bmsg.lnk.to Open in urlscan Pro
54.74.1.102 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bmsg.lnk.to/FES22
Submission: On January 21 via api (January 21st 2023, 6:59:20 pm UTC) from NO — Scanned from NO

Summary HTTP 45 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 45 HTTP transactions. The main IP is 54.74.1.102, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is bmsg.lnk.to.
TLS certificate: Issued by Amazon on August 9th 2022. Valid for: a year.

This is the only time bmsg.lnk.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	54.74.1.102 54.74.1.102	16509 (AMAZON-02) (AMAZON-02)
8	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
7	143.204.215.12 143.204.215.12	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
1	13.32.27.104 13.32.27.104	16509 (AMAZON-02) (AMAZON-02)
10	143.204.215.39 143.204.215.39	16509 (AMAZON-02) (AMAZON-02)
3	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
6	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	142.250.74.193 142.250.74.193	15169 (GOOGLE) (GOOGLE)
2	142.250.184.225 142.250.184.225	15169 (GOOGLE) (GOOGLE)
1	142.251.208.164 142.251.208.164	15169 (GOOGLE) (GOOGLE)
45	12

4 54.74.1.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-1-102.eu-west-1.compute.amazonaws.com

bmsg.lnk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.208.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.215.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-12.fra53.r.cloudfront.net

static.assetlab.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-104.fra56.r.cloudfront.net

linkstorage.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 143.204.215.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-39.fra53.r.cloudfront.net

services.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

adservice.google.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f1.1e100.net

431df4279d68e0e8865eecfa8a3db983.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.208.164 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	linkfire.com linkstorage.linkfire.com — Cisco Umbrella Rank: 141949 services.linkfire.com — Cisco Umbrella Rank: 142454	133 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 431df4279d68e0e8865eecfa8a3db983.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 156	42 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	161 KB
7	assetlab.io static.assetlab.io — Cisco Umbrella Rank: 120169	319 KB
4	lnk.to bmsg.lnk.to	66 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
1	google.no adservice.google.no — Cisco Umbrella Rank: 87103	792 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
45	9

	Domain	Requested by
10	services.linkfire.com	bmsg.lnk.to
8	securepubads.g.doubleclick.net	bmsg.lnk.to securepubads.g.doubleclick.net
7	static.assetlab.io	bmsg.lnk.to static.assetlab.io
5	pagead2.googlesyndication.com	static.assetlab.io securepubads.g.doubleclick.net tpc.googlesyndication.com
4	bmsg.lnk.to	bmsg.lnk.to static.assetlab.io
3	fonts.gstatic.com	fonts.googleapis.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	431df4279d68e0e8865eecfa8a3db983.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.no	securepubads.g.doubleclick.net
1	linkstorage.linkfire.com	bmsg.lnk.to
1	fonts.googleapis.com	bmsg.lnk.to
45	13

This site contains links to these domains. Also see Links.

Domain
shop.mu-mo.net
ck.jp.ap.valuecommerce.com
www.amazon.co.jp
hb.afl.rakuten.co.jp
click.linksynergy.com
www.neowing.co.jp

Subject Issuer	Validity	Valid
lnk.to Amazon	`2022-08-09` - `2023-09-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
static.assetlab.io Amazon	`2022-10-20` - `2023-11-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
linkfire.com Amazon	`2022-03-29` - `2023-04-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.no GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://bmsg.lnk.to/FES22
Frame ID: 3F630F254E82FAD11AEE7E5F4855F0DC
Requests: 40 HTTP requests in this frame

Frame: https://431df4279d68e0e8865eecfa8a3db983.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0C2C7BFCC8B1C11D50E382ED050F7B57
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F9A3D7EBC543FD174685D8E7CD6A6984
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 30046CA7665E938FFEA4178283E742B4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BMSG ALLSTARS

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

45
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

12
IPs

2
Countries

772 kB
Transfer

1955 kB
Size

4
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.mu-mo.net/avx/sv/list2?jsiteid=BMSG&artist_id=BMSGX
Title: 予約/購入

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=2613586&pid=888169336&vc_url=https%3A%2F%2Ftower.jp%2Fsearch%2Fitem%2FBMSG%2520FES%25E2%2580%259922
Title: 予約/購入

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/s?rh=p_78%3AB0BMVD339T%7CB0BMVDFGMC%7CB0BMVDNX4Y%7CB0BMVDWVK6&tag=avexlinkfire-22&ie=UTF8&linkCode=as2&ascsubtag=b915ceb70ea9220a9b5a4b129e1b17aa&ref=dmm_acq_soc_no_u_lfire_lp_x_b915ceb70ea9220a9b5a4b129e1b17aa
Title: 予約/購入

Search URL Search Domain Scan URL

URL: https://hb.afl.rakuten.co.jp/hgc/0b9a19f4.68a592e3.0b9a19f5.e6eeac55/?pc=https%3A%2F%2Fbooks.rakuten.co.jp%2Fsearch%3Fsitem%3D2100013346817%2B2100013346824%2B4988064276240%2B4988064276271%26f%3DO&link_type=hybrid_url&ut=eyJwYWdlIjoidXJsIiwidHlwZSI6Imh5YnJpZF91cmwiLCJjb2wiOjF9
Title: 予約/購入

