jaestephens.lnk.to Open in urlscan Pro
34.226.66.151 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://us.umusic-online.com/c/AQjpkg4QmI8iGKW5_GAgh9PoCO3Go5tvuMEBNkGULv-jjF4VoCVk4jxpVceqlzBsq8vr
Effective URL:
https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Ja...
Submission: On August 09 via api (August 9th 2024, 7:03:54 pm UTC) from BE — Scanned from CA

Summary HTTP 159 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 37 IPs in 3 countries across 36 domains to perform 159 HTTP transactions. The main IP is 34.226.66.151, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is jaestephens.lnk.to.
TLS certificate: Issued by Amazon RSA 2048 M03 on September 15th 2023. Valid for: a year.

This is the only time jaestephens.lnk.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.66.0.126 172.66.0.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.226.66.151 34.226.66.151	14618 (AMAZON-AES) (AMAZON-AES)
10	173.194.205.157 173.194.205.157	15169 (GOOGLE) (GOOGLE)
9	52.85.151.104 52.85.151.104	16509 (AMAZON-02) (AMAZON-02)
1	108.138.64.106 108.138.64.106	16509 (AMAZON-02) (AMAZON-02)
7	18.67.76.13 18.67.76.13	16509 (AMAZON-02) (AMAZON-02)
2	18.160.10.79 18.160.10.79	16509 (AMAZON-02) (AMAZON-02)
2 4	18.165.83.104 18.165.83.104	16509 (AMAZON-02) (AMAZON-02)
2	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
1	3.163.245.4 3.163.245.4	16509 (AMAZON-02) (AMAZON-02)
5	173.194.175.97 173.194.175.97	15169 (GOOGLE) (GOOGLE)
1	13.249.39.122 13.249.39.122	16509 (AMAZON-02) (AMAZON-02)
3	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
1	173.194.204.157 173.194.204.157	15169 (GOOGLE) (GOOGLE)
1 1	192.229.163.25 192.229.163.25	15133 (EDGECAST) (EDGECAST)
5	172.67.23.234 172.67.23.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	104.26.2.22 104.26.2.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	209.85.201.132 209.85.201.132	15169 (GOOGLE) (GOOGLE)
19	23.205.107.73 23.205.107.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
4	44.209.241.117 44.209.241.117	14618 (AMAZON-AES) (AMAZON-AES)
6	173.194.175.156 173.194.175.156	15169 (GOOGLE) (GOOGLE)
2	104.22.53.173 104.22.53.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.22.5.69 104.22.5.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 13	44.236.255.143 44.236.255.143	16509 (AMAZON-02) (AMAZON-02)
2 2	68.67.160.137 68.67.160.137	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.146.5 69.173.146.5	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	173.194.175.155 173.194.175.155	15169 (GOOGLE) (GOOGLE)
1 1	69.166.1.35 69.166.1.35	27630 (AS-XFERNET) (AS-XFERNET)
2 2	34.200.107.235 34.200.107.235	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	72.21.81.130 72.21.81.130	15133 (EDGECAST) (EDGECAST)
2	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
5	173.194.66.100 173.194.66.100	15169 (GOOGLE) (GOOGLE)
1 7	172.217.197.106 172.217.197.106	15169 (GOOGLE) (GOOGLE)
1 1	69.194.242.12 69.194.242.12	26120 (RHYTHMONE) (RHYTHMONE)
1	69.194.240.13 69.194.240.13	26120 (RHYTHMONE) (RHYTHMONE)
1 1	172.240.155.108 172.240.155.108	7979 (SERVERS-COM) (SERVERS-COM)
1	51.222.239.230 51.222.239.230	16276 (OVH) (OVH)
2	104.22.4.69 104.22.4.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	64.233.180.94 64.233.180.94	15169 (GOOGLE) (GOOGLE)
12	157.240.229.35 157.240.229.35	32934 (FACEBOOK) (FACEBOOK)
1	173.194.68.154 173.194.68.154	15169 (GOOGLE) (GOOGLE)
2	173.194.207.132 173.194.207.132	15169 (GOOGLE) (GOOGLE)
159	37

1 172.66.0.126 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

us.umusic-online.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.226.66.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-66-151.compute-1.amazonaws.com

jaestephens.lnk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 173.194.205.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f157.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.85.151.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-104.iad89.r.cloudfront.net

static.assetlab.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.64.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-64-106.iad12.r.cloudfront.net

linkstorage.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.67.76.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-13.iad89.r.cloudfront.net

services.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.160.10.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-79.iad12.r.cloudfront.net

cdn.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.165.83.104 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-104.iad55.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.245.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 173.194.175.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.39.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-122.iad89.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.204.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f157.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.163.25 (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.23.234 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.26.2.22 (None, )

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.201.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f132.1e100.net

8f7eeaedaa6b154ae300f809be90907f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 23.205.107.73 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-107-73.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.209.241.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-241-117.compute-1.amazonaws.com

us01.records.in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 173.194.175.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.53.173 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.5.69 (None, )

ASN13335 (CLOUDFLARENET, US)

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 44.236.255.143 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-255-143.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.137 (Colonia, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.83 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.146.5 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.175.155 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: qs-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.35 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.107.235 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-107-235.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.81.130 (United States)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 173.194.66.100 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.197.106 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: qa-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.194.242.12 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.155.108 (United States) 1 redirects

ASN7979 (SERVERS-COM, US)

sync.colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.4.69 (None, )

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.233.180.94 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.68.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.207.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	ad.gt 1 redirects a.ad.gt — Cisco Umbrella Rank: 2521 p.ad.gt — Cisco Umbrella Rank: 2796 ids.ad.gt — Cisco Umbrella Rank: 2348 id.hadron.ad.gt — Cisco Umbrella Rank: 2328 pixels.ad.gt Failed	40 KB
19	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	251 KB
19	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 363	192 KB
12	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	9 KB
10	lytics.io c.lytics.io — Cisco Umbrella Rank: 19308	52 KB
10	linkfire.com linkstorage.linkfire.com — Cisco Umbrella Rank: 182138 services.linkfire.com — Cisco Umbrella Rank: 180201 cdn.linkfire.com — Cisco Umbrella Rank: 186580	160 KB
9	assetlab.io static.assetlab.io — Cisco Umbrella Rank: 147981	351 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10	344 B
7	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 1202 tr6.snapchat.com — Cisco Umbrella Rank: 1340	1018 B
5	google.ca www.google.ca — Cisco Umbrella Rank: 9677	320 B
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	23 KB
5	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 19054 us01.records.in.treasuredata.com — Cisco Umbrella Rank: 40137	20 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	426 KB
4	googlesyndication.com 8f7eeaedaa6b154ae300f809be90907f.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 203	19 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 278	4 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 646	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 505	2 KB
3	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 1868 analytics.twitter.com — Cisco Umbrella Rank: 1356	870 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	79 KB
2	t.co t.co — Cisco Umbrella Rank: 979	514 B
2	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 1176	761 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 319	1 KB
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 1373	728 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 764	2 KB
2	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2589	23 KB
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	30 KB
2	lnk.to jaestephens.lnk.to	44 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1081	201 B
1	colossusssp.com 1 redirects sync.colossusssp.com — Cisco Umbrella Rank: 3082	675 B
1	1rx.io sync.1rx.io — Cisco Umbrella Rank: 741	99 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1995	443 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 1537	665 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 694	1 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	19 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1413	21 KB
1	umusic-online.com 1 redirects us.umusic-online.com — Cisco Umbrella Rank: 738985	510 B
159	36

	Domain	Requested by
19	analytics.tiktok.com	static.assetlab.io analytics.tiktok.com
13	ids.ad.gt	1 redirects jaestephens.lnk.to
12	www.facebook.com	jaestephens.lnk.to
10	c.lytics.io	static.assetlab.io c.lytics.io jaestephens.lnk.to
10	securepubads.g.doubleclick.net	jaestephens.lnk.to securepubads.g.doubleclick.net
9	static.assetlab.io	jaestephens.lnk.to static.assetlab.io
7	www.google.com	1 redirects jaestephens.lnk.to tpc.googlesyndication.com
7	services.linkfire.com	jaestephens.lnk.to
6	googleads.g.doubleclick.net	www.googleadservices.com jaestephens.lnk.to www.googletagmanager.com
6	tr.snapchat.com	sc-static.net
5	www.google.ca	jaestephens.lnk.to
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com analytics.tiktok.com
5	a.ad.gt	static.assetlab.io analytics.tiktok.com
5	www.googletagmanager.com	static.assetlab.io www.googletagmanager.com p.ad.gt
4	us01.records.in.treasuredata.com	cdn.treasuredata.com
4	sb.scorecardresearch.com	2 redirects jaestephens.lnk.to
3	cm.g.doubleclick.net	2 redirects jaestephens.lnk.to
3	pixel.tapad.com	3 redirects
3	match.adsrvr.org	3 redirects
3	connect.facebook.net	static.assetlab.io connect.facebook.net
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	analytics.twitter.com	jaestephens.lnk.to
2	t.co	jaestephens.lnk.to
2	u.openx.net	2 redirects
2	dpm.demdex.net	2 redirects
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	p.ad.gt	a.ad.gt
2	cdn.hadronid.net	a.ad.gt
2	static.ads-twitter.com	static.assetlab.io jaestephens.lnk.to
2	cdn.linkfire.com	static.assetlab.io
2	jaestephens.lnk.to	jaestephens.lnk.to
1	pagead2.googlesyndication.com	analytics.tiktok.com
1	tr6.snapchat.com	sc-static.net
1	onetag-sys.com	jaestephens.lnk.to
1	sync.colossusssp.com	1 redirects
1	sync.1rx.io	jaestephens.lnk.to
1	d.turn.com	1 redirects
1	sync.go.sonobi.com	1 redirects
1	token.rubiconproject.com	jaestephens.lnk.to
1	8f7eeaedaa6b154ae300f809be90907f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	platform.twitter.com	1 redirects
1	www.googleadservices.com	static.assetlab.io
1	cdn.treasuredata.com	static.assetlab.io
1	sc-static.net	static.assetlab.io
1	linkstorage.linkfire.com	jaestephens.lnk.to
1	us.umusic-online.com	1 redirects
0	pixels.ad.gt Failed	p.ad.gt
159	49

This site contains links to these domains. Also see Links.

Domain
music.apple.com
music.amazon.com
open.spotify.com
music.youtube.com
soundcloud.com
www.deezer.com

Subject Issuer	Validity	Valid
lnk.to Amazon RSA 2048 M03	`2023-09-15` - `2024-10-13`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
static.assetlab.io Amazon RSA 2048 M03	`2023-09-20` - `2024-10-17`	a year	crt.sh
linkfire.com Amazon RSA 2048 M03	`2024-05-01` - `2025-05-28`	a year	crt.sh
cdn.linkfire.com Amazon RSA 2048 M02	`2023-12-13` - `2025-01-10`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.treasuredata.com Amazon RSA 2048 M03	`2024-06-18` - `2025-07-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-19` - `2024-08-17`	3 months	crt.sh
*.googleadservices.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
a.ad.gt WE1	`2024-08-07` - `2024-11-05`	3 months	crt.sh
lytics.io WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
*.records.in.treasuredata.com Amazon RSA 2048 M02	`2023-11-19` - `2024-12-18`	a year	crt.sh
hadronid.net WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
p.ad.gt Cloudflare Inc ECC CA-3	`2023-11-09` - `2024-11-07`	a year	crt.sh
*.ad.gt Amazon RSA 2048 M02	`2024-03-10` - `2025-04-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2024-06-13` - `2025-07-14`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
id.hadron.ad.gt WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.ca WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Frame ID: 16A730C04D94FFE22ED687F6216AEE07
Requests: 150 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 657A345AA6B735146B8DE9FBA79B5976
Requests: 1 HTTP requests in this frame

Frame: https://8f7eeaedaa6b154ae300f809be90907f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 89AC6A0E973D3F7E64D7544FADF3A4BE
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=d26de97a-67f1-471a-96f3-295b4788f0b4&u_scsid=f0174e34-bc31-472e-903a-00c1ab0a4e37&u_sclid=93b773bd-401c-4c15-b2ea-e135d056d3c2
Frame ID: 8138C037C10EECBBECCE0C2D82DBA376
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=a02431f0-2da6-44ed-a557-26ff61410dbf&u_scsid=f0174e34-bc31-472e-903a-00c1ab0a4e37&u_sclid=93b773bd-401c-4c15-b2ea-e135d056d3c2
Frame ID: BE80777D98D331F6DA64BEC55A617F76
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6759C3368DD555BB257CA23CD4AA35A8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 806BF262DBA147D513804CDC0191AE77
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jae Stephens - Body Favors

Page URL History Show full URLs

https://us.umusic-online.com/c/AQjpkg4QmI8iGKW5_GAgh9PoCO3Go5tvuMEBNkGULv-jjF4VoCVk4jxpVceqlzBsq8vr HTTP 302
https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.2... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

159
Requests

87 %
HTTPS

0 %
IPv6

36
Domains

49
Subdomains

37
IPs

3
Countries

1765 kB
Transfer

5277 kB
Size

56
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://music.apple.com/us/album/1760476035?ls=1&app=music&at=1l3vpUI&ct=LFV_678de808e0706fa3f155d3847a1a4c17&itscg=30440&itsct=catchall_p1&lId=211120789&cId=none&sr=1&src=Linkfire
Title: Play

Search URL Search Domain Scan URL

URL: http://music.amazon.com/albums/B0DBYHTSDC?tag=univmusicana-20&ie=UTF8&linkCode=as2&ascsubtag=678de808e0706fa3f155d3847a1a4c17&ref=dmm_acq_soc_ca_u_lfire_lp_x_678de808e0706fa3f155d3847a1a4c17&utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1
Title: Play

Search URL Search Domain Scan URL

URL: https://open.spotify.com/album/6rxtXiis3RaHNWXXRXUxWB?go=1&utm_campaign=fAfTD_96_fmly&utm_source=Original_Original&utm_medium=Original&utm_content=bad42e45-4cb0-4531-9941-f56592ff64dc_none_Jae%2BStephens_101071449_Body%2BFavors_none_20240806_direct_def-jam-us_US_jaestephens.lnk.to%2FBodyFavors&dm_i=4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1
Title: Play

