 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| googletag string| LnkConsentObject function| lnk_consent object| webpackJsonp object| __core-js_shared__ function| setImmediate function| clearImmediate object| core object| linkfire object| webpackJsonpvue_consent object| regeneratorRuntime function| loadAlreadyConsented object| _comscore function| onYouTubeIframeAPIReady object| ggeac object| google_tag_data object| google_js_reporting_queue object| COMSCORE object| ns_p undefined| google_measure_js_timing number| google_unique_id object| gaGlobal object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
.us.umusic-online.com/ Name: __cf_bm
Value: BPD.tFrDe2WqGmGoPTcHnymGvB6nqo9sdR9nNQeUhfc-1699082076-0-AaujE15+JK4VnKysmGMzZRp9stCbG9b1/eeaqdfBIzqTQQRq/M3rafXyXesQhYJtjV7J63vaxi1i+cux6wAtL5Q=
us.umusic-online.com/ Name: __cflb
Value: 0H28vu4buNPVYsdfD2gridndJkHgRRUPNL8PQ9JsdUx
.lnk.to/ Name: LF_session_d8d9bd16132459346b48652382b164cb
Value: 1
.youtube.com/ Name: YSC
Value: BmeYYEGBXOQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: EqhOju-39Ro
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.lnk.to/ Name: __gads
Value: ID=068e92fab5c6323d:T=1699082078:RT=1699082078:S=ALNI_MaAQDJoKj3wJutgcLVknbZypd_sDg
.lnk.to/ Name: __gpi
Value: UID=00000cb3c4028553:T=1699082078:RT=1699082078:S=ALNI_MY9diUK27N2MjAh1a7Xq2NW-TluKA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

834c62290fc3e2a84b63f090940890bc.safeframe.googlesyndication.com
cruza.lnk.to
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
linkstorage.linkfire.com
pagead2.googlesyndication.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
services.linkfire.com
static.assetlab.io
static.doubleclick.net
tpc.googlesyndication.com
us.umusic-online.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.17.129.171
13.32.99.105
13.32.99.114
18.245.86.31
2600:9000:21f3:7400:14:38a4:2ec0:93a1
2a00:1450:4001:802::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2001
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2016
2a00:1450:4001:828::2001
2a00:1450:4001:829::200a
54.72.246.79
089366b3fa3d3d67b8a8152665b287b32b8c99f29a0e4d86aca7105e6692e972
1132a5cc479c9e343ff008ea74229bcf3fdb2d3494d591819a71566c721b9790
13b831490cc998dce3df94e3bbd4b37802d282ae0a202a4c36e556163c295515
1442bd1e775db156e5e8dfdac18d3363e323fe5dcaa648224124fb898b97b441
20a0b5b5cec8395a21ca5f176e8e1dbc910a0bae3c81da2a4b86997216c04c9e
20cefe38c853522bcb2a20df60781c234f0b064189ab37d23e6f4927df695469
23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e
28e5d032c67ac823250901b4ef4885dea2cceee5eb734fa8d4b4e91d7681d187
3a475f6990c1c5d16a7ea7ca891b39ac0bdb70181329fe3951c495c96c1f11a5
3c2a82baa45695e26f0050791ecb1a513794d413b9113cc2ff3ae967ee43c517
3ce9c869d01258f4e024478cbb35d9c6d905e247fe95a11984e5277a96dde0fd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4011afacad08f6d29ce3cb37c0c5e7fdca91235bebc9c25c766c0072937361a2
4443487649a93fb6e92c4b54c932e6cd7ccf88977073849e8071cd24237169ee
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4afa1dbac155539c3e37663060e2d04c9babb1bb001b99050e512c10c3f64626
4fbb7fcda44ffd2ed5ef396fd0783435e9e85e3f87124816fa13786dd7f0391e
50ab2238c77f56062b1a922827d1c26cb5ffeca6acab895d30df387fd9e820d5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59640f904cf8abdc7a1d4189f3bb6ab83bfd60a8dd251a0abb5d5d3ab8a11b24
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fa2916552b7c847586b1150413a4626cb87e310dd751544091125f86fa46fdd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63
64f89df64b5d1534767d0a29272c9a9e2b957388842c91fae79aeaaca8417cfb
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6f78975f3ead0e43815ac9c9f59eec4ddbf82bc28e9d8208a6a5e9513c375fd5
767b61f2361b63fa4ae40e21d94b772c2ef050e6cb3fbceb2548ad9fc1f940f2
781ca116ffbdbcc5677786946676f2fa8bd27fbb34137972524a4a11cc885a28
797028d9e0676fa1c16e00bf94194b6850f86b38480020dddccad2de7c29e13f
7e98520532d3c39f8536b16f8961568b636e3b7c0bb0f5ab468005df9111e0d0
80ad2b9428cdbb15e984de6aa0bea129908da0c9655b47be9f1092787cc434c3
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
890510c615fdee7f81632edaa59169c46685c90f04c61eb2ca5775f9c0a7beaf
975f93c89036852225cae57756ec08a8a54b479e5084889dd5b7c1c5c4ea3533
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9b4721f3373f9fc8aa8c2c4b7c068781ed70d835df99b23e4e5b2fcd959be2f4
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
ac249b48798ccead26366674370ddf4abee656db85543842fd1643b6d6bd33c0
ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68
bb46dff52a41d7c4bee3d9890eacb0ff481d10902dfc8592c38dac5cb0126fd5
c9f5dd47b5db0069121fdc563e65be4def3075c1216ed36c77d337a7b1c24307
ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff
d4ed1763d48baa2d3d9c0902fbb24715011f9f6b0c7377613a74bff9b7c7bcdf
d5bcbd5142d3688fc9ceb2b92209f9f093389b4dedff157e1c58aeb1c9e1cdec
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc8185bd841e6d0d2fe005aa849ac1a6c3f19770086582003cf2d7253098b322
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8a9b6a12cd203128f1fbde87d4fb396511cec3492ae458f654e44a97afb9d90
f9f8a2c12a04d9ac4408a2e31569abedeac96e4817b3e3b25e10a80cff9fc200