Search URL Search Domain Scan URL

URL: https://click.linksynergy.com/deeplink?id=Hu/CWxvJRoc&mid=2880&murl=https%3A%2F%2Fwww.hmv.co.jp%2Fsearch%2Fkeyword_BMSG%2BALLSTARS%2Ftarget_ALL%2Ftype_sr%2F
Title: 予約/購入

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=2613586&pid=888245251&vc_url=https%3A%2F%2F7net.omni7.jp%2Fsearch%2F%3Fkeyword%3Dbmsgallstars20230125%26searchKeywordFlg%3D1
Title: 予約/購入

Search URL Search Domain Scan URL

URL: https://shop.mu-mo.net/avx/sv/list1?artist_id=BMSGX
Title: 予約/購入

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=2613586&pid=888245256&vc_url=https%3A%2F%2Fshop.tsutaya.co.jp%2Fsearch_result%3FecCategory%3D00%26searchType%3D1%26pSCS%3D%25E3%2581%2599%25E3%2581%25B9%25E3%2581%25A6%25E3%2581%25AE%25E5%2595%2586%25E5%2593%2581%26searchKeyword%3DBMSG%2BFES%252722%26x%3D0%26y%3D0
Title: 予約/購入

Search URL Search Domain Scan URL

URL: https://hb.afl.rakuten.co.jp/hgc/0b440238.05e64ad8.0b51b7b5.3afc07cd/?pc=https%3A%2F%2Fsearch.rakuten.co.jp%2Fsearch%2Fmall%2FBMSG%2BFES%2722%2F%3Fsid%3D297729&link_type=hybrid_url&ut=eyJwYWdlIjoidXJsIiwidHlwZSI6Imh5YnJpZF91cmwiLCJjb2wiOjF9
Title: 予約/購入

Search URL Search Domain Scan URL

URL: https://www.neowing.co.jp/aff/click.cgi/PytJTGW7Lok/2179/A808877/searchuni?q=BMSG+FES%2722
Title: 予約/購入

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request FES22 Show response
bmsg.lnk.to/ 65 KB
66 KB 403ms
241ms Document
text/html 54.74.1.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.1.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-1-102.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e61a39a0c2d2598ad8610b7889b1322c6d274671ca9c318e0da5ed1828744070

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 21 Jan 2023 18:59:13 GMT
server: nginx
x-redirector-version: redirector-v3

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 618ms
131ms Script
text/javascript 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

sffe /

Resource Hash

ada201f9b15ca24beae76da643ccdd8c41c1b2eb4469f0475722a316c0af9f87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 18:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27724
x-xss-protection: 0
server: sffe
etag: "1459 / 641 of 1000 / last-modified: 1674256154"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 21 Jan 2023 18:59:14 GMT

GET
H2 200 release-classic.css
static.assetlab.io/red3/510/ 73 KB
12 KB 232ms
72ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/510/release-classic.css
Requested by: Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-12.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e2732f469adbdf4b548253219f785c7bd7450bdf2ded4e8f8a0afa6b0053d82

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: tlqtEviNwXBbh10Wih09FmrJtlrzAHOH
content-encoding: gzip
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
date: Sat, 21 Jan 2023 16:21:43 GMT
last-modified: Thu, 19 Jan 2023 16:03:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 9453
x-amz-server-side-encryption: AES256
etag: W/"25562c353e639c3e4e84b404d80e7b61"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: dNHR-wrkaDuw2DO4LQSwopCsdGiJ7u0BzJQAX5EbCgHrAqhjD0A_JQ==

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 552ms
88ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 21 Jan 2023 18:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 Jan 2023 18:03:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Jan 2023 18:59:14 GMT

GET
H2 200 release-classic-nosample.js Show response
static.assetlab.io/red3/510/ 441 KB
134 KB 232ms
74ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/510/release-classic-nosample.js
Requested by: Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-12.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 402aa9f507e771bccaaac4d2aba849aa38af1ab43c094a0dfd9a01a480475536

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: nJJncOMn9atG8b5JKWo2ZTSKehCNH6cN
content-encoding: gzip
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
date: Sat, 21 Jan 2023 16:23:12 GMT
last-modified: Thu, 19 Jan 2023 16:03:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 11570
x-amz-server-side-encryption: AES256
etag: W/"84795aa8b6a499482c29d98ee0de053d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: VDEsxtdwXhJiJK8GAzQUQhBYZEZHZmWpQnYht3rfQwBCrDl1utsVHw==

GET
H2 200 artwork-440x440.jpg
linkstorage.linkfire.com/medialinks/images/b6cad219-ab2c-4087-b3b8-ec7e5ff147a1/ 97 KB
97 KB 692ms
533ms Image
image/jpeg 13.32.27.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linkstorage.linkfire.com/medialinks/images/b6cad219-ab2c-4087-b3b8-ec7e5ff147a1/artwork-440x440.jpg