Search URL Search Domain Scan URL

URL: https://music.youtube.com/playlist?list=OLAK5uy_mPqlvzurPlK0SM_C-1C07jJfLbQVveh0U&src=Linkfire&lId=bad42e45-4cb0-4531-9941-f56592ff64dc&cId=d3d58fd7-4c47-11e6-9fd0-066c3e7a8751&utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1
Title: Play

Search URL Search Domain Scan URL

URL: https://music.apple.com/us/album/1760476035?ls=1&app=itunes&at=1l3vpUI&ct=LFV_678de808e0706fa3f155d3847a1a4c17&itscg=30440&itsct=catchall_p5&lId=211120789&cId=none&sr=5&src=Linkfire
Title: Download

Search URL Search Domain Scan URL

URL: https://soundcloud.com/jaestephens/body-favors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1
Title: Play

Search URL Search Domain Scan URL

URL: https://www.deezer.com/album/623649961?app_id=140685&utm_source=partner_linkfire&utm_campaign=678de808e0706fa3f155d3847a1a4c17&utm_medium=Original&utm_term=def-jam-us&utm_content=album-623649961&dm_i=4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1
Title: Play

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://us.umusic-online.com/c/AQjpkg4QmI8iGKW5_GAgh9PoCO3Go5tvuMEBNkGULv-jjF4VoCVk4jxpVceqlzBsq8vr HTTP 302
https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://sb.scorecardresearch.com/cs/9923941/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 26

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 57

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001723230226-J7E9GQN7-T2KO%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&adnxs_id=8313656486714025574&gdpr=0

Request Chain 58

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001723230226-J7E9GQN7-T2KO&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001723230226-J7E9GQN7-T2KO&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=b536f7cb-94b6-4386-b7f2-7250b09045af&id=AU1D-0100-001723230226-J7E9GQN7-T2KO

Request Chain 59

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001723230226-J7E9GQN7-T2KO HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001723230226-J7E9GQN7-T2KO HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=A940F01A-CED2-4F4A-BCD0-E076F1DEC8F8&id=AU1D-0100-001723230226-J7E9GQN7-T2KO

Request Chain 61

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001723230226-J7E9GQN7-T2KO&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723230226-J7E9GQN7-T2KO%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001723230226-J7E9GQN7-T2KO&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723230226-J7E9GQN7-T2KO%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3632ceb7-7122-4bd3-bd82-7d62bc5fb140%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001723230226-J7E9GQN7-T2KO%252526tapad_id%25253D3632ceb7-7122-4bd3-bd82-7d62bc5fb140%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b536f7cb-94b6-4386-b7f2-7250b09045af&ttd_puid=3632ceb7-7122-4bd3-bd82-7d62bc5fb140%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001723230226-J7E9GQN7-T2KO%2526tapad_id%253D3632ceb7-7122-4bd3-bd82-7d62bc5fb140%2C HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&tapad_id=3632ceb7-7122-4bd3-bd82-7d62bc5fb140

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001723230226-J7E9GQN7-T2KO HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&google_gid=CAESEAuZMpyA6xyALHQ2gd3oabw&google_cver=1&google_ula=450542624,0

Request Chain 63

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001723230226-J7E9GQN7-T2KO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzIzMDIyNi1KN0U5R1FONy1UMktP

Request Chain 64

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&uid=[UID]&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&uid=2c16fe6a-46bf-4afc-918a-8a01db887177&gdpr=0

Request Chain 65

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001723230226-J7E9GQN7-T2KO&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001723230226-J7E9GQN7-T2KO HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001723230226-J7E9GQN7-T2KO&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001723230226-J7E9GQN7-T2KO HTTP 302
https://ids.ad.gt/api/v1/adb_match?adb=35593302282076354572148693058963493044&id=AU1D-0100-001723230226-J7E9GQN7-T2KO

Request Chain 66

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001723230226-J7E9GQN7-T2KO%26auid%3DAU1D-0100-001723230226-J7E9GQN7-T2KO HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001723230226-J7E9GQN7-T2KO%26auid%3DAU1D-0100-001723230226-J7E9GQN7-T2KO HTTP 302
https://ids.ad.gt/api/v1/openx?openx_id=f9c0fafd-2fd7-449a-a553-239ed0c5aa0b&id=AU1D-0100-001723230226-J7E9GQN7-T2KO&auid=AU1D-0100-001723230226-J7E9GQN7-T2KO

Request Chain 72

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=480458752.1723230226&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors&dma=0&npa=0&gtm=45be4880v891621318za200&auid=339458840.1723230226&frm=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=480458752.1723230226&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors&dma=0&npa=0&gtm=45be4880v891621318za200&auid=339458840.1723230226&frm=0

Request Chain 75

https://sb.scorecardresearch.com/b?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723230226438&ns_c=UTF-8&cs_fpid=678de808e0706fa3f155d3847a1a4c17&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscorekw=umg&c7=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&c8=Jae%20Stephens%20-%20Body%20Favors&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723230226438&ns_c=UTF-8&cs_fpid=678de808e0706fa3f155d3847a1a4c17&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscorekw=umg&c7=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&c8=Jae%20Stephens%20-%20Body%20Favors&c9=

Request Chain 80

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001723230226-J7E9GQN7-T2KO HTTP 302
https://ids.ad.gt/api/v1/amo_match?turn_id=4235834547988288768&id=AU1D-0100-001723230226-J7E9GQN7-T2KO

Request Chain 82

https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001723230226-J7E9GQN7-T2KO&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-001723230226-J7E9GQN7-T2KO HTTP 302
https://ids.ad.gt/api/v1/colossus?cls_id=c017fedd-ec6d-48f4-a343-23791beb9757&id=AU1D-0100-001723230226-J7E9GQN7-T2KO

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_cm&google_nid=lytics&google_hm=MzcyZTczNDMtZDAxOC00N2JjLWEyZWEtN2RkOThjZWM3NzBk HTTP 302
https://c.lytics.io/c/provider/google?google_gid=CAESEAIHKBeOXBUagkvWsRArUdM&google_cver=1

159 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request BodyFavors Show response
jaestephens.lnk.to/
Redirect Chain

https://us.umusic-online.com/c/AQjpkg4QmI8iGKW5_GAgh9PoCO3Go5tvuMEBNkGULv-jjF4VoCVk4jxpVceqlzBsq8vr
https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1

119 KB
44 KB

332ms
133ms

Document
text/html

34.226.66.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.226.66.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-66-151.compute-1.amazonaws.com
Software: /
Resource Hash: ef2fb7b3c360cfd7151533ebabcfea7ccadee9eb866b635c67a8b60a93814b51

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 09 Aug 2024 19:03:44 GMT
vary: Accept-Encoding
x-redirector-version: redirector-v3

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8b0a0205cda1ac58-YYZ
content-length: 0
date: Fri, 09 Aug 2024 19:03:44 GMT
location: https://jaestephens.lnk.to:443/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 102 KB
32 KB 190ms
67ms Script
text/javascript 173.194.205.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.205.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f157.1e100.net

Software

cafe /

Resource Hash

2c562bbf0a899671eb08e7820d061513040d83fd8d29fe095757c162fd86f6c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32350
x-xss-protection: 0
server: cafe
etag: 711 / 19944 / 31085956 / config-hash: 15858797205807252207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Aug 2024 19:03:44 GMT

GET
H2 200 release-refresh.css
static.assetlab.io/redirector-prod/3.163.0/ 49 KB
6 KB 215ms
102ms Stylesheet
text/css 52.85.151.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh.css
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-104.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0988674dcbae9072417b073f69fcb0a2f8b887dc6609a353bf51dbc9505e2d5f

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 108rjdIZSp7lYRsix09u5QNjgBynhQ.h
content-encoding: gzip
via: 1.1 a1157b69a14bebe8162237750a074fae.cloudfront.net (CloudFront)
date: Fri, 09 Aug 2024 12:34:28 GMT
last-modified: Tue, 06 Aug 2024 12:23:26 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
age: 23357
x-amz-server-side-encryption: AES256
etag: W/"cdc728bfd57522ca777cf61f2773ea51"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: lazREaFpluY8oXBQlrXMw2PHf9pfjPVHot_bu6cF5bIeB8QZyQGlyw==

GET
H2 200 release-refresh-light.css
static.assetlab.io/redirector-prod/3.163.0/ 22 KB
5 KB 202ms
90ms Stylesheet
text/css 52.85.151.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh-light.css
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-104.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a526e6f162cefdb6a60ba47786e531e20c92c97c92347f8dbfe262d3ece1f131

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: U_HwKyWj9zCvS5dLo.GjRN2FiBeoJ7WW
content-encoding: gzip
via: 1.1 a1157b69a14bebe8162237750a074fae.cloudfront.net (CloudFront)
date: Fri, 09 Aug 2024 12:39:44 GMT
last-modified: Tue, 06 Aug 2024 12:23:26 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
age: 23041
x-amz-server-side-encryption: AES256
etag: W/"ad144af8777be86b574e81fd0fcb7025"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: rzDeqYEV3n-37tfFWena6l-xEiSS4Me8mBfhXqt1VBTqM0usYRq1Sw==

GET
H2 200 release-classic-nosample.js Show response
static.assetlab.io/redirector-prod/3.163.0/ 498 KB
152 KB 214ms
102ms Script
application/javascript 52.85.151.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.163.0/release-classic-nosample.js
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-104.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df70f2987ecc23e5472cd4f2c5188c6ed1142ec7990f5dc2a5e70901a9c671f2

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: KxKxqa6BCdNzJISvkznsgLTPDUC.3S3g
content-encoding: gzip
via: 1.1 a1157b69a14bebe8162237750a074fae.cloudfront.net (CloudFront)
date: Fri, 09 Aug 2024 12:34:30 GMT
last-modified: Tue, 06 Aug 2024 12:23:26 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
age: 23355
x-amz-server-side-encryption: AES256
etag: W/"84bd577149ca31ab815340ab1d76d919"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 6_Lw3Qn_WMCI1OeuxRXaZRuMn0jskBNoBWL-2CWhC3P8u1dzraSoYw==

GET
H2 200 artwork-440x440.jpg
linkstorage.linkfire.com/medialinks/images/76645bc4-dfeb-40e2-893a-40d7161af709/ 84 KB
85 KB 213ms
106ms Image
image/jpeg 108.138.64.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linkstorage.linkfire.com/medialinks/images/76645bc4-dfeb-40e2-893a-40d7161af709/artwork-440x440.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.64.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-64-106.iad12.r.cloudfront.net

Software

The Great Gig In The Sky / Master of Puppets

Resource Hash

7ddbf94d213292524ce720d82d612e1ed95c025daeae3271bd574de4a5e1a278

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 02:12:37 GMT
x-amz-version-id: lk6g3mBs05slbi9aVoHgG_CTiZLVz1Yu
x-content-type-options: nosniff
strict-transport-security: max-age=10368000; includeSubdomains; preload
via: 1.1 086e2cd5d94fa729de58c51b5666e0e4.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P1
age: 60668
x-amz-server-side-encryption: AES256
x-powered-by: Master of Puppets
x-cache: Hit from cloudfront
content-length: 85869
x-xss-protection: 1; mode=block
x-linkfire-security: security@linkfire.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Aug 2024 22:57:59 GMT
server: The Great Gig In The Sky
etag: "912aad70102b9ea040a05ee64f78af2e"
expect-ct: max-age=0
x-frame-options: DENY
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: -HF_uNhvK4UcMFIJuP2vq3TN07Jfkv_LHF7_dcsls8sAXxWSABE_YA==

GET
H2 200 logo_applemusic_onlight.svg
services.linkfire.com/ 7 KB
4 KB 174ms
58ms Image
image/svg+xml 18.67.76.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_applemusic_onlight.svg
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-13.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:03:13 GMT
x-amz-version-id: nGo7v092Ub92VgXy.O3WmDeRgTKJPui3
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 11:13:55 GMT
server: AmazonS3
via: 1.1 d3cd567650e598ded7d5dd9266aa396c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"3d4894f0254dc9d917c86fffd766046a"
age: 345632
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: DFWnxvkiWQ0CFkzjlgkS8EdTUcIktX2aLJphSrT4LckFHgm2q1jvwA==

GET
H2 200 logo_amazonmusic_onlight.svg
services.linkfire.com/ 13 KB
6 KB 52ms
52ms Image
image/svg+xml 18.67.76.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_amazonmusic_onlight.svg
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-13.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 975f93c89036852225cae57756ec08a8a54b479e5084889dd5b7c1c5c4ea3533

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:03:13 GMT
x-amz-version-id: t.6xwhzUsEMabMOAcrU_ahq8gb2zQE2F
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 12:43:26 GMT
server: AmazonS3
via: 1.1 d3cd567650e598ded7d5dd9266aa396c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"8431baffada660f88a05cf5c64654842"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 345632
x-amz-cf-id: 8k15Fio8IQFco73nkvl_8upvvGKDdp5q5zrPEjeIP5noARcch-qRog==

GET
H2 200 logo_spotify_onlight.svg
services.linkfire.com/ 6 KB
3 KB 51ms
47ms Image
image/svg+xml 18.67.76.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_spotify_onlight.svg
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-13.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:03:13 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 02 Nov 2016 12:14:43 GMT
server: AmazonS3
via: 1.1 d3cd567650e598ded7d5dd9266aa396c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"10ebad8fc307d85d6ed34e9fa95a7577"
age: 345632
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 09-4QJXekQxQAAqHGIyw5ZwJGTCBveHqICSFXmECIdQj4l0pW4P5oQ==

GET
H2 200 logo_youtubemusic_onlight.svg
services.linkfire.com/ 5 KB
2 KB 52ms
48ms Image
image/svg+xml 18.67.76.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_youtubemusic_onlight.svg
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-13.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ce9c869d01258f4e024478cbb35d9c6d905e247fe95a11984e5277a96dde0fd

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:03:13 GMT
x-amz-version-id: G1rOQPF3JpQef3z0Vi5fsLBWAO__tg2E
content-encoding: gzip
last-modified: Fri, 23 Jun 2023 08:30:20 GMT
server: AmazonS3
via: 1.1 d3cd567650e598ded7d5dd9266aa396c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"d074b492d1d7017ee94ac92a3891a8c7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 345632
x-amz-cf-id: xnHtC8S6298W1hUrlF2Voaj_UZ7RCrMFIZplOE7kBZbMs2QVm76OSw==