Requested by

Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-104.fra56.r.cloudfront.net

Software

The Great Gig In The Sky / Master of Puppets

Resource Hash

4d28502d6e04fb32f9b3af20b3fc1e56ab4344a3698f5a6aa526ddc501960e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 18:59:15 GMT
strict-transport-security: max-age=10368000; includeSubdomains; preload
x-content-type-options: nosniff
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-powered-by: Master of Puppets
x-cache: Miss from cloudfront
content-length: 98960
x-xss-protection: 1; mode=block
x-linkfire-security: security@linkfire.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 19 Nov 2022 03:39:44 GMT
server: The Great Gig In The Sky
etag: "16f3351c395d1da03d7d5cd2f7e56ff4"
expect-ct: max-age=0
x-frame-options: DENY
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: claWLU5gGJnJ9HN6o7_-mjQzJJP53iydEdnRo-03F-KEYnAAhbjrxA==

GET
H2 200 logo_bmsgmusicshop_onlight.svg
services.linkfire.com/ 8 KB
3 KB 535ms
88ms Image
image/svg+xml 143.204.215.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_bmsgmusicshop_onlight.svg
Requested by: Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-39.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7fc7fe227db0a0cdb745dac1ca72d84d3246d78b6a97e91d8088e664e34dbe8e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 05:37:54 GMT
x-amz-version-id: kPNl3DXRqVfWBVkYC9L0t2aQ7LoPhDhF
content-encoding: gzip
last-modified: Tue, 07 Jun 2022 11:47:29 GMT
server: AmazonS3
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"257cf3730cad0002a58a18a19e588c7f"
age: 48081
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: DsCHaTCxh5FNyUiHhW3jlgaNEWqcis7oLFeEeBSI8WuS1icgokhwMQ==

GET
H2 200 logo_towerrecordsonline_onlight.svg
services.linkfire.com/ 7 KB
3 KB 528ms
81ms Image
image/svg+xml 143.204.215.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_towerrecordsonline_onlight.svg
Requested by: Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-39.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 486fd35989a1d0e2465b622cdf24d2c1f2909625881913348b760d9cd65a8cf9

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 01:55:12 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 01 Feb 2017 13:25:43 GMT
server: AmazonS3
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"5d27c6223ba309ad71d60b6ea716fca7"
age: 61443
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: US99xf7OLhXkqOGTzV47lTJ_IT8yTSQz9_8_XvIrmCfWqeOCZK_VVg==

GET
H2 200 logo_amazon-general_onlight.svg
services.linkfire.com/ 8 KB
4 KB 523ms
77ms Image
image/svg+xml 143.204.215.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_amazon-general_onlight.svg
Requested by: Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-39.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9d31b3123913973aaf6e352cc099293917f018faa305ac8482a4186a28745ee

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: bdKCGRqdPxmMne9dPtGTwMaPMDObHylG
content-encoding: gzip
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
date: Tue, 17 Jan 2023 05:28:08 GMT
last-modified: Wed, 01 Dec 2021 10:38:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 394267
etag: W/"fb56ebf1fde9903783fc2e1ab3098a62"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 1LyPC_kQJLTIa8MJ4QjV3mBvMUqOJ9gWIOpfrYZJJxNXft4CUSE5wg==

GET
H2 200 logo_rakutenbooksjapan_onlight.svg
services.linkfire.com/ 7 KB
3 KB 528ms
83ms Image
image/svg+xml 143.204.215.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_rakutenbooksjapan_onlight.svg
Requested by: Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-39.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89125a2d9448bca2e6eddaf0d121fe47af16bcd72f5f76ccb25c62f3f252c9d4

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 05:03:04 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 26 Oct 2018 12:06:39 GMT
server: AmazonS3
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"4171df31e92c3aa625416afa604662f0"
age: 222971
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: dF9uZ-WXdnBRY8cEdSkJ2q1GGbf_u0fD7NDgpjABDwV0yx5wPO1Txw==

GET
H2 200 logo_hmvjapan_onlight.svg
services.linkfire.com/ 7 KB
3 KB 595ms
151ms Image
image/svg+xml 143.204.215.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_hmvjapan_onlight.svg
Requested by: Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-39.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29b18c50769447200888e7f20998fd3d9a0b925f80c9e477b01cc78987457d8d

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
date: Sat, 21 Jan 2023 18:59:14 GMT
last-modified: Fri, 16 Mar 2018 15:05:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 17103
etag: W/"90a7d8cfb4d5424094cb579a0068d7f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: KrXlKS4U60c4zBtoFgROaZnRCvA_ielCubhwm2CSgsYYlHSRh5_IzQ==

GET
H2 200 logo_7net_onlight.svg
services.linkfire.com/ 15 KB
5 KB 591ms
147ms Image
image/svg+xml 143.204.215.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_7net_onlight.svg
Requested by: Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-39.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55484dd236083e8b65a79b8593642af47032857eccf94c8da56c8817c61b43e3

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
date: Sat, 21 Jan 2023 01:16:50 GMT
last-modified: Tue, 13 Jun 2017 10:14:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 63745
etag: W/"023acbb7728f44e8a0baa4a9ade3b583"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: xRcecyiLlBPougaoBpnhzsgNXLtFWlvvOVDwTQvBMSXnzIPhjw7Kfg==