GET
H2 200 logo_itunes_onlight.svg
services.linkfire.com/ 19 KB
5 KB 53ms
49ms Image
image/svg+xml 18.67.76.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_itunes_onlight.svg
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-13.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:03:13 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 23 Mar 2018 08:26:33 GMT
server: AmazonS3
via: 1.1 d3cd567650e598ded7d5dd9266aa396c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"db14889932940c59c989f46bcff71c80"
age: 345632
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: CkJoPLGB0GHxWZwZbMAagnUVL6ZBoQxXJF4Y_gwMSB6h_kvG_4KpKg==

GET
H2 200 logo_soundcloud_onlight.svg
services.linkfire.com/ 7 KB
3 KB 55ms
52ms Image
image/svg+xml 18.67.76.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_soundcloud_onlight.svg
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-13.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdaf641251a8854b64e807fef8f115f1e47cf644cfe6c76e0e36d067962bb9a3

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:04:53 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 10 Aug 2016 15:03:55 GMT
server: AmazonS3
via: 1.1 d3cd567650e598ded7d5dd9266aa396c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"dfe6031f9e194784911a4fcc715b8471"
age: 345532
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: celHAADWvHQgH4bIV03MtntVKz7gpQPa1DkcVPtq-UwU02BwfJLnfQ==

GET
H2 200 logo_deezer_onlight.svg
services.linkfire.com/ 4 KB
2 KB 56ms
53ms Image
image/svg+xml 18.67.76.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_deezer_onlight.svg
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-13.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40039e484599ff9d06a8b426c17036fd4808e27f9f80f36857f0dd43e398df35

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:03:13 GMT
x-amz-version-id: WvAwStsf6xWaBuT2.jFQmXhqB6pMNhyj
content-encoding: gzip
last-modified: Wed, 29 Nov 2023 08:40:03 GMT
server: AmazonS3
via: 1.1 d3cd567650e598ded7d5dd9266aa396c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
etag: W/"4b2c962216daeabe96dfaf3d2a6c8eb8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 345633
x-amz-cf-id: dO5RyGPSx0ZHktMZydDvpe_0_HhUjq4lBLpi3v5uyIFn8KWupdfABA==

GET
H2 200 skin.js Show response
static.assetlab.io/redirector-prod/3.163.0/ 558 KB
163 KB 128ms
125ms Script
application/javascript 52.85.151.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.163.0/skin.js
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-104.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c554840debebb1ab92ddae039e500fb187996ee010f6a623cf7e801ab9f37b5

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: ogQBCCJvponUxOyXyJe0vhliPRW5g3lH
content-encoding: gzip
via: 1.1 a1157b69a14bebe8162237750a074fae.cloudfront.net (CloudFront)
date: Fri, 09 Aug 2024 12:34:28 GMT
last-modified: Tue, 06 Aug 2024 12:23:26 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
age: 23357
x-amz-server-side-encryption: AES256
etag: W/"d02b561bf25f766a437b98064c5fbe00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: en5w0L2jwpd3fekvD97VDKXRMUcui5GjyfflPC929zpWSPhDH4ZNeg==

GET
H2 200 consent.js Show response
static.assetlab.io/consent/1.11.5/ 53 KB
17 KB 211ms
209ms Script
application/javascript 52.85.151.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.11.5/consent.js
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-104.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34078200e60ca43461630face48ad447b8f0b168fb47690f478072e2c1a9e5f5

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: ju_8K.PDZRV094KIBbbtKu8mQZRT_cL7
content-encoding: gzip
via: 1.1 a1157b69a14bebe8162237750a074fae.cloudfront.net (CloudFront)
date: Fri, 09 Aug 2024 12:06:44 GMT
last-modified: Thu, 09 Nov 2023 11:02:44 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
age: 25021
x-amz-server-side-encryption: AES256
etag: W/"f936b19d6eee687f4d908c31b9ca592d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: rqVpPWutqYHkUmTx2Mm2yz8WqpO9FQE0jLii-ZsddxAhblDByZSCRg==

GET
H2 200 IBMPlexSans-SemiBold.woff
cdn.linkfire.com/fonts/ 25 KB
26 KB 346ms
89ms Font
application/font-woff 18.160.10.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkfire.com/fonts/IBMPlexSans-SemiBold.woff
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh-light.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-79.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48442a68a245429c0b9e568a6aa953928ddfa30d565551ecf09fe2420479f2af

Request headers

Referer: https://static.assetlab.io/
Origin: https://jaestephens.lnk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 6QfHoSLi8D0hZ8GH.358xmsYXPD21ebG
date: Fri, 09 Aug 2024 12:15:57 GMT
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
age: 43929
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 25840
last-modified: Thu, 07 Dec 2023 15:19:56 GMT
server: AmazonS3
etag: "cc3d30a6545d5217e219fa6e9b17d708"
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 9MhiVHcSThC_Bk-i0UKZ8e3esNly4VtKnd90ntsFvDMa2T4Bc3aptA==

GET
H2 200 IBMPlexSans-Regular.woff
cdn.linkfire.com/fonts/ 24 KB
24 KB 345ms
88ms Font
application/font-woff 18.160.10.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkfire.com/fonts/IBMPlexSans-Regular.woff
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-refresh-light.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-79.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1df9c953053965fc56c34399bc55ac59f6ab462e6027ce3cb0643d8028319ab3

Request headers

Referer: https://static.assetlab.io/
Origin: https://jaestephens.lnk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Ook11omPFO9UPvfXfjgVP61zDIApcoGC
date: Fri, 09 Aug 2024 06:47:16 GMT
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
age: 44190
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24448
last-modified: Thu, 07 Dec 2023 15:19:57 GMT
server: AmazonS3
etag: "c0caf3a69092fc5c08443b413ea38896"
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: gJ5KHM0OSIubvjB6d7jGVMCGQFQeTeBe1jxEtCN39j0Z4HXoKLsI5Q==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/ 473 KB
148 KB 56ms
55ms Script
text/javascript 173.194.205.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31085956

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f157.1e100.net

Software

cafe /

Resource Hash

3a26214bd1e8719fc7fba6929bdaab7d7f6971af5336aa013606160d1a580929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 12:51:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22345
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151235
x-xss-protection: 0
server: cafe
etag: 7729326465989859830
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 09 Aug 2025 12:51:20 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/9923941/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

47ms
45ms

Script
application/javascript

18.165.83.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Server: 18.165.83.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-104.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 13:20:38 GMT
content-encoding: gzip
via: 1.1 65cdd88e2e6e21b095c2caf59292000c.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:02:23 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P3
age: 20588
etag: W/"77ff4ede4693897337a38594321529a3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: G8Bh8DRCHkIv5pTIj4bnZ5EK4Nvz0v6EigD9R2XxhNYNalbYCasA3g==

Redirect headers

date: Fri, 09 Aug 2024 19:03:45 GMT
via: 1.1 65cdd88e2e6e21b095c2caf59292000c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P3
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: NBK9sMJJ1kaSqnvfBn0pbK_Af3GGaRb5KYhx19uw9witI8yQe5gVWg==

POST
H2 200 / Show response
jaestephens.lnk.to/~/tr/visit/ 70 B
229 B 110ms
109ms XHR
application/json 34.226.66.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jaestephens.lnk.to/~/tr/visit/
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.226.66.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-66-151.compute-1.amazonaws.com
Software: /
Resource Hash: 16dfe2622801a8049653ac7723d7f86a28592e5413198a419e4fbcf1753f0e07

Request headers

Referer: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Aug 2024 19:03:45 GMT
x-redirector-version: redirector-v3
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=UTF-8

GET
H2 200 consent.css
static.assetlab.io/consent/1.11.5/ 26 KB
5 KB 44ms
43ms Stylesheet
text/css 52.85.151.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.11.5/consent.css
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.5/consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-104.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05a5fac03580933e0a88b0749020180b52b3f53580684264a0cae62686739071

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: WTvuGC2z1ERFXKMCLZ9XULrgIJWRlKQX
content-encoding: gzip
via: 1.1 a1157b69a14bebe8162237750a074fae.cloudfront.net (CloudFront)
date: Fri, 09 Aug 2024 07:02:15 GMT
last-modified: Thu, 09 Nov 2023 11:02:44 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
age: 43291
x-amz-server-side-encryption: AES256
etag: W/"a92b7b63d3b8f97456c3cb33d63a5e8b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: lpSZnto0PHCBBUS1CynYzioxUNDBmYDYqjqI9YMC6oaYuHqVfu8XLg==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 157ms
46ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-classic-nosample.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000164-IAD

GET
H2 200 scevent.min.js Show response
sc-static.net/ 49 KB
21 KB 154ms
68ms Script
application/javascript 3.163.245.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-classic-nosample.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.245.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 2af0f5c12099fb857aeda94a926b0ab19f253b649b4b159f04f0f9e342de2d9f

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: gzip
via: 1.1 4afe58622c53f3abab57af35bd692fb4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: YUL62-P2
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 21282
x-amz-cf-id: yRLIiIS6wT0a3bF55baxcGeLfm_yyOtvec41GeOQ80angta3ZqpI8A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
82 KB 297ms
184ms Script
application/javascript 173.194.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-784983735

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-classic-nosample.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.175.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

443bd021aa712597d57545b3c4619aa0a85eeb7099228e1f88d94bc8395e0933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84218
x-xss-protection: 0
last-modified: Fri, 09 Aug 2024 18:18:22 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Aug 2024 19:03:45 GMT

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/4.0/ 58 KB
20 KB 201ms
97ms Script
text/javascript 13.249.39.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/4.0/td.min.js
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-classic-nosample.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.39.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-39-122.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2953217b5e320afbe57db90ecb6b3081e7eeae485330fe325b8b1ff17519f3c4

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 04:38:27 GMT
Content-Encoding: gzip
Via: 1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront)
Age: 1347919
X-Amz-Cf-Pop: IAD89-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Thu, 25 Jul 2024 04:38:21 GMT
Server: AmazonS3
Etag: W/"e3df5edbe80dfeefb99eba311109e1ee"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: fIyGHZXCO_dYcHa0cjU0p7LtlajSyOHkAKW8ZxAr_T913Qo3oCGKpg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 147ms
44ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-classic-nosample.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Aug 2024 19:03:45 GMT
document-policy: force-load-at-top
x-fb-server-load: 38
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=12, mss=1316, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: xC1OIwhwOBfQR4eRSg1WlbtslfUWnymW9NjloNeW1X+Qk/VqAAQAq+UL22+myyv89NKsaHJm7BocpPXPgmmg6A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 53 KB
19 KB 142ms
64ms Script
text/javascript 173.194.204.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-classic-nosample.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f157.1e100.net

Software

cafe /

Resource Hash

46e6d969d3750cf78ff97f16a89cb39d85fd821ac85d18e8f37cce91d44f8f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19647
x-xss-protection: 0
server: cafe
etag: 484736373843719405
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Aug 2024 19:03:45 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

56 KB
15 KB

52ms
51ms

Script
application/javascript

146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000164-IAD

Redirect headers

Date: Fri, 09 Aug 2024 19:03:45 GMT
Server: ECS (cha/81B3)
x-tw-cdn: VZ
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Location: https://static.ads-twitter.com/oct.js
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= ,x-tw-cdn;desc=VZ
Content-Length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 169ms
66ms Script
application/javascript 173.194.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-54175133-1

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-classic-nosample.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.175.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

298e1724e5a8ff4a0aae0986b5cfbe261483ae73bbbd896c36957b951dfa2782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77083
x-xss-protection: 0
last-modified: Fri, 09 Aug 2024 18:18:22 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Aug 2024 19:03:45 GMT

GET
H2 200 28 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 220ms
125ms Script
application/javascript 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/28?url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&metadata=linkfire
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-classic-nosample.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c6be37faa97f53115f6ecc3fbd12b36008b98236e8994b5967e4f6eb674ee41

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 09 Aug 2024 19:03:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 8b0a020e5accac9a-YYZ

GET
H2 200 99 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 297ms
297ms Script
application/javascript 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/99?url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&metadata=linkfire
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-classic-nosample.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b77e8b16934e41ec804bd55e7e0ad86a54691763faca0115bfbf030f360833c

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 09 Aug 2024 19:03:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 8b0a020eab3eac9a-YYZ

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/ 66 KB
23 KB 111ms
34ms Script
application/javascript 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/latest.min.js

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-classic-nosample.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff362590942cd8bb93423aefea52b6f7c6cdabbc9e43e8e8833d6b3164959133

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5709
last-modified: Fri, 09 Aug 2024 17:28:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WaEaPkCxLzmdTqzTJbuPXqYT3BbD3Zui99wq5Hc6JVv%2Bm7up1ZNV9mn3S%2B1HHTmPQQ6ypG22ZQSaKg9bk%2FGBR2qJ%2FHTd%2BKKX4yfbgd6tDzzDtRVolKlTKiFkXwuZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
x-lytics-trace: 76516cd2abbbb34b27761990d511e16a
cf-ray: 8b0a020f1ca9ac70-YYZ

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 657A 0
0 189ms
55ms Document
text/html 173.194.205.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31085956

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f157.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28915
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Aug 2024 18:51:39 GMT
expires: Fri, 09 Aug 2024 19:41:39 GMT
last-modified: Mon, 05 Aug 2024 19:44:26 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
618 B 174ms
167ms Fetch
text/plain 173.194.205.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2195805783835952&correlator=2141077184793338&eid=31079957%2C31085909%2C31085956%2C31084505%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408070101&ptt=17&impl=fif&iu_parts=22051246401%2CHeader_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1723230225704&lmt=1723230225&adxs=0&adys=-160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723230224744&idt=824&cust_params=genre%3DRB%252FSoul%252CRB%252FSoul%26explicit%3Dno%26artist%3Djae%2520stephens%26album%3DBody%2520Favors%26linkid%3Dbad42e45-4cb0-4531-9941-f56592ff64dc%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DCA%26city%3DToronto%26days%3D%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=2736067097&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31085956

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f157.1e100.net

Software

cafe /

Resource Hash

5a15ede2e1e08b7a537a814d9650c38d21a643029939c11ba64ebcad196ec666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 588
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jaestephens.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 773 B
377 B 158ms
156ms Fetch
text/plain 173.194.205.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2195805783835952&correlator=2141077184793338&eid=31079957%2C31085909%2C31085956%2C31084505%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408070101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-Click_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1723230225730&lmt=1723230225&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723230224744&idt=824&cust_params=genre%3DRB%252FSoul%252CRB%252FSoul%26explicit%3Dno%26artist%3Djae%2520stephens%26album%3DBody%2520Favors%26linkid%3Dbad42e45-4cb0-4531-9941-f56592ff64dc%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DCA%26city%3DToronto%26days%3D%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=1338496054&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31085956