GET
H2 200 logo_mumo_onlight.svg
services.linkfire.com/ 5 KB
2 KB 476ms
69ms Image
image/svg+xml 143.204.215.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_mumo_onlight.svg
Requested by: Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-39.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d5acd6559a99b67d5677db1ba3600a6fc33f80d46feb061270cf577c21598a9

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 01:32:45 GMT
x-amz-version-id: BkrBOt7WWn18Y8dlwKwUNjWoj3637ZCt
content-encoding: gzip
last-modified: Wed, 02 Dec 2020 14:39:06 GMT
server: AmazonS3
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"6279f7d726a95672231af2421f962b49"
age: 62790
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: K61p2_N34OlxSPRdyx6e2EQqS945A9Tu_3mZ5fgai-5wcYeo31qLsw==

GET
H2 200 logo_tsutaya_onlight.svg
services.linkfire.com/ 18 KB
7 KB 481ms
74ms Image
image/svg+xml 143.204.215.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_tsutaya_onlight.svg
Requested by: Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-39.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: abd50bcf4899236dabf20665d4ded6744c699652a52e8f3b06afec6c308b1c1b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
date: Fri, 20 Jan 2023 02:12:23 GMT
last-modified: Thu, 01 Dec 2016 09:14:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 146812
etag: W/"aae0841c2b1cf3476f0ca5764ca9b059"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: BOroYr2zQvLTRGmOGz39eF1YbmrRPDph4dMwxpsE1pAJVnLs2bs0Dg==

GET
H2 200 logo_shinseido-wondergoo_onlight.svg
services.linkfire.com/ 7 KB
3 KB 491ms
85ms Image
image/svg+xml 143.204.215.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_shinseido-wondergoo_onlight.svg
Requested by: Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-39.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ed20ac2663fb44e635826bf26ee3956ae5b6920681ac9332abeb2becfbb8867

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 19:04:03 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 24 Apr 2019 09:38:05 GMT
server: AmazonS3
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"d7f29f8fb20dbf4cf5c434748d768537"
age: 518112
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: dpirq70wgIqnYZ9m6dT0gotOQqTJK9GaSzhiyWGNz0oNgQ00kbDYzA==

GET
H2 200 logo_neowing_onlight.svg
services.linkfire.com/ 3 KB
2 KB 486ms
79ms Image
image/svg+xml 143.204.215.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_neowing_onlight.svg
Requested by: Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-39.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88648a8647807174d45254229048b545aed65c06cc2c85613caca163b2b64b74

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 01:21:34 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 25 Apr 2018 10:54:49 GMT
server: AmazonS3
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"5f230aaeb6b0ace87943b006b3ed150b"
age: 63461
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: B5LTTUqIJvB2vu8Vqp0QYsyWUWzz6GNbOpVRoN0NhDdb67xBFduGmw==

GET
H2 200 skin.js Show response
static.assetlab.io/red3/510/ 508 KB
149 KB 73ms
72ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/510/skin.js
Requested by: Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-12.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: affebd08f7dbc00a6e87d997884d95f56498f94d30e8aa09a6cbcc5e16ad14a8

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: dJmCEjNZlQ0AVpX5cHLQ7rGXcYhIV2RA
content-encoding: gzip
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
date: Sat, 21 Jan 2023 16:21:55 GMT
last-modified: Thu, 19 Jan 2023 16:03:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 14241
x-amz-server-side-encryption: AES256
etag: W/"1b3357be526687123e85fcee787e2bf6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: zLtux6njK0QQM4D9egKWiZCRl0EecH1BTeV7OyXJ-dXCCjubbrNHlQ==

GET
H2 200 consent.js Show response
static.assetlab.io/consent/1.5.15/ 53 KB
17 KB 109ms
107ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.5.15/consent.js
Requested by: Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-12.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e7b29707ddd9bf0b1604fcbc8d6f4741d886de7361a9cba0cd0d1b38860af1d1

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: G2bubUOnP1lz17CgMSXE1IK5HdcOok6P
content-encoding: gzip
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
date: Sat, 21 Jan 2023 05:29:08 GMT
last-modified: Wed, 22 Jun 2022 14:15:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 48670
x-amz-server-side-encryption: AES256
etag: W/"f71041de856bdbd4558fdaa65aeaf30d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ndETwUZR0votRLmtDV-l2_MoRGYI8I9rZj9TyC2ZuVBb15d4bXoh7w==

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 536ms
77ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bmsg.lnk.to
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 09:07:05 GMT
x-content-type-options: nosniff
age: 35529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 09:07:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 545ms
96ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bmsg.lnk.to
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 19:42:15 GMT
x-content-type-options: nosniff
age: 170219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 19:42:15 GMT

POST
H2 200 / Show response
bmsg.lnk.to/~/tr/pageview/ 70 B
186 B 121ms
120ms XHR
application/json 54.74.1.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bmsg.lnk.to/~/tr/pageview/
Requested by: Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.1.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-1-102.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7e1634601bba38faccfca204355848d675d2e8783e2fea1f0bbb9fc2abf7d6f7

Request headers

Referer: https://bmsg.lnk.to/FES22
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 21 Jan 2023 18:59:14 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

GET
H2 200 pubads_impl_2023011701.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 79ms
79ms Script
text/javascript 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

sffe /

Resource Hash

f1187aaf2d088463fbbbaa64b5f8c3f981297c56c8ce9058084542ae4a3dc62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 21:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133140
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 09:35:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 17 Jan 2024 21:27:48 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 89 B
709 B 595ms
112ms XHR
application/json 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bmsg.lnk.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

cafe /

Resource Hash

f57ef076e9deaf508c8e041fb3e8bfd4e2cf30f6136cf0d6dd4e25f4f5fcb091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 18:59:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74
x-xss-protection: 0
expires: Sat, 21 Jan 2023 18:59:14 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 617ms
163ms Fetch
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/red3/510/release-classic-nosample.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 18:59:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49619
x-xss-protection: 0
server: cafe
etag: 6169275986013265450
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 18:59:14 GMT

GET
H2 200 consent.css
static.assetlab.io/consent/1.5.15/ 23 KB
4 KB 60ms
60ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.5.15/consent.css
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.5.15/consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-12.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52da3158656fa25f0cf23f4c607cec939b53480478e9f72dbc79c98aeeae664d

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: ZztqAdLKuuTcx96RVIbPdB_CAI0ozWZx
content-encoding: gzip
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
date: Sat, 21 Jan 2023 14:23:24 GMT
last-modified: Wed, 22 Jun 2022 14:15:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 16577
x-amz-server-side-encryption: AES256
etag: W/"df42cc979f3e0534af60d4cf312c4ff1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: 8fDsD8e5GKBgHUAJnkNxGpm7NA7sku4vibwneqADAEvjnB16VmH9Gw==

POST
H2 200 / Show response
bmsg.lnk.to/~/tr/consent/ 70 B
186 B 112ms
112ms XHR
application/json 54.74.1.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bmsg.lnk.to/~/tr/consent/
Requested by: Host: bmsg.lnk.to
URL: https://bmsg.lnk.to/FES22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.1.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-1-102.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7e1634601bba38faccfca204355848d675d2e8783e2fea1f0bbb9fc2abf7d6f7

Request headers

Referer: https://bmsg.lnk.to/FES22
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 21 Jan 2023 18:59:14 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

GET
H2 200 ic-shield-blue.svg
static.assetlab.io/consent/1.5.15/assets/ 1 KB
1 KB 65ms
65ms Image
image/svg+xml 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/consent/1.5.15/assets/ic-shield-blue.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.5.15/consent.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-12.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://static.assetlab.io/consent/1.5.15/consent.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: GexGEXWrKbErY7uVJiOBePDhbEsoNeWq
content-encoding: gzip
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
date: Sat, 21 Jan 2023 01:50:43 GMT
last-modified: Wed, 22 Jun 2022 14:15:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 62121
x-amz-server-side-encryption: AES256
etag: W/"560dd3386ebf80f78c934aeff4a6a82c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: C8pyZBh7aFae2zS8M_oUYwmThG8zT6nXr2S3XXuz6J4a-Vc2WU_keA==

GET
H2 200 ic-close-s.svg
static.assetlab.io/consent/1.5.15/assets/ 351 B
757 B 66ms
65ms Image
image/svg+xml 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/consent/1.5.15/assets/ic-close-s.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.5.15/consent.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-12.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://static.assetlab.io/consent/1.5.15/consent.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: u1ZeqXODDID7yOlAp1Ue7kMFg5Oq11V1
date: Sat, 21 Jan 2023 05:29:11 GMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 14:15:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 48669
x-amz-server-side-encryption: AES256
etag: "d303b6c7d844d91101e1e4c63156cfec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 351
x-amz-cf-id: yCKuvy1EijM3G5ywbiAaB5-BHXSSuV2Jxlhw-SgQ_mgr200gdrD43w==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 275ms
160ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bmsg.lnk.to
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 16:44:52 GMT
x-content-type-options: nosniff
age: 440062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 16:44:52 GMT

GET
H2 200 integrator.js Show response
adservice.google.no/adsid/ 107 B
792 B 554ms
85ms Script
application/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.no/adsid/integrator.js?domain=bmsg.lnk.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 18:59:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 556ms
81ms Script
application/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bmsg.lnk.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 18:59:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 659 B
511 B 142ms
141ms XHR
text/plain 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4392479812470727&correlator=1049410825594393&eid=31071687&output=ldjh&gdfp_req=1&vrg=2023011701&ptt=17&impl=fif&iu_parts=22051246401%2CHeader_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2736067097&sfv=1-0-40&cust_params=explicit%3Dno%26artist%3Dbmsg%2520allstars%26linkid%3D707ecc68-14fa-4f2d-869f-4964ddfba6c1%26boardid%3D77a45c5d-4261-43bc-bf84-a6e338ab313c%26toplevelboardid%3Df77c5cf3-fdcf-4347-8a8f-4c9443f3842c%26organizationid%3Df77c5cf3-fdcf-4347-8a8f-4c9443f3842c%26countrycode%3DNO%26city%3DUnknown%26days%3Dna%26planid%3Df9fec88b-1941-4564-8960-7e4a8ced56d2&sc=1&cookie_enabled=1&abxe=1&dt=1674327555000&lmt=1674327555&dlt=1674327553615&idt=1006&adxs=0&adys=-160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbmsg.lnk.to%2FFES22&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&ga_vid=252015310.1674327555&ga_sid=1674327555&ga_hid=627515635&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