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f157.1e100.net

Software

cafe /

Resource Hash

f5ff26a923cb0acaff12f2cb375af4d3dc1e33a6040fe3f048dd8bb1a92980ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 347
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jaestephens.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
387 B 156ms
154ms Fetch
text/plain 173.194.205.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2195805783835952&correlator=2141077184793338&eid=31079957%2C31085909%2C31085956%2C31084505%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408070101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-amazon-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1723230225737&lmt=1723230225&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723230224744&idt=824&cust_params=genre%3DRB%252FSoul%252CRB%252FSoul%26explicit%3Dno%26artist%3Djae%2520stephens%26album%3DBody%2520Favors%26linkid%3Dbad42e45-4cb0-4531-9941-f56592ff64dc%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DCA%26city%3DToronto%26days%3D%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=1902184223&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31085956

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f157.1e100.net

Software

cafe /

Resource Hash

e05072f03f20074c4f879c15fe499526026162b83a9f532c098243b83b897c7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 357
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jaestephens.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 781 B
380 B 158ms
156ms Fetch
text/plain 173.194.205.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2195805783835952&correlator=2141077184793338&eid=31079957%2C31085909%2C31085956%2C31084505%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408070101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-spotify-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1723230225741&lmt=1723230225&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723230224744&idt=824&cust_params=genre%3DRB%252FSoul%252CRB%252FSoul%26explicit%3Dno%26artist%3Djae%2520stephens%26album%3DBody%2520Favors%26linkid%3Dbad42e45-4cb0-4531-9941-f56592ff64dc%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DCA%26city%3DToronto%26days%3D%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=4288002596&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31085956

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f157.1e100.net

Software

cafe /

Resource Hash

8a84db9b68205fcfd5edd9dd6d022b315a2a0bfa1fac0483335210dde124ab02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 350
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jaestephens.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 779 B
385 B 158ms
156ms Fetch
text/plain 173.194.205.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2195805783835952&correlator=2141077184793338&eid=31079957%2C31085909%2C31085956%2C31084505%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408070101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-tidal-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1723230225745&lmt=1723230225&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723230224744&idt=824&cust_params=genre%3DRB%252FSoul%252CRB%252FSoul%26explicit%3Dno%26artist%3Djae%2520stephens%26album%3DBody%2520Favors%26linkid%3Dbad42e45-4cb0-4531-9941-f56592ff64dc%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DCA%26city%3DToronto%26days%3D%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=3635752911&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31085956

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f157.1e100.net

Software

cafe /

Resource Hash

90987f8be400d29ce8eac3c580d22f69aac11a85dfeb6af0acd32ffe613b106c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 355
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jaestephens.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 785 B
377 B 155ms
154ms Fetch
text/plain 173.194.205.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2195805783835952&correlator=2141077184793338&eid=31079957%2C31085909%2C31085956%2C31084505%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408070101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-apple-music-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=6&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1723230225748&lmt=1723230225&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723230224744&idt=824&cust_params=genre%3DRB%252FSoul%252CRB%252FSoul%26explicit%3Dno%26artist%3Djae%2520stephens%26album%3DBody%2520Favors%26linkid%3Dbad42e45-4cb0-4531-9941-f56592ff64dc%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DCA%26city%3DToronto%26days%3D%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=3334755453&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31085956

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f157.1e100.net

Software

cafe /

Resource Hash

c15503f8f66e5fd8bed995c231a6fd0b5fa183f83ddaaa4b8948bc000bde2801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 347
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jaestephens.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 773 B
378 B 154ms
153ms Fetch
text/plain 173.194.205.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2195805783835952&correlator=2141077184793338&eid=31079957%2C31085909%2C31085956%2C31084505%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408070101&ptt=17&impl=fif&iu_parts=22051246401%2CFooter_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x100%7C300x250%7C320x50%7C320x100%7C320x120&ifi=7&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1723230225774&lmt=1723230225&adxs=650&adys=883&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&vis=1&psz=300x0&msz=300x0&fws=4&ohw=400&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723230224744&idt=824&cust_params=genre%3DRB%252FSoul%252CRB%252FSoul%26explicit%3Dno%26artist%3Djae%2520stephens%26album%3DBody%2520Favors%26linkid%3Dbad42e45-4cb0-4531-9941-f56592ff64dc%26boardid%3D8fc0a72d-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6f04753c-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DCA%26city%3DToronto%26days%3D%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=309253681&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31085956

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f157.1e100.net

Software

cafe /

Resource Hash

0a62e2a09d9302d437f2946feb2e5c2d3933ce7c6bc1e6f984f4af0ac6ef81f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 348
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jaestephens.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
8f7eeaedaa6b154ae300f809be90907f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 89AC 0
0 793ms
62ms Document
text/html 209.85.201.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f7eeaedaa6b154ae300f809be90907f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31085956

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.201.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Aug 2024 19:03:46 GMT
expires: Fri, 09 Aug 2024 19:03:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 208ms
67ms Script
application/javascript 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BV8M6J1G18MG0UVLUJM0&lib=ttq
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-classic-nosample.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f1b320172542471f39032d57582ed6aeb2f242b1bdc1e4286046bff72f1747f9

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 11d4d895
date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408091903458836E289ECCE46DF6FCB-67CEA4BCA7A386F4-00
x-cache: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=9
content-length: 1986
pragma: no-cache
server: nginx
x-tt-logid: 202408091903458836E289ECCE46DF6FCB
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.218.223.73
x-tt-trace-host: 012588a0342afe945991ac6c75e79c33d963ba08aff6c43c5b9bb637bc02011ebd0fbc59b6e882218457e20cbe41bc3ac19a363731d70720f969da9c30d7b67e878fb83c110dd71ffb2afb4aa257b880992485277099a3c5ec9e6606365bf429fd
expires: Fri, 09 Aug 2024 19:03:45 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 7 KB
3 KB 217ms
76ms Script
application/javascript 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BV3ECNLD82FVM3BE6CP0&lib=ttq
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-classic-nosample.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0b859eae851e5007abfe9ad50cf55918e8c790e17abb52e30d67b1ed14002706

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 11d4d897
date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408091903451619B40CD7D9ECE00BE4-20D3DF75E582C427-00
x-cache: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=4, origin; dur=11
content-length: 2397
pragma: no-cache
server: nginx
x-tt-logid: 202408091903451619B40CD7D9ECE00BE4
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.218.223.73
x-tt-trace-host: 012588a0342afe945991ac6c75e79c33d963ba08aff6c43c5b9bb637bc02011ebd69a95f974bb25af658ec00ae714b0261392a26ac9e48df49aacaa5df339be04c1ad581824b8cd14d540d13e1fd4397104716f341c13cafb7013b40f8b0349c79
expires: Fri, 09 Aug 2024 19:03:45 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 210ms
69ms Script
application/javascript 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2K0OMCST06BEPRUJEAG&lib=ttq
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-classic-nosample.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5cb6351051390a39f597d6b8c1e466ef369c53f319f6dbfa82b5a21315deb9fe

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 11d4d896
date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408091903453157F02FC32F82179ED8-3014FBF41A1A5F27-00
x-cache: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=3, origin; dur=11
content-length: 2386
pragma: no-cache
server: nginx
x-tt-logid: 202408091903453157F02FC32F82179ED8
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.218.223.73
x-tt-trace-host: 012588a0342afe945991ac6c75e79c33d963ba08aff6c43c5b9bb637bc02011ebdbc1bae3875b5c5f533e3d5e81545918c3ecb9528cdeee44ed84c64a5b89836b0200dcacd175d5315b7b891ebdd5c3419299f4a041a04e4fea030634e510fbd1d
expires: Fri, 09 Aug 2024 19:03:45 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 235ms
95ms Script
application/javascript 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C56BFVO00UN7QUNFQJP0&lib=ttq
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-classic-nosample.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7674c3e12cb0793756b5223f262e6cf44996cfed2d1326b69abff34d5d5d857d

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 11d4d898
date: Fri, 09 Aug 2024 19:03:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240809190345CC78DC98FF82B1DE013C-54F137B6524C17D5-00
x-cache: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=31, origin; dur=11
content-length: 2101
pragma: no-cache
server: nginx
x-tt-logid: 20240809190345CC78DC98FF82B1DE013C
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.218.223.73
x-tt-trace-host: 012588a0342afe945991ac6c75e79c33d963ba08aff6c43c5b9bb637bc02011ebd13a1c0eca03429a0521ba858a0521dcc9274cf0a26dbd39417bb0dd36adc8c654f56495dec404ce8fb04a9982629bb95ca510537c69dd47234910c0ab0f049f8
expires: Fri, 09 Aug 2024 19:03:46 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 7 KB
3 KB 217ms
77ms Script
application/javascript 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C56DKSBG5HFBPDLO1D50&lib=ttq
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/redirector-prod/3.163.0/release-classic-nosample.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1cdc48d2d02d42dab7aae3a1499a7a9467d578a04469c9ab27564f9b436a58ff

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 11d4d899
date: Fri, 09 Aug 2024 19:03:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240809190345EC12125C872EF4DF9041-1254CDA67FC16E9F-00
x-cache: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=4, origin; dur=15
content-length: 2601
pragma: no-cache
server: nginx
x-tt-logid: 20240809190345EC12125C872EF4DF9041
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 17,23.218.223.73
x-tt-trace-host: 012588a0342afe945991ac6c75e79c33d963ba08aff6c43c5b9bb637bc02011ebd97c6d9086139b4fb7706b93995b4b7cbbc58a6d886ec3807fc6da5d4bab311337b01cb861e6afa9cacd119cc8fb34cd3ae7e33712aa34a9742346ab7f11b703a
expires: Fri, 09 Aug 2024 19:03:45 GMT

GET
H2 200 d26de97a-67f1-471a-96f3-295b4788f0b4.json Show response
tr.snapchat.com/config/to/ 103 B
194 B 736ms
127ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/to/d26de97a-67f1-471a-96f3-295b4788f0b4.json?v=3.25.1-2408082241

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

eeba3ace9cbfefe01391c267ac236776ebe26bf6cd629ea90a9fb07f7253042b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept: application/json
Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
observe-browsing-topics: ?1
content-type: application/json
access-control-allow-origin: https://jaestephens.lnk.to
x-envoy-upstream-service-time: 41
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103

GET
H2 200 i
tr.snapchat.com/cm/ Frame 8138 0
0 699ms
91ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=d26de97a-67f1-471a-96f3-295b4788f0b4&u_scsid=f0174e34-bc31-472e-903a-00c1ab0a4e37&u_sclid=93b773bd-401c-4c15-b2ea-e135d056d3c2

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://jaestephens.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: clear h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Fri, 09 Aug 2024 19:03:46 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 2

GET
H2 200 a02431f0-2da6-44ed-a557-26ff61410dbf.js Show response
tr.snapchat.com/config/to/ 196 B
482 B 740ms
124ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/to/a02431f0-2da6-44ed-a557-26ff61410dbf.js?v=3.25.1-2408082241

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

27c621bcf54245087460636275667abc0fada8175d4a824dd9bdca25ad3440d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://jaestephens.lnk.to/
Origin: https://jaestephens.lnk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://jaestephens.lnk.to
x-envoy-upstream-service-time: 41
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 196

GET
H2 200 i
tr.snapchat.com/cm/ Frame BE80 0
0 688ms
86ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=a02431f0-2da6-44ed-a557-26ff61410dbf&u_scsid=f0174e34-bc31-472e-903a-00c1ab0a4e37&u_sclid=93b773bd-401c-4c15-b2ea-e135d056d3c2

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://jaestephens.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Fri, 09 Aug 2024 19:03:46 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 1

GET
H2 200 ic-shield-grey.svg
static.assetlab.io/consent/1.11.5/assets/ 1 KB
1 KB 60ms
35ms Image
image/svg+xml 52.85.151.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/consent/1.11.5/assets/ic-shield-grey.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.5/consent.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-104.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db5705fc667bcad46aad8fb85a4886672c7a74a5b391eaac027813c77b46583c

Request headers

Referer: https://static.assetlab.io/consent/1.11.5/consent.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Ibc_4X36F00FA3G2aO3DCZmh1qGXxOvC
content-encoding: gzip
via: 1.1 a1157b69a14bebe8162237750a074fae.cloudfront.net (CloudFront)
date: Fri, 09 Aug 2024 11:20:09 GMT
last-modified: Thu, 09 Nov 2023 11:02:44 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
age: 27842
x-amz-server-side-encryption: AES256
etag: W/"33050866ef456ef13ac166f0bccd3304"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: x_-3ZC8s2jn9d2hx2xGe0R74FxM-_Ll9Jej_sS0D9O9_fTKH8h6CXA==

POST
H2 200 pageviews Show response
us01.records.in.treasuredata.com/streaming_src_qa/ 90 B
424 B 324ms
223ms Fetch
application/vnd.treasuredata.v1.js+json 44.209.241.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us01.records.in.treasuredata.com/streaming_src_qa/pageviews?modified=1723230226051

Requested by

Host: cdn.treasuredata.com
URL: https://cdn.treasuredata.com/sdk/4.0/td.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.209.241.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-209-241-117.compute-1.amazonaws.com

Software

Resource Hash

a5dc7a155ab3ee249e7050d0783aeeafff50620bcb6560ed90465cbb1375a1da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/vnd.treasuredata.v1.js+json
Referer: https://jaestephens.lnk.to/
Authorization: TD1 12117/9009c89df40b6890d64424d5fb29f77332a576bf
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/vnd.treasuredata.v1.js+json

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
content-type: application/vnd.treasuredata.v1.js+json
access-control-allow-origin: https://jaestephens.lnk.to
cache-control: no-store
access-control-allow-credentials: true
content-length: 90

POST
H2 200 pageviews Show response
us01.records.in.treasuredata.com/streaming_src_prod/ 90 B
423 B 332ms
230ms Fetch
application/vnd.treasuredata.v1.js+json 44.209.241.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us01.records.in.treasuredata.com/streaming_src_prod/pageviews?modified=1723230226057