cafe /

Resource Hash

985db39ae7b0f8e48242c0e59ae347b51c6835c50eb7bc3360d42372553253c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 18:59:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 333
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bmsg.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 521 B
443 B 136ms
135ms XHR
text/plain 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4392479812470727&correlator=1049410825594393&eid=31071687&output=ldjh&gdfp_req=1&vrg=2023011701&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-Click_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=1338496054&sfv=1-0-40&ists=1&cust_params=explicit%3Dno%26artist%3Dbmsg%2520allstars%26linkid%3D707ecc68-14fa-4f2d-869f-4964ddfba6c1%26boardid%3D77a45c5d-4261-43bc-bf84-a6e338ab313c%26toplevelboardid%3Df77c5cf3-fdcf-4347-8a8f-4c9443f3842c%26organizationid%3Df77c5cf3-fdcf-4347-8a8f-4c9443f3842c%26countrycode%3DNO%26city%3DUnknown%26days%3Dna%26planid%3Df9fec88b-1941-4564-8960-7e4a8ced56d2&sc=1&cookie_enabled=1&abxe=1&dt=1674327555007&lmt=1674327555&dlt=1674327553615&idt=1006&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbmsg.lnk.to%2FFES22&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=252015310.1674327555&ga_sid=1674327555&ga_hid=627515635&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

cafe /

Resource Hash

a1d13e102dcb3593efdfa42b64131903490d9222ef9b5abdd62b75bd0e1bf40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 18:59:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 265
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bmsg.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 545 B
782 B 131ms
130ms XHR
text/plain 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4392479812470727&correlator=1049410825594393&eid=31071687&output=ldjh&gdfp_req=1&vrg=2023011701&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-amazon-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&adks=1902184223&sfv=1-0-40&ists=1&cust_params=explicit%3Dno%26artist%3Dbmsg%2520allstars%26linkid%3D707ecc68-14fa-4f2d-869f-4964ddfba6c1%26boardid%3D77a45c5d-4261-43bc-bf84-a6e338ab313c%26toplevelboardid%3Df77c5cf3-fdcf-4347-8a8f-4c9443f3842c%26organizationid%3Df77c5cf3-fdcf-4347-8a8f-4c9443f3842c%26countrycode%3DNO%26city%3DUnknown%26days%3Dna%26planid%3Df9fec88b-1941-4564-8960-7e4a8ced56d2&sc=1&cookie_enabled=1&abxe=1&dt=1674327555011&lmt=1674327555&dlt=1674327553615&idt=1006&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbmsg.lnk.to%2FFES22&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=252015310.1674327555&ga_sid=1674327555&ga_hid=627515635&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

cafe /

Resource Hash

c04634b0c6b751e1778c910ce774704d200eb30d1475697e37c33d4b3e1ffd64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 18:59:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bmsg.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 529 B
447 B 133ms
133ms XHR
text/plain 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4392479812470727&correlator=1049410825594393&eid=31071687&output=ldjh&gdfp_req=1&vrg=2023011701&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-spotify-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&adks=4288002596&sfv=1-0-40&ists=1&cust_params=explicit%3Dno%26artist%3Dbmsg%2520allstars%26linkid%3D707ecc68-14fa-4f2d-869f-4964ddfba6c1%26boardid%3D77a45c5d-4261-43bc-bf84-a6e338ab313c%26toplevelboardid%3Df77c5cf3-fdcf-4347-8a8f-4c9443f3842c%26organizationid%3Df77c5cf3-fdcf-4347-8a8f-4c9443f3842c%26countrycode%3DNO%26city%3DUnknown%26days%3Dna%26planid%3Df9fec88b-1941-4564-8960-7e4a8ced56d2&sc=1&cookie_enabled=1&abxe=1&dt=1674327555014&lmt=1674327555&dlt=1674327553615&idt=1006&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbmsg.lnk.to%2FFES22&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=252015310.1674327555&ga_sid=1674327555&ga_hid=627515635&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