Requested by

Host: cdn.treasuredata.com
URL: https://cdn.treasuredata.com/sdk/4.0/td.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.209.241.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-209-241-117.compute-1.amazonaws.com

Software

Resource Hash

c2c6de23c5f547d7c9ef4e7e8f9d39763bd1e102349d4d275a78e1d18359b01d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/vnd.treasuredata.v1.js+json
Referer: https://jaestephens.lnk.to/
Authorization: TD1 12428/c3daa75715f063718eea09d46051aba892b06ad5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/vnd.treasuredata.v1.js+json

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
content-type: application/vnd.treasuredata.v1.js+json
access-control-allow-origin: https://jaestephens.lnk.to
cache-control: no-store
access-control-allow-credentials: true
content-length: 90

GET
H2 200 1711600715555173 Show response
connect.facebook.net/signals/config/ 63 KB
13 KB 159ms
158ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1711600715555173?v=2.9.164&r=stable&domain=jaestephens.lnk.to&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

fd745cefdeee961a34e41acc28c8d08ee5141e6e4c16b136bf1b066d9536aa25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Aug 2024 19:03:46 GMT
document-policy: force-load-at-top
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=47, rtx=0, c=62, mss=1316, tbw=64375, tp=-1, tpl=-1, uplat=114, ullat=0
pragma: public
x-fb-debug: a9xVCQxcf8oIj+zrkOdHscuuCBc6QKpa1Bcv3YcvRwK+QURG5gvQiGmYoDLiVF0SKRnPBuAmFbwb1tNmMOOqWg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/950249395/ 4 KB
2 KB 574ms
66ms Script
text/javascript 173.194.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950249395/?random=1723230226112&cv=9&fst=1723230226112&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=artist%3DJae%20Stephens%3Balbum%3DBody%20Favors%3Bupcs%3D00602475036753%3Bgenre%3DR%26B%2FSoul%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DDef%20Jam%20US%3Burl%3Djaestephens.lnk.to%2FBodyFavors%3BcountryCode%3DCA%3Bcountry%3DCanada%3Bcity%3DToronto%3Bartists%3DJae%20Stephens%3Breferrer%3Ddirect%3Baction%3Dpageview&frm=0&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&tiba=Jae%20Stephens%20-%20Body%20Favors&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f156.1e100.net

Software

cafe /

Resource Hash

9ab068eb0b8d6e3a68fca4324abf1863d484bfe06dcce3348448d0fa80bba11d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1651
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
12 KB 511ms
35ms Script
application/javascript 104.22.53.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?partner_id=28&sync=1&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/28?url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&metadata=linkfire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.53.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
server: cloudflare
x-amz-request-id: 4GNTEWM5RE8S976C
age: 87
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=432000
cf-ray: 8b0a02144e0da244-YYZ
x-amz-id-2: 1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=
expires: Wed, 14 Aug 2024 19:03:46 GMT

GET
H2 200 28 Show response
p.ad.gt/api/v1/p/ 47 KB
15 KB 518ms
48ms Script
application/javascript 104.22.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/28
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/28?url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&metadata=linkfire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c690c5c6a92b09f05ee624f3e114e1146ab1cd0ea0343bd2f20c5c0633ff8b64

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Aug 2024 18:53:08 GMT
server: cloudflare
age: 128
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b0a02144deaaaf7-YYZ

GET
H2 200 ip_match
ids.ad.gt/api/v1/ 0
192 B 615ms
116ms Image
text/html 44.236.255.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.255.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-255-143.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
server: nginx/1.24.0
content-length: 0
content-type: text/html; charset=utf-8

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001723230226-J7E9GQN7-T2KO%26adnxs_id%3D%24UID%26gdpr%3D0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&adnxs_id=8313656486714025574&gdpr=0

43 B
143 B

104ms
97ms

Image
image/gif

44.236.255.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&adnxs_id=8313656486714025574&gdpr=0
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Server: 44.236.255.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-255-143.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:46 GMT
an-x-request-uuid: 15f5fca3-7546-4693-8307-251d76130b76
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&adnxs_id=8313656486714025574&gdpr=0
x-proxy-origin: 149.88.16.231; 149.88.16.231; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001723230226-J7E9GQN7-T2KO&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001723230226-J7E9GQN7-T2KO&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=b536f7cb-94b6-4386-b7f2-7250b09045af&id=AU1D-0100-001723230226-J7E9GQN7-T2KO

43 B
143 B

103ms
96ms

Image
image/gif

44.236.255.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=b536f7cb-94b6-4386-b7f2-7250b09045af&id=AU1D-0100-001723230226-J7E9GQN7-T2KO
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Server: 44.236.255.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-255-143.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/t_match?tdid=b536f7cb-94b6-4386-b7f2-7250b09045af&id=AU1D-0100-001723230226-J7E9GQN7-T2KO
date: Fri, 09 Aug 2024 19:03:46 GMT
server: Kestrel
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001723230226-J7E9GQN7-T2KO
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001723230226-J7E9GQN7-T2KO
https://ids.ad.gt/api/v1/pbm_match?pbm=A940F01A-CED2-4F4A-BCD0-E076F1DEC8F8&id=AU1D-0100-001723230226-J7E9GQN7-T2KO

43 B
143 B

104ms
97ms

Image
image/gif

44.236.255.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=A940F01A-CED2-4F4A-BCD0-E076F1DEC8F8&id=AU1D-0100-001723230226-J7E9GQN7-T2KO
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Server: 44.236.255.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-255-143.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=A940F01A-CED2-4F4A-BCD0-E076F1DEC8F8&id=AU1D-0100-001723230226-J7E9GQN7-T2KO
date: Fri, 09 Aug 2024 19:03:45 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
1 KB 534ms
68ms Image
text/plain 69.173.146.5
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001723230226-J7E9GQN7-T2KO&gdpr=0
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.146.5 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a63e28342bd5b2027f26e8b97631d66b
Expires: 0

GET
H2

200

tapad_match
ids.ad.gt/api/v1/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001723230226-J7E9GQN7-T2KO&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723230226...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001723230226-J7E9GQN7-T2KO&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3632ceb7-7122-4bd3-bd82-7d62bc5fb140%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b536f7cb-94b6-4386-b7f2-7250b09045af&ttd_puid=3632ceb7-7122-4bd3-bd82-7d62bc5fb140%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&tapad_id=3632ceb7-7122-4bd3-bd82-7d62bc5fb140

43 B
143 B

104ms
104ms

Image
image/gif

44.236.255.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&tapad_id=3632ceb7-7122-4bd3-bd82-7d62bc5fb140
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Server: 44.236.255.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-255-143.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

date: Fri, 09 Aug 2024 19:03:46 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&tapad_id=3632ceb7-7122-4bd3-bd82-7d62bc5fb140
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001723230226-J7E9GQN7-T2KO
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&google_gid=CAESEAuZMpyA6xyALHQ2gd3oabw&google_cver=1&google_ula=450542624,0

43 B
143 B

107ms
105ms

Image
image/gif

44.236.255.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&google_gid=CAESEAuZMpyA6xyALHQ2gd3oabw&google_cver=1&google_ula=450542624,0
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Server: 44.236.255.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-255-143.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&google_gid=CAESEAuZMpyA6xyALHQ2gd3oabw&google_cver=1&google_ula=450542624,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001723230226-J7E9GQN7-T2KO
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzIzMDIyNi1KN0U5R1FONy1UMktP

170 B
409 B

56ms
55ms

Image
image/png

173.194.175.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzIzMDIyNi1KN0U5R1FONy1UMktP

Requested by

Protocol

Server

173.194.175.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzIzMDIyNi1KN0U5R1FONy1UMktP
date: Fri, 09 Aug 2024 19:03:46 GMT
server: nginx/1.24.0
content-length: 453
content-type: text/html; charset=utf-8

GET
H2

200

son_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&uid=[UID]&gdpr=0
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&uid=2c16fe6a-46bf-4afc-918a-8a01db887177&gdpr=0

43 B
143 B

128ms
125ms

Image
image/gif

44.236.255.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&uid=2c16fe6a-46bf-4afc-918a-8a01db887177&gdpr=0
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Server: 44.236.255.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-255-143.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-54
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&uid=2c16fe6a-46bf-4afc-918a-8a01db887177&gdpr=0
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

adb_match
ids.ad.gt/api/v1/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001723230226-J7E9GQN7-T2KO&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001723230226-J7E9GQ...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001723230226-J7E9GQN7-T2KO&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-01...
https://ids.ad.gt/api/v1/adb_match?adb=35593302282076354572148693058963493044&id=AU1D-0100-001723230226-J7E9GQN7-T2KO

43 B
143 B

96ms
96ms

Image
image/gif

44.236.255.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/adb_match?adb=35593302282076354572148693058963493044&id=AU1D-0100-001723230226-J7E9GQN7-T2KO
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Server: 44.236.255.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-255-143.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

dcs: dcs-prod-va6-2-v062-046d16f18.edge-va6.demdex.com 6 ms
pragma: no-cache
date: Fri, 09 Aug 2024 19:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: GVcTPNfpQ8s=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://ids.ad.gt/api/v1/adb_match?adb=35593302282076354572148693058963493044&id=AU1D-0100-001723230226-J7E9GQN7-T2KO
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

openx
ids.ad.gt/api/v1/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001723230226-J7E9GQN7-T2KO%26auid%3DAU...
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001723230226-J7E9GQN7-T2KO%26auid...
https://ids.ad.gt/api/v1/openx?openx_id=f9c0fafd-2fd7-449a-a553-239ed0c5aa0b&id=AU1D-0100-001723230226-J7E9GQN7-T2KO&auid=AU1D-0100-001723230226-J7E9GQN7-T2KO

43 B
143 B

99ms
98ms

Image
image/gif

44.236.255.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/openx?openx_id=f9c0fafd-2fd7-449a-a553-239ed0c5aa0b&id=AU1D-0100-001723230226-J7E9GQN7-T2KO&auid=AU1D-0100-001723230226-J7E9GQN7-T2KO
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Server: 44.236.255.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-255-143.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

date: Fri, 09 Aug 2024 19:03:46 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://ids.ad.gt/api/v1/openx?openx_id=f9c0fafd-2fd7-449a-a553-239ed0c5aa0b&id=AU1D-0100-001723230226-J7E9GQN7-T2KO&auid=AU1D-0100-001723230226-J7E9GQN7-T2KO
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 adsct
t.co/i/ 43 B
374 B 231ms
107ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=fec2b86a-bee1-49f7-a446-682dac73f302&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0563b9df-6427-4dc7-8b2e-c664b8173e30&tw_document_href=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1zw8&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Fri, 09 Aug 2024 19:03:46 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: b1b0f0a559252fe0
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: e81f88fbd2823247199fc7ada9994715b05137000a1ec74a19f0bd6c550ab84b
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 249ms
71ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=fec2b86a-bee1-49f7-a446-682dac73f302&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0563b9df-6427-4dc7-8b2e-c664b8173e30&tw_document_href=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1zw8&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 7
date: Fri, 09 Aug 2024 19:03:46 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: eaed58ff08999a32
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 87d58c2b3ad12a0f8f6d870410b61ba4b2ef818ba2ce768a31aacf427790aece
content-length: 43

GET
H2 200 f1d9d94ded8b13388a12e4bb69e532f1 Show response
c.lytics.io/cid/ 24 B
499 B 76ms
75ms Script
text/javascript 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/cid/f1d9d94ded8b13388a12e4bb69e532f1?assign=false&callback=u_680571421317653200

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f49cce9bd323da713aca6487010ca645998561a5e7f0ce805f1c424e70bbcc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 24
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YUCJyWuV61C4MINR8E%2FLkI2cWOTfMTECgCLly7u6FFTNiON3DHYg5sLw%2FzpFYBHu7GUZjzct593XMzGkcSsOs7%2BjMLH75%2FQP7lFZxjSw5aPAJm0jX6smfGEHMrJ8"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: d1b42408db1229404b70c7153de98fcb
cf-ray: 8b0a0211dee4ac70-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
94 KB 67ms
55ms Script
application/javascript 173.194.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SK2KRMG100&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54175133-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.175.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4fd4b7e713294135370ef4930c307da265fe617b2208d2ebe82550a206195740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96017
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Aug 2024 19:03:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 211ms
56ms Script
text/javascript 173.194.66.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54175133-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.66.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Aug 2024 18:46:44 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1023
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 09 Aug 2024 20:46:44 GMT

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=480458752.1723230226&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors&dma=0&npa=0&gtm=45be4880v891621318za200&auid=33945...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=480458752.1723230226&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors&dma=0&npa=0&gtm=45be4880v891621318za2...

42 B
64 B

54ms
54ms

Ping
image/gif

173.194.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=480458752.1723230226&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors&dma=0&npa=0&gtm=45be4880v891621318za200&auid=339458840.1723230226&frm=0

Requested by

Protocol

Server

173.194.175.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=480458752.1723230226&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors&dma=0&npa=0&gtm=45be4880v891621318za200&auid=339458840.1723230226&frm=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/784983735/ 4 KB
1 KB 111ms
109ms Script
text/javascript 173.194.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784983735/?random=1723230226374&cv=11&fst=1723230226374&bg=ffffff&guid=ON&async=1&gtm=45be4880v891621318za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&hn=www.googleadservices.com&frm=0&tiba=Jae%20Stephens%20-%20Body%20Favors&npa=0&pscdl=noapi&auid=339458840.1723230226&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-784983735

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f156.1e100.net

Software

cafe /

Resource Hash

26d0665adb8baaa3e2352e065c04e89bb53bdaf3c824692a5446ab282a13d409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1510
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
84 KB 62ms
61ms Script
application/javascript 173.194.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-802909747&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54175133-1

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

6bc941967ca99e77acba81788e339b7a17ef89a05894911b347c82c6940c09a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86262
x-xss-protection: 0
last-modified: Fri, 09 Aug 2024 18:18:22 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Aug 2024 19:03:46 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723230226438&ns_c=UTF-8&cs_fpid=678de808e0706fa3f155d3847a1a4c17&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscorek...
https://sb.scorecardresearch.com/b2?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723230226438&ns_c=UTF-8&cs_fpid=678de808e0706fa3f155d3847a1a4c17&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscore...

0
225 B

45ms
45ms

Image
text/plain

18.165.83.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723230226438&ns_c=UTF-8&cs_fpid=678de808e0706fa3f155d3847a1a4c17&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscorekw=umg&c7=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&c8=Jae%20Stephens%20-%20Body%20Favors&c9=
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Server: 18.165.83.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-104.iad55.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
via: 1.1 65cdd88e2e6e21b095c2caf59292000c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P3
x-amz-cf-id: pCh-GSuedT9GlcmFJgw8jpFDMmLPXobyhAXbSSFfYAInPwbKWY3rWg==
x-cache: Miss from cloudfront

Redirect headers

date: Fri, 09 Aug 2024 19:03:46 GMT
via: 1.1 65cdd88e2e6e21b095c2caf59292000c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P3
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723230226438&ns_c=UTF-8&cs_fpid=678de808e0706fa3f155d3847a1a4c17&cs_fpit=c&cs_fpdm=*null&cs_ucfr=1&comscorekw=umg&c7=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&c8=Jae%20Stephens%20-%20Body%20Favors&c9=
content-length: 0
x-amz-cf-id: H-re3Iq8IDvj7SPTWQpR9nn3z0xnZEk1oSN0UBCCZEPrRDTvkLHO1A==

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/784983735/ 4 KB
2 KB 113ms
99ms Script
text/javascript 173.194.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784983735/?random=1723230226450&cv=11&fst=1723230226450&bg=ffffff&guid=ON&async=1&gtm=45be4880v891621318za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&hn=www.googleadservices.com&frm=0&tiba=Jae%20Stephens%20-%20Body%20Favors&npa=0&pscdl=noapi&auid=339458840.1723230226&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&delc=Canada&data=event%3Dpage_view%3Bartist%3DJae%20Stephens%3Balbum%3DBody%20Favors%3Bupcs%3D00602475036753%3Bgenre%3DR%26B%2FSoul%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DDef%20Jam%20US%3Burl%3Djaestephens.lnk.to%2FBodyFavors%3BcountryCode%3DCA%3Bcountry%3DCanada%3Bcity%3DToronto%3Bartists%3DJae%20Stephens%3Baction%3Dpageview&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-784983735

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f156.1e100.net

Software

cafe /

Resource Hash

6fd2f6fd3de9bca254015dd0e7a468d206f64d6519f77ea9fa54a28c801ee0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1664
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p
tr.snapchat.com/ 0
251 B 172ms
93ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://jaestephens.lnk.to
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
11 KB 56ms
36ms Script
application/javascript 104.22.53.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?partner_id=99&sync=1&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/99?url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&metadata=linkfire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.53.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
server: cloudflare
x-amz-request-id: 4GNTEWM5RE8S976C
age: 87
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=432000
cf-ray: 8b0a02161f3aa244-YYZ
x-amz-id-2: 1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=
expires: Wed, 14 Aug 2024 19:03:46 GMT

GET
H2 200 99 Show response
p.ad.gt/api/v1/p/ 42 KB
14 KB 62ms
42ms Script
application/javascript 104.22.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/99
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/99?url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&metadata=linkfire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 047f4d701bf8b33cf7a9bb1b2511ea4a0a462c0f6d6f46f284770b25df54238b

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Aug 2024 18:59:21 GMT
server: cloudflare
age: 69
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b0a02161f8aaaf7-YYZ

GET
H2

200

amo_match
ids.ad.gt/api/v1/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001723230226-J7E9GQN7-T2KO
https://ids.ad.gt/api/v1/amo_match?turn_id=4235834547988288768&id=AU1D-0100-001723230226-J7E9GQN7-T2KO

43 B
143 B

98ms
92ms

Image
image/gif

44.236.255.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/amo_match?turn_id=4235834547988288768&id=AU1D-0100-001723230226-J7E9GQN7-T2KO
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Server: 44.236.255.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-255-143.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/amo_match?turn_id=4235834547988288768&id=AU1D-0100-001723230226-J7E9GQN7-T2KO
pragma: no-cache
date: Fri, 09 Aug 2024 19:03:45 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 0
sync.1rx.io/usersync/audigent/ 0
99 B 174ms
48ms Image
text/plain 69.194.240.13
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001723230226-J7E9GQN7-T2KO%26unruly_id%3D%5BRX_UUID%5D
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2

200

colossus
ids.ad.gt/api/v1/
Redirect Chain

https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001723230226-J7E9GQN7-T2KO&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-...
https://ids.ad.gt/api/v1/colossus?cls_id=c017fedd-ec6d-48f4-a343-23791beb9757&id=AU1D-0100-001723230226-J7E9GQN7-T2KO

43 B
143 B

101ms
96ms

Image
image/gif

44.236.255.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/colossus?cls_id=c017fedd-ec6d-48f4-a343-23791beb9757&id=AU1D-0100-001723230226-J7E9GQN7-T2KO
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Server: 44.236.255.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-255-143.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 09 Aug 2024 19:03:47 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Transfer-Encoding: chunked
Location: http://ids.ad.gt/api/v1/colossus?cls_id=c017fedd-ec6d-48f4-a343-23791beb9757&id=AU1D-0100-001723230226-J7E9GQN7-T2KO
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 /
onetag-sys.com/match/ 0
201 B 525ms
61ms Image
text/plain 51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=180&uid=AU1D-0100-001723230226-J7E9GQN7-T2KO&gdpr=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 main.MTM2ZmRjOGQyMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 331 KB
94 KB 48ms
47ms Script
application/javascript 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BV8M6J1G18MG0UVLUJM0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b424c8b96a0a79e02312ac23d09607c4006fd6d9242848089fbc19caceed805d

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 11d4e635
date: Fri, 09 Aug 2024 19:03:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202408081343190F6B647326F863CC5B1A
x-tt-trace-id: 00-2408081343190F6B647326F863CC5B1A-7F745D77CE9A5737-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0162725379ef65330891b09b6dab15acc03a0007846037ac768974fd49e525076a5312c65fe788126c74d8539143a17700725b8a381f586eb201341b3f4e3de7ffd32d63a0e70266e931900a39efd1e4c77d93686b5997848ff5caaf54ed535a79
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 95259

GET
H2 200 main.MTM2ZmRjOGQyMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 336 KB
95 KB 122ms
121ms Script
application/javascript 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2K0OMCST06BEPRUJEAG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6a01570a34308b3c89e3492bbeac7b2e0c7c3f7156c30260b9796a7624251fb3

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 11d4e66f
date: Fri, 09 Aug 2024 19:03:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240808134316945BA607E25F1C52E325
x-tt-trace-id: 00-240808134316945BA607E25F1C52E325-50B372B6E97B9CC0-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0171d4b2f63262236053cb155abb9d3cbed9ca156ea3a280ebc38e0429c222ddb9f31af5e026bdc87f327793786fa34d702cacdc3c661c52a26b081060cf68f8249e88b6f336df1d14fbdf3bf5ed65c325a916740ecc61bf457eb97fc1ba2684b5
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 97068

GET
H2 200 adsct
t.co/i/ 43 B
140 B 119ms
113ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=1&event_id=c6c583f9-0e26-4b32-bb36-3125cc55c978&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0563b9df-6427-4dc7-8b2e-c664b8173e30&tw_document_href=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=numgi&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 7
date: Fri, 09 Aug 2024 19:03:46 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: c37dc285e2c26e20
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 56f7d2087fd4d89a0b3c5763615676266154763dabf087aa08e4c012712d5e56
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
93 B 87ms
81ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=1&event_id=c6c583f9-0e26-4b32-bb36-3125cc55c978&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0563b9df-6427-4dc7-8b2e-c664b8173e30&tw_document_href=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=numgi&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 5
date: Fri, 09 Aug 2024 19:03:46 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 4dc9aa5c9c6f230f
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 87d58c2b3ad12a0f8f6d870410b61ba4b2ef818ba2ce768a31aacf427790aece
content-length: 43

OPTIONS
H2 200 pageviews
us01.records.in.treasuredata.com/streaming_src_qa/ Frame 0
0 608ms
61ms Preflight
text/plain 44.209.241.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us01.records.in.treasuredata.com/streaming_src_qa/pageviews?modified=1723230226051

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.209.241.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-209-241-117.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://jaestephens.lnk.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,User-Agent,Authorization
access-control-allow-methods: HEAD,GET,POST
access-control-allow-origin: https://jaestephens.lnk.to
access-control-max-age: 7200
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Fri, 09 Aug 2024 19:03:46 GMT
strict-transport-security: max-age=31536000
vary: Origin

OPTIONS
H2 200 pageviews
us01.records.in.treasuredata.com/streaming_src_prod/ Frame 0
0 599ms
58ms Preflight
text/plain 44.209.241.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us01.records.in.treasuredata.com/streaming_src_prod/pageviews?modified=1723230226057

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.209.241.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-209-241-117.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://jaestephens.lnk.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,User-Agent,Authorization
access-control-allow-methods: HEAD,GET,POST
access-control-allow-origin: https://jaestephens.lnk.to
access-control-max-age: 7200
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Fri, 09 Aug 2024 19:03:46 GMT
strict-transport-security: max-age=31536000
vary: Origin

GET
H3 200 529815473883968 Show response
connect.facebook.net/signals/config/ 32 KB
5 KB 269ms
263ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/529815473883968?v=2.9.164&r=stable&domain=jaestephens.lnk.to&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

d812f3c0511015c397cb86798af8b46a4d92130bbfb0adae32057045e1108a37

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Aug 2024 19:03:46 GMT
document-policy: force-load-at-top
x-fb-server-load: 46
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=48, rtx=0, c=23, mss=1232, tbw=4358, tp=9, tpl=0, uplat=196, ullat=1
pragma: public
x-fb-debug: /ch6r9vApfvEQdC59bKFMsUe/9QZ6g2VkfG2moQVNUvTVzsezdAgyX9ccYKqekFLfNE/2/faiTnRcqtDFZW+vQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 372e7343-d018-47bc-a2ea-7dd98cec770d Show response
c.lytics.io/api/personalize/f1d9d94ded8b13388a12e4bb69e532f1/user/_uid/ 320 B
604 B 91ms
90ms Script
application/json 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/f1d9d94ded8b13388a12e4bb69e532f1/user/_uid/372e7343-d018-47bc-a2ea-7dd98cec770d?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22372e7343-d018-47bc-a2ea-7dd98cec770d%22%2C%22utm_source%22%3A%22dotmailer%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_campaign%22%3A%22559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A-7%2C%22_ul%22%3A%22en-CA%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22jaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1%22%2C%22_v%22%3A%223.0.36%22%7D&ts=1723230226750&callback=u_105524041923114930

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f0ad4f7a0165d615fd89b316985e84b34bac0ae4b01c8440d20035a79b5882a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MSKb6UWwSUOTKk5CIKV%2BPN3tmYA%2B1XV%2FG3YHeILZkZsjtRo0esckl%2FEoot6%2FU1HwKz6kx9jQiBfy5V8gSmVIwT1Cv%2FrCZwIwJ6TahywSt26ZffVgGiV9flt3sPHR"}],"group":"cf-nel","max_age":604800}
x-lytics-trace: 4d76e2b871e9c24bda565da63db8f505
cf-ray: 8b0a02154a1eac70-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
content-length: 234

GET
H2 200 linkfire
c.lytics.io/c/f1d9d94ded8b13388a12e4bb69e532f1/ 35 B
420 B 63ms
62ms Image
image/gif 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/f1d9d94ded8b13388a12e4bb69e532f1/linkfire?_e=pv&utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&_sesstart=1&_tz=-7&_ul=en-CA&_sz=1600x1200&album=Body%20Favors&artist=Jae%20Stephens&artist_tags=Jae%20Stephens&asset=landingpage&board=Def%20Jam%20US&organization=Universal%20Music%20Group&browser=Chrome&channel_category=Original&city=Toronto&country_code=CA&device=desktop&genre=R%26B%2FSoul&os=Linux&referrer=direct&link_type=Music&visitor_token=678de808e0706fa3f155d3847a1a4c17&spotify_url=https%3A%2F%2Fopen.spotify.com%2Falbum%2F6rxtXiis3RaHNWXXRXUxWB%3Fgo%3D1&action=pageview&_ts=1723230226193&_nmob=t&_device=desktop&url=jaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&_v=3.0.36&_uid=372e7343-d018-47bc-a2ea-7dd98cec770d&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=URDETUnGlece7z5lbwgZ1gdLazdztBLme%2Bu4nTWVltAQcE%2FcekVl9uLoToFF4CTWkTunYw4L4f1ptAMrqkO1ZmH5j78Hy2VOZet2Iz1hMupOf%2FzGLqBHHl%2F%2Fn9h2"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: ab3453877bbab806f16874277e09dd47
cf-ray: 8b0a02154a22ac70-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 f1d9d94ded8b13388a12e4bb69e532f1
c.lytics.io/c/ 35 B
328 B 64ms
63ms Image
image/gif 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/f1d9d94ded8b13388a12e4bb69e532f1?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&_sesstart=1&_tz=-7&_ul=en-CA&_sz=1600x1200&_ts=1723230226481&_nmob=t&_device=desktop&url=jaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&_v=3.0.36&_uid=372e7343-d018-47bc-a2ea-7dd98cec770d&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:46 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2FNEwo6xY4LkrULhybo9h07wbPWpe%2FX4W4u1nIVSonXNLgSyc%2BsMx2%2BpRSmPtfazjUqfHq05rPIALASHnc6sz0Uw%2BQyHZudUdIEJBZeiCG7pluSoKvdQr1Pbs3Z2"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 4843fbb741c18017270a9fc84204f314
cf-ray: 8b0a02154a23ac70-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 125 B
282 B 65ms
52ms XHR
application/json 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=0&partner_id=28&sync=1&domain=jaestephens.lnk.to&url=https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?partner_id=28&sync=1&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed9c49b306d4e301a8b843e4d5a7221dd10ba2c2b8b2210e127a21793af0e472

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization,content-type
cf-ray: 8b0a02171d4ea1fc-YYZ

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 270ms
50ms Preflight
application/json 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=0&partner_id=28&sync=1&domain=jaestephens.lnk.to&url=https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://jaestephens.lnk.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8b0a0216bcc7a1fc-YYZ
content-length: 0
content-type: application/json
date: Fri, 09 Aug 2024 19:03:47 GMT
debug: OPTIONS block
expires: Sat, 09 Aug 2025 19:03:47 GMT
server: cloudflare