cafe /

Resource Hash

fd2e538317c7800cad4bca023cb77058786ddbb3c119114f3a1a66e17dd1189b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 18:59:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 269
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bmsg.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 521 B
438 B 153ms
153ms XHR
text/plain 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4392479812470727&correlator=1049410825594393&eid=31071687&output=ldjh&gdfp_req=1&vrg=2023011701&ptt=17&impl=fif&iu_parts=22051246401%2CFooter_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x100%7C300x250%7C320x50%7C320x100%7C320x120&ifi=5&adks=309253681&sfv=1-0-40&cust_params=explicit%3Dno%26artist%3Dbmsg%2520allstars%26linkid%3D707ecc68-14fa-4f2d-869f-4964ddfba6c1%26boardid%3D77a45c5d-4261-43bc-bf84-a6e338ab313c%26toplevelboardid%3Df77c5cf3-fdcf-4347-8a8f-4c9443f3842c%26organizationid%3Df77c5cf3-fdcf-4347-8a8f-4c9443f3842c%26countrycode%3DNO%26city%3DUnknown%26days%3Dna%26planid%3Df9fec88b-1941-4564-8960-7e4a8ced56d2&sc=1&cookie_enabled=1&abxe=1&dt=1674327555016&lmt=1674327555&dlt=1674327553615&idt=1006&adxs=640&adys=1155&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbmsg.lnk.to%2FFES22&frm=20&vis=1&psz=320x0&msz=320x0&fws=4&ohw=1600&ga_vid=252015310.1674327555&ga_sid=1674327555&ga_hid=627515635&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

cafe /

Resource Hash

5699adbd1bf2b7df488b9d86e91b9920253e09b246d83ac687713fc811a4bd66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 18:59:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 261
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bmsg.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
431df4279d68e0e8865eecfa8a3db983.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0C2C 6 KB
3 KB 584ms
83ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://431df4279d68e0e8865eecfa8a3db983.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bmsg.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 18:59:15 GMT
expires: Sun, 21 Jan 2024 18:59:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 interact Show response
bmsg.lnk.to/~/tr/ 70 B
186 B 121ms
121ms Fetch
application/json 54.74.1.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bmsg.lnk.to/~/tr/interact
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/red3/510/release-classic-nosample.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.1.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-1-102.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7e1634601bba38faccfca204355848d675d2e8783e2fea1f0bbb9fc2abf7d6f7

Request headers

Referer: https://bmsg.lnk.to/FES22
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 21 Jan 2023 18:59:15 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 129ms
128ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

f66904e15de29dd0333c3ce99d2eb03b94489f8d1b7e6dd06e40d825e5458216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 18:59:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11103
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 1491ms
1023ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 18:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 21 Jan 2023 18:59:17 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F9A3 13 KB
5 KB 74ms
73ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bmsg.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
age: 4867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 17:38:10 GMT
expires: Sun, 21 Jan 2024 17:38:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3004 783 B
1 KB 613ms
109ms Document
text/html 142.251.208.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f4.1e100.net

Software

GSE /

Resource Hash

3f66ae1f9fdcd96509fdb0466468d918ad1d4f984d9ad01afc2d41f5c9f0aa36

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lHKlVQQ1V9_OXT0Xq_RP0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bmsg.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-lHKlVQQ1V9_OXT0Xq_RP0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 18:59:17 GMT
expires: Sat, 21 Jan 2023 18:59:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame F9A3 36 KB
16 KB 541ms
77ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 15:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 15:43:39 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3004 0
0 175ms
175ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011701&jk=4392479812470727&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 187ms
185ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011701&jk=4392479812470727&bg=!R0SlRADNAAYDMoyoIzI7ACkAdvg8Wg3nwE-zG8zgxIv8G0FgTZcgJ7a8ufRadJAd71fCPb_INn_p9AIAAABIUgAAAAloAQeZAqRxL9VMfnWm_u6_s-9tgCW52uLqZ4qAPVKNj-1fZkFnPT9qGY-oWWH6zs-1f8IAnW4ccMEm2m7vM6WOrmen9LrNvRItP4fMvFgBQz9ETDv1hF3uslTOKbxxwn-RNn7zEh7jJfYjFsXp_fEmAEQB3svb2IUycccSEAk3epLLRaIWAhR6Oh__FRkSx23BneSxHWsmgj8-HuozaVVcSuquhR4IHoH0Bf-pD5nP-qcNJaxep1p5WV-zcrvIFaoBC9-AjOOwzJyufsjDWsq8RhEI-WOH789qr482RYZ1GxmXpyEldhwopXCgesTT-g9sul5LVBq8wDTrTdFwEl8LVqWfev64Hu9VGoWobuUEOGam75zKbwiW2oAi5f91dBVrP_vbkF-rF6nkyqDZ8jN0tpzvpEWI51P-A_DqrUXX2DqVw7BzsnOvMPGstkPZw6_4eBIGx7xUWC8wXexzwuzncvUYdlZs7ND3RUy5Gx0tOJj3KyaapIIpZCWkj8sxGiw9VW6k0GNddiLbTWpwZM1aXXQ53BngW2623Hqbt5w_ms7C5tZxfhnUHbIwDkzr4VjpShZqjJ0ZhanWrf6UVwtpOU4RD-3hCkh5cG-vYWstlbB33pzkSIC5Zng_S8n9-1E8L9SF48z6xHrkvEf8rtqd8-Kcv22d8KLxlgD7ywbua3hhKss7lWiOuwh0ZjgPy_S-baEIKVlftDx2o9DHoIUwi3VQeVNo1NWm5RNCglL-9J5MYkQe6XcTU-gx1t1kCDUr-Inet4yd3k1P_S8ZuKgBoPBZd0FRNJEQUMAHZKR80JefTTfAOzyPwadscVGKleLMptxf_qUpUmJA8ObmXXkaJjM8Fv8LY85PV2L0NflTcLQwP4KV--yQ200MdUqVvafviHg986k2Ikxy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://bmsg.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lnk.to/	1970-01-20 09:05:28	Name: LF_session_3ef7dc2ab13949dfa9cab171be7459c6 Value: 1
.doubleclick.net/	1970-01-20 09:05:28	Name: test_cookie Value: CheckForPermission
.lnk.to/	1970-01-20 18:27:03	Name: __gads Value: ID=aac584252f80e31d:T=1674327555:S=ALNI_MY_BiyuClh827kv4dgxWRQqQ7OSFw
.lnk.to/	1970-01-20 18:27:03	Name: __gpi Value: UID=00000bc8e6cd7dc8:T=1674327555:RT=1674327555:S=ALNI_MYhqYND5G15kh3Ku1W9XGVQSVaM9A