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 234ms
111ms Fetch
text/plain 173.194.66.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-SK2KRMG100&gtm=45je4880v9126390853za200&_p=1723230226222&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=1513319937.1723230227&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1723230226&sct=1&seg=0&dl=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&dt=Jae%20Stephens%20-%20Body%20Favors&en=page_view&_fv=1&_nsi=1&_ss=1&ep.name=tracker0&epn.cookieExpires=15552000&ep.clientId=66b668109b2ea9.12423094&epn.sampleRate=10&tfd=3402
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SK2KRMG100&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.66.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qo-in-f100.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jaestephens.lnk.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
90 KB 69ms
68ms Script
application/javascript 173.194.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/28

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

0ffb1d1dc49957a81f4f36a479bd27106c9ad65e55016ee652a29a1411c245d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91734
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Aug 2024 19:03:47 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/802909747/ 4 KB
1 KB 92ms
76ms Script
text/javascript 173.194.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/802909747/?random=1723230227008&cv=11&fst=1723230227008&bg=ffffff&guid=ON&async=1&gtm=45be4880v9161945549za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&hn=www.googleadservices.com&frm=0&tiba=Jae%20Stephens%20-%20Body%20Favors&npa=0&pscdl=noapi&auid=339458840.1723230226&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-802909747&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f156.1e100.net

Software

cafe /

Resource Hash

5daff687839ebd17d7fa2a4c6910a9351e9b70d0db515d8d1b81f47feb83430d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1509
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/802909747/ 4 KB
2 KB 73ms
73ms Script
text/javascript 173.194.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/802909747/?random=1723230227055&cv=11&fst=1723230227055&bg=ffffff&guid=ON&async=1&gtm=45be4880v9161945549za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&hn=www.googleadservices.com&frm=0&tiba=Jae%20Stephens%20-%20Body%20Favors&npa=0&pscdl=noapi&auid=339458840.1723230226&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&delc=Canada&data=event%3Dpage_view%3Bartist%3DJae%20Stephens%3Balbum%3DBody%20Favors%3Bupcs%3D00602475036753%3Bgenre%3DR%26B%2FSoul%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DDef%20Jam%20US%3Burl%3Djaestephens.lnk.to%2FBodyFavors%3BcountryCode%3DCA%3Bcountry%3DCanada%3Bcity%3DToronto%3Bartists%3DJae%20Stephens%3Baction%3Dpageview&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-802909747&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f156.1e100.net

Software

cafe /

Resource Hash

456b754e1caa7fcd288e77b75538dc19583a9196d8f49f56c16b90746ae8509f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1668
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/950249395/ 42 B
64 B 130ms
57ms Image
image/gif 172.217.197.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/950249395/?random=1723230226112&cv=9&fst=1723230000000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=artist%3DJae%20Stephens%3Balbum%3DBody%20Favors%3Bupcs%3D00602475036753%3Bgenre%3DR%26B%2FSoul%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DDef%20Jam%20US%3Burl%3Djaestephens.lnk.to%2FBodyFavors%3BcountryCode%3DCA%3Bcountry%3DCanada%3Bcity%3DToronto%3Bartists%3DJae%20Stephens%3Breferrer%3Ddirect%3Baction%3Dpageview&frm=0&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&tiba=Jae%20Stephens%20-%20Body%20Favors&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfpm4ulwO6PMve7ZPYRGUSJnx4LeEjOvcuV9bYlj4r0xcYluib&random=765881224&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/950249395/ 42 B
64 B 134ms
60ms Image
image/gif 64.233.180.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/950249395/?random=1723230226112&cv=9&fst=1723230000000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=artist%3DJae%20Stephens%3Balbum%3DBody%20Favors%3Bupcs%3D00602475036753%3Bgenre%3DR%26B%2FSoul%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DDef%20Jam%20US%3Burl%3Djaestephens.lnk.to%2FBodyFavors%3BcountryCode%3DCA%3Bcountry%3DCanada%3Bcity%3DToronto%3Bartists%3DJae%20Stephens%3Breferrer%3Ddirect%3Baction%3Dpageview&frm=0&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&tiba=Jae%20Stephens%20-%20Body%20Favors&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfpm4ulwO6PMve7ZPYRGUSJnx4LeEjOvcuV9bYlj4r0xcYluib&random=765881224&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_c2008b8c.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 53ms
51ms Script
application/javascript 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_c2008b8c.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 11d4f698
date: Fri, 09 Aug 2024 19:03:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202407291241438CEF9AFC5613DF1A3D4F
x-tt-trace-id: 00-2407291241438CEF9AFC5613DF1A3D4F-4406BB46B4F5E2CE-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01b330b13e1dcfd3081a90fefdfba6e8b93c3b432e87925099543df5a3b479ef679aa8f5c22582fcf767cb768d0eb69a2a198325962494e82d53de3ce9723b3050efd12e04d3d3ba2e331e9ed302f3a43aeedb7af4b1396b83cfaeb93c19f4d3e2
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=11
content-length: 39513

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
717 B 146ms
143ms Ping
text/plain 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 11d4f80e
date: Fri, 09 Aug 2024 19:03:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408091903470D3076D01747D966E8F0-59F14CA13D68F214-00
x-cache: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
server-timing: inner; dur=34, cdn-cache; desc=MISS, edge; dur=9, origin; dur=41
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202408091903470D3076D01747D966E8F0
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 43,23.218.223.73
x-tt-trace-host: 012588a0342afe945991ac6c75e79c33d963ba08aff6c43c5b9bb637bc02011ebd29ecce1a1b7152c2702a91bd57078f92c3795ca82e265446735dbedb3cfa77e421475b4ca86b749fccb83574cbafae344369b47ed0a0bc37ad4b6323352408bb
access-control-allow-headers: Authorization,*
expires: Fri, 09 Aug 2024 19:03:47 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
716 B 146ms
144ms Ping
text/plain 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 11d4f810
date: Fri, 09 Aug 2024 19:03:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408091903478968CA1A91D117E3340C-01533ECF748CD03B-00
x-cache: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
server-timing: inner; dur=50, cdn-cache; desc=MISS, edge; dur=8, origin; dur=54
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202408091903478968CA1A91D117E3340C
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 54,23.218.223.73
x-tt-trace-host: 012588a0342afe945991ac6c75e79c33d963ba08aff6c43c5b9bb637bc02011ebdab3e0e0f0457ef503fdcbd60227322bc33f1e5be0d0a06e6af39c0c35c6ffb42a52879f4b128f4be6d86c6fc784d8b43e06eed0aca1dea25ae356c0c07bfbd0c
access-control-allow-headers: Authorization,*
expires: Fri, 09 Aug 2024 19:03:47 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
717 B 146ms
144ms Ping
text/plain 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 11d4f811
date: Fri, 09 Aug 2024 19:03:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408091903474DA2F11D16AEC6B72C63-0C5AC3E1CB6FE1AD-00
x-cache: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
server-timing: inner; dur=41, cdn-cache; desc=MISS, edge; dur=9, origin; dur=45
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202408091903474DA2F11D16AEC6B72C63
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 45,23.218.223.73
x-tt-trace-host: 012588a0342afe945991ac6c75e79c33d963ba08aff6c43c5b9bb637bc02011ebd974fe6f8ec8e81b7d5239bafcbcb0ca88ffd630da89d760b5bac9992edb5f454311f969365908b950345b134abc290acfd104f1781ac88b71400ffde84828fa8
access-control-allow-headers: Authorization,*
expires: Fri, 09 Aug 2024 19:03:47 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
719 B 359ms
357ms Ping
text/plain 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 11d4f812
date: Fri, 09 Aug 2024 19:03:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408091903470D3076D01747D966E8FA-23E63842B19693B8-00
x-cache: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
server-timing: inner; dur=185, cdn-cache; desc=MISS, edge; dur=90, origin; dur=190
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202408091903470D3076D01747D966E8FA
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 190,23.218.223.73
x-tt-trace-host: 012588a0342afe945991ac6c75e79c33d963ba08aff6c43c5b9bb637bc02011ebd29ecce1a1b7152c2702a91bd57078f92cebf07d0e37348ce68de4f84209b0841f7bc45c98294d2f14ddd2d8834acd60ad1013f2f173047d8216b9916b4f70df2
access-control-allow-headers: Authorization,*
expires: Fri, 09 Aug 2024 19:03:47 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
720 B 176ms
174ms Ping
text/plain 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 11d4f813
date: Fri, 09 Aug 2024 19:03:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240809190347A0F823F90F23D8DDBEE7-41A4C0ECB7F825D7-00
x-cache: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
server-timing: inner; dur=40, cdn-cache; desc=MISS, edge; dur=16, origin; dur=74
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240809190347A0F823F90F23D8DDBEE7
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 75,23.218.223.73
x-tt-trace-host: 012588a0342afe945991ac6c75e79c33d963ba08aff6c43c5b9bb637bc02011ebdaa53e2858fa1bd6b1dc9d55088916097d694a95981ddfc5a94d4af1ec60ce6f4517f31dc54b94e545ff234c5b13ab385be12bf777ffc107c4b228d32adb8f251
access-control-allow-headers: Authorization,*
expires: Fri, 09 Aug 2024 19:03:47 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
719 B 213ms
211ms Ping
text/plain 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 11d4f814
date: Fri, 09 Aug 2024 19:03:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240809190347A0F823F90F23D8DDBEEE-3CA5A1A44C9686D0-00
x-cache: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
server-timing: inner; dur=18, cdn-cache; desc=MISS, edge; dur=83, origin; dur=21
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240809190347A0F823F90F23D8DDBEEE
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 21,23.218.223.73
x-tt-trace-host: 012588a0342afe945991ac6c75e79c33d963ba08aff6c43c5b9bb637bc02011ebdaa53e2858fa1bd6b1dc9d550889160973a7b53a49938acf2035b67030186b6ba63b60a441f24b0a58a184fadf5726fcfa4d02993ca1599efe8f1e974d9290da5
access-control-allow-headers: Authorization,*
expires: Fri, 09 Aug 2024 19:03:47 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
717 B 208ms
206ms Ping
text/plain 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 11d4f9f3
date: Fri, 09 Aug 2024 19:03:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408091903477C69590F06639018ECD9-151EAB76C20CFB4D-00
x-cache: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
server-timing: inner; dur=30, cdn-cache; desc=MISS, edge; dur=9, origin; dur=33
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202408091903477C69590F06639018ECD9
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 33,23.218.223.73
x-tt-trace-host: 012588a0342afe945991ac6c75e79c33d963ba08aff6c43c5b9bb637bc02011ebd7b8694e17e3395dd521fc5172f03563f127ea5dcebf51f66df8110cba8c24b8b253f2eaf3a076b440293fc6896c92fe4450d0ec4a11ea63440f75763094d8582
access-control-allow-headers: Authorization,*
expires: Fri, 09 Aug 2024 19:03:47 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
717 B 209ms
207ms Ping
text/plain 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 11d4f9f4
date: Fri, 09 Aug 2024 19:03:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408091903474DA2F11D16AEC6B72C67-0B11A2130BD9DA44-00
x-cache: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
server-timing: inner; dur=16, cdn-cache; desc=MISS, edge; dur=9, origin; dur=19
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202408091903474DA2F11D16AEC6B72C67
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 19,23.218.223.73
x-tt-trace-host: 012588a0342afe945991ac6c75e79c33d963ba08aff6c43c5b9bb637bc02011ebd974fe6f8ec8e81b7d5239bafcbcb0ca8aa2db39cc3e9d03a10914b1d2cbbda41fc29f2ab1808637739c684ec57891b97f6c2f27a9220b2166434372773842956
access-control-allow-headers: Authorization,*
expires: Fri, 09 Aug 2024 19:03:47 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
717 B 337ms
328ms Ping
text/plain 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 11d4f9f5
date: Fri, 09 Aug 2024 19:03:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408091903470E0A7925113A0BE26332-7E3E2C8C926EA871-00
x-cache: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
server-timing: inner; dur=92, cdn-cache; desc=MISS, edge; dur=26, origin; dur=125
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202408091903470E0A7925113A0BE26332
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 126,23.218.223.73
x-tt-trace-host: 012588a0342afe945991ac6c75e79c33d963ba08aff6c43c5b9bb637bc02011ebdb08cf99a7e5037bdb281e8f815e90b5ec810408a8214b1d41ca1d94206858fc5017fb374cbf1f2be3d2674b6fe6bc4861327a8964b457ffa5101d81014d8fb11
access-control-allow-headers: Authorization,*
expires: Fri, 09 Aug 2024 19:03:47 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
719 B 210ms
202ms Ping
text/plain 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 11d4f9f6
date: Fri, 09 Aug 2024 19:03:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408091903473C52E98EA68D8DDF0164-4C5B3242DF1D598D-00
x-cache: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=9, origin; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202408091903473C52E98EA68D8DDF0164
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.218.223.73
x-tt-trace-host: 012588a0342afe945991ac6c75e79c33d963ba08aff6c43c5b9bb637bc02011ebd97c6d9086139b4fb7706b93995b4b7cbd24321b139b43d45041be24c0ef58bb743b1bc2a519eb92630bf849f3f920c5396bd207d34e484dc026ef02e8e3e3598
access-control-allow-headers: Authorization,*
expires: Fri, 09 Aug 2024 19:03:47 GMT

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
118 B 99ms
98ms XHR
text/plain 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://jaestephens.lnk.to
date: Fri, 09 Aug 2024 19:03:47 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b0a02188bf3ac9a-YYZ
vary: Origin

GET getpixels
pixels.ad.gt/api/v1/ 0
0

POST
H2 200 p
tr6.snapchat.com/ 0
46 B 104ms
94ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google, 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
143 B 104ms
104ms Image
image/gif 44.236.255.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001723230226-J7E9GQN7-T2KO&halo_id=060ixdlju6a658ljabfk6hc7j6jeackcddiuok0wi0e0y40wegoy0si2w0wmeiyik
Requested by: Host: jaestephens.lnk.to
URL: https://jaestephens.lnk.to/BodyFavors?utm_source=dotmailer&utm_medium=email&utm_campaign=559000_08.09.24_Def%20Jam_Def%20Jam%20Newsletter_FULL_231785_US&dm_i=4YUH,BZBS,3D2TUT,1SW8M,1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.255.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-255-143.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