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

431df4279d68e0e8865eecfa8a3db983.safeframe.googlesyndication.com
adservice.google.com
adservice.google.no
bmsg.lnk.to
fonts.googleapis.com
fonts.gstatic.com
linkstorage.linkfire.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
services.linkfire.com
static.assetlab.io
tpc.googlesyndication.com
www.google.com
13.32.27.104
142.250.184.225
142.250.185.106
142.250.185.162
142.250.186.162
142.250.74.193
142.251.208.164
142.251.208.98
143.204.215.12
143.204.215.39
172.217.18.3
54.74.1.102
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
29b18c50769447200888e7f20998fd3d9a0b925f80c9e477b01cc78987457d8d
3f66ae1f9fdcd96509fdb0466468d918ad1d4f984d9ad01afc2d41f5c9f0aa36
402aa9f507e771bccaaac4d2aba849aa38af1ab43c094a0dfd9a01a480475536
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
486fd35989a1d0e2465b622cdf24d2c1f2909625881913348b760d9cd65a8cf9
4d28502d6e04fb32f9b3af20b3fc1e56ab4344a3698f5a6aa526ddc501960e00
52da3158656fa25f0cf23f4c607cec939b53480478e9f72dbc79c98aeeae664d
55484dd236083e8b65a79b8593642af47032857eccf94c8da56c8817c61b43e3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5699adbd1bf2b7df488b9d86e91b9920253e09b246d83ac687713fc811a4bd66
5ed20ac2663fb44e635826bf26ee3956ae5b6920681ac9332abeb2becfbb8867
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6d5acd6559a99b67d5677db1ba3600a6fc33f80d46feb061270cf577c21598a9
6e2732f469adbdf4b548253219f785c7bd7450bdf2ded4e8f8a0afa6b0053d82
7e1634601bba38faccfca204355848d675d2e8783e2fea1f0bbb9fc2abf7d6f7
7fc7fe227db0a0cdb745dac1ca72d84d3246d78b6a97e91d8088e664e34dbe8e
88648a8647807174d45254229048b545aed65c06cc2c85613caca163b2b64b74
89125a2d9448bca2e6eddaf0d121fe47af16bcd72f5f76ccb25c62f3f252c9d4
985db39ae7b0f8e48242c0e59ae347b51c6835c50eb7bc3360d42372553253c2
a1d13e102dcb3593efdfa42b64131903490d9222ef9b5abdd62b75bd0e1bf40f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
abd50bcf4899236dabf20665d4ded6744c699652a52e8f3b06afec6c308b1c1b
ada201f9b15ca24beae76da643ccdd8c41c1b2eb4469f0475722a316c0af9f87
ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d
affebd08f7dbc00a6e87d997884d95f56498f94d30e8aa09a6cbcc5e16ad14a8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68
c04634b0c6b751e1778c910ce774704d200eb30d1475697e37c33d4b3e1ffd64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61a39a0c2d2598ad8610b7889b1322c6d274671ca9c318e0da5ed1828744070
e7b29707ddd9bf0b1604fcbc8d6f4741d886de7361a9cba0cd0d1b38860af1d1
e9d31b3123913973aaf6e352cc099293917f018faa305ac8482a4186a28745ee
f1187aaf2d088463fbbbaa64b5f8c3f981297c56c8ce9058084542ae4a3dc62c
f57ef076e9deaf508c8e041fb3e8bfd4e2cf30f6136cf0d6dd4e25f4f5fcb091
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f66904e15de29dd0333c3ce99d2eb03b94489f8d1b7e6dd06e40d825e5458216
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd2e538317c7800cad4bca023cb77058786ddbb3c119114f3a1a66e17dd1189b

bmsg.lnk.to Open in urlscan Pro 54.74.1.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

0 %IPv6

9 Domains

13 Subdomains

12 IPs

2 Countries

772 kBTransfer

1955 kBSize

4 Cookies

10 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bmsg.lnk.to Open in urlscan Pro
54.74.1.102 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

12
IPs

2
Countries

772 kB
Transfer

1955 kB
Size

4
Cookies

45 HTTP transactions
0 data transactions