POST
H2 200 p
tr.snapchat.com/ 0
45 B 90ms
86ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://jaestephens.lnk.to
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
718 B 201ms
199ms Ping
text/plain 23.205.107.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.107.73 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-107-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 11d4fcca
date: Fri, 09 Aug 2024 19:03:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24080919034735839B6C42B2ECE164C0-46E0DC2DA05062AB-00
x-cache: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
server-timing: inner; dur=118, cdn-cache; desc=MISS, edge; dur=9, origin; dur=121
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024080919034735839B6C42B2ECE164C0
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 121,23.218.223.73
x-tt-trace-host: 012588a0342afe945991ac6c75e79c33d963ba08aff6c43c5b9bb637bc02011ebd6d5fb020c0417aa5873d742590200c217adc7e0a4c153a159b96eddd30d704a124c9c67732ac62b86e4ab03fa67b83f6776f1c23f3836553163f83aead118635
access-control-allow-headers: Authorization,*
expires: Fri, 09 Aug 2024 19:03:47 GMT

GET
H2

200

google
c.lytics.io/c/provider/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm&google_nid=lytics&google_hm=MzcyZTczNDMtZDAxOC00N2JjLWEyZWEtN2RkOThjZWM3NzBk
https://c.lytics.io/c/provider/google?google_gid=CAESEAIHKBeOXBUagkvWsRArUdM&google_cver=1

35 B
368 B

64ms
63ms

Image
image/gif

104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/provider/google?google_gid=CAESEAIHKBeOXBUagkvWsRArUdM&google_cver=1

Requested by

Protocol

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
x-error-message: Not found
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=otPo0NJtiNhah163WnGre0Ug3tSSCxFGKgn%2FPDcATJIeOGv9q38Qt8bkmQjy34Rh8nxb4Z9MHHUvEYC4PjxowgVDILG96VqZVXHXiGbBmvcz6Yv%2BL7xVzu99uJQM"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 1d2e3d3c9863e8845b7c2cc8035bf160
cf-ray: 8b0a0219ce3fac70-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c.lytics.io/c/provider/google?google_gid=CAESEAIHKBeOXBUagkvWsRArUdM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 199ms
53ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1711600715555173&ev=LF&dl=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&rl=&if=false&ts=1723230227442&cd[artist]=Jae%20Stephens&cd[album]=Body%20Favors&cd[upcs]=%5B%2200602475036753%22%5D&cd[genre]=%5B%22R%26B%2FSoul%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=Def%20Jam%20US&cd[url]=jaestephens.lnk.to%2FBodyFavors&cd[countryCode]=CA&cd[country]=Canada&cd[city]=Toronto&cd[artists]=%5B%22Jae%20Stephens%22%5D&cd[oid]=6f04753c-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=8fc0a72d-4c47-11e6-9fd0-066c3e7a8751&cd[linkId]=bad42e45-4cb0-4531-9941-f56592ff64dc&cd[furl]=jaestephens.lnk.to%2FBodyFavors&cd[domain]=jaestephens.lnk.to&cd[subdomain]=jaestephens&cd[luuid]=bad42e45-4cb0-4531-9941-f56592ff64dc&cd[ouuid]=6f04753c-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=8fc0a72d-4c47-11e6-9fd0-066c3e7a8751&cd[sid]=678de808e0706fa3f155d3847a1a4c17&cd[uid]=66b668109b2ea9.12423094&cd[channel]=Original&cd[referrer]=direct&cd[timestamp]=09%3A08%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723230227412.694594161868112066&ler=empty&cdl=API_unavailable&it=1723230226105&coo=false&tm=2&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1316, tbw=2881, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Aug 2024 19:03:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 338ms
192ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1711600715555173&ev=LF&dl=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&rl=&if=false&ts=1723230227442&cd[artist]=Jae%20Stephens&cd[album]=Body%20Favors&cd[upcs]=%5B%2200602475036753%22%5D&cd[genre]=%5B%22R%26B%2FSoul%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=Def%20Jam%20US&cd[url]=jaestephens.lnk.to%2FBodyFavors&cd[countryCode]=CA&cd[country]=Canada&cd[city]=Toronto&cd[artists]=%5B%22Jae%20Stephens%22%5D&cd[oid]=6f04753c-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=8fc0a72d-4c47-11e6-9fd0-066c3e7a8751&cd[linkId]=bad42e45-4cb0-4531-9941-f56592ff64dc&cd[furl]=jaestephens.lnk.to%2FBodyFavors&cd[domain]=jaestephens.lnk.to&cd[subdomain]=jaestephens&cd[luuid]=bad42e45-4cb0-4531-9941-f56592ff64dc&cd[ouuid]=6f04753c-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=8fc0a72d-4c47-11e6-9fd0-066c3e7a8751&cd[sid]=678de808e0706fa3f155d3847a1a4c17&cd[uid]=66b668109b2ea9.12423094&cd[channel]=Original&cd[referrer]=direct&cd[timestamp]=09%3A08%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723230227412.694594161868112066&ler=empty&cdl=API_unavailable&it=1723230226105&coo=false&tm=2&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x930a64b9801df73b","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["23:5746659678753878","7811:5746659678753878","10193:5746659678753878","10853:5746659678753878","40:5746659678753878","8050:5746659678753878"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 09 Aug 2024 19:03:47 GMT
x-fb-server-load: 40
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401217468777511186", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=14, mss=1316, tbw=9087, tp=-1, tpl=-1, uplat=148, ullat=0
pragma: no-cache
x-fb-debug: cRXxcOGO80PzosEl0N4Y3hIdDmXEdp34BQG962SXap44cwIYX2pKXbg7IK/uIuRjwiQ6cdT6RIX93cm99hu4Cg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401217468777511186"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 200ms
55ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1711600715555173&ev=LF_pageview&dl=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&rl=&if=false&ts=1723230227448&cd[artist]=Jae%20Stephens&cd[album]=Body%20Favors&cd[upcs]=%5B%2200602475036753%22%5D&cd[genre]=%5B%22R%26B%2FSoul%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=Def%20Jam%20US&cd[url]=jaestephens.lnk.to%2FBodyFavors&cd[countryCode]=CA&cd[country]=Canada&cd[city]=Toronto&cd[artists]=%5B%22Jae%20Stephens%22%5D&cd[oid]=6f04753c-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=8fc0a72d-4c47-11e6-9fd0-066c3e7a8751&cd[linkId]=bad42e45-4cb0-4531-9941-f56592ff64dc&cd[furl]=jaestephens.lnk.to%2FBodyFavors&cd[domain]=jaestephens.lnk.to&cd[subdomain]=jaestephens&cd[luuid]=bad42e45-4cb0-4531-9941-f56592ff64dc&cd[ouuid]=6f04753c-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=8fc0a72d-4c47-11e6-9fd0-066c3e7a8751&cd[sid]=678de808e0706fa3f155d3847a1a4c17&cd[uid]=66b668109b2ea9.12423094&cd[channel]=Original&cd[referrer]=direct&cd[timestamp]=09%3A08%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723230227412.694594161868112066&ler=empty&cdl=API_unavailable&it=1723230226105&coo=false&tm=2&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1316, tbw=2881, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Aug 2024 19:03:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
850 B 336ms
191ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1711600715555173&ev=LF_pageview&dl=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&rl=&if=false&ts=1723230227448&cd[artist]=Jae%20Stephens&cd[album]=Body%20Favors&cd[upcs]=%5B%2200602475036753%22%5D&cd[genre]=%5B%22R%26B%2FSoul%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=Def%20Jam%20US&cd[url]=jaestephens.lnk.to%2FBodyFavors&cd[countryCode]=CA&cd[country]=Canada&cd[city]=Toronto&cd[artists]=%5B%22Jae%20Stephens%22%5D&cd[oid]=6f04753c-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=8fc0a72d-4c47-11e6-9fd0-066c3e7a8751&cd[linkId]=bad42e45-4cb0-4531-9941-f56592ff64dc&cd[furl]=jaestephens.lnk.to%2FBodyFavors&cd[domain]=jaestephens.lnk.to&cd[subdomain]=jaestephens&cd[luuid]=bad42e45-4cb0-4531-9941-f56592ff64dc&cd[ouuid]=6f04753c-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=8fc0a72d-4c47-11e6-9fd0-066c3e7a8751&cd[sid]=678de808e0706fa3f155d3847a1a4c17&cd[uid]=66b668109b2ea9.12423094&cd[channel]=Original&cd[referrer]=direct&cd[timestamp]=09%3A08%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723230227412.694594161868112066&ler=empty&cdl=API_unavailable&it=1723230226105&coo=false&tm=2&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 09 Aug 2024 19:03:47 GMT
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401217470459444057", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=14, mss=1316, tbw=7003, tp=-1, tpl=-1, uplat=147, ullat=0
pragma: no-cache
x-fb-debug: 3yuUqDdswafSGQQ6Xq22WiAV52kZb9ic/kece4eN52EnbPc9oNHc8t99ba/E+BzzWTLW7E2gNJROGPVNoJf51A==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401217470459444057"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 195ms
50ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1711600715555173&ev=PageView&dl=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&rl=&if=false&ts=1723230227454&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=4126&fbp=fb.1.1723230227412.694594161868112066&ler=empty&cdl=API_unavailable&it=1723230226105&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1316, tbw=2881, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Aug 2024 19:03:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 333ms
188ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1711600715555173&ev=PageView&dl=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&rl=&if=false&ts=1723230227454&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=4126&fbp=fb.1.1723230227412.694594161868112066&ler=empty&cdl=API_unavailable&it=1723230226105&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 09 Aug 2024 19:03:47 GMT
document-policy: force-load-at-top
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401217469138328073", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=14, mss=1316, tbw=3710, tp=-1, tpl=-1, uplat=144, ullat=0
pragma: no-cache
x-fb-debug: TXBK0vH2TRV5CoHLsW1rEWDINlUQA6j+BS58yrjk1mdRRVMMury2DBBEJ7ZNHV5BtjBGkILStJXO56NSKZYxYA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401217469138328073"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 69ms
35ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=529815473883968&ev=PageView&dl=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&rl=&if=false&ts=1723230227464&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723230227412.694594161868112066&ler=empty&cdl=API_unavailable&hmd=a9e9f3e8e9b66e9ec07aa3d0&pl=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors&it=1723230226105&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=14, mss=1316, tbw=3407, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Aug 2024 19:03:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 171ms
137ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=529815473883968&ev=PageView&dl=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&rl=&if=false&ts=1723230227464&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723230227412.694594161868112066&ler=empty&cdl=API_unavailable&hmd=a9e9f3e8e9b66e9ec07aa3d0&pl=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors&it=1723230226105&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9d76d83311423192","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:8547487138595505","7830:8547487138595505","10853:8547487138595505","41:8547487138595505","8046:8547487138595505"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 09 Aug 2024 19:03:47 GMT
x-fb-server-load: 30
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401217468456130288", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=14, mss=1316, tbw=10272, tp=-1, tpl=-1, uplat=99, ullat=0
pragma: no-cache
x-fb-debug: OHTZDakxDVpxEpUs+9IS1NcmPHhUSSxKJ8hC8E87kArda5ReuPm4b0klUhlDCekZMyr4b/hYTEbycHR00ss/QA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401217468456130288"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 70ms
36ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=529815473883968&ev=LF&dl=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&rl=&if=false&ts=1723230227466&cd[artist]=Jae%20Stephens&cd[album]=Body%20Favors&cd[upcs]=%5B%2200602475036753%22%5D&cd[genre]=%5B%22R%26B%2FSoul%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=Def%20Jam%20US&cd[url]=jaestephens.lnk.to%2FBodyFavors&cd[countryCode]=CA&cd[country]=Canada&cd[city]=Toronto&cd[artists]=%5B%22Jae%20Stephens%22%5D&cd[oid]=6f04753c-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=8fc0a72d-4c47-11e6-9fd0-066c3e7a8751&cd[linkId]=bad42e45-4cb0-4531-9941-f56592ff64dc&cd[furl]=jaestephens.lnk.to%2FBodyFavors&cd[domain]=jaestephens.lnk.to&cd[subdomain]=jaestephens&cd[luuid]=bad42e45-4cb0-4531-9941-f56592ff64dc&cd[ouuid]=6f04753c-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=8fc0a72d-4c47-11e6-9fd0-066c3e7a8751&cd[sid]=678de808e0706fa3f155d3847a1a4c17&cd[uid]=66b668109b2ea9.12423094&cd[channel]=Original&cd[referrer]=direct&cd[timestamp]=09%3A08%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723230227412.694594161868112066&ler=empty&cdl=API_unavailable&it=1723230226105&coo=false&tm=2&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=14, mss=1316, tbw=3523, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Aug 2024 19:03:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 171ms
138ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=529815473883968&ev=LF&dl=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&rl=&if=false&ts=1723230227466&cd[artist]=Jae%20Stephens&cd[album]=Body%20Favors&cd[upcs]=%5B%2200602475036753%22%5D&cd[genre]=%5B%22R%26B%2FSoul%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=Def%20Jam%20US&cd[url]=jaestephens.lnk.to%2FBodyFavors&cd[countryCode]=CA&cd[country]=Canada&cd[city]=Toronto&cd[artists]=%5B%22Jae%20Stephens%22%5D&cd[oid]=6f04753c-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=8fc0a72d-4c47-11e6-9fd0-066c3e7a8751&cd[linkId]=bad42e45-4cb0-4531-9941-f56592ff64dc&cd[furl]=jaestephens.lnk.to%2FBodyFavors&cd[domain]=jaestephens.lnk.to&cd[subdomain]=jaestephens&cd[luuid]=bad42e45-4cb0-4531-9941-f56592ff64dc&cd[ouuid]=6f04753c-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=8fc0a72d-4c47-11e6-9fd0-066c3e7a8751&cd[sid]=678de808e0706fa3f155d3847a1a4c17&cd[uid]=66b668109b2ea9.12423094&cd[channel]=Original&cd[referrer]=direct&cd[timestamp]=09%3A08%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723230227412.694594161868112066&ler=empty&cdl=API_unavailable&it=1723230226105&coo=false&tm=2&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1d214bf0975f875c","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["23:4491271257586198","23:8547487138595505","7811:4491271257586198","7811:8547487138595505","10193:4491271257586198","10193:8547487138595505","10853:4491271257586198","10853:8547487138595505","40:4491271257586198","40:8547487138595505","8050:4491271257586198","8050:8547487138595505"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 09 Aug 2024 19:03:47 GMT
x-fb-server-load: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401217469508086501", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=14, mss=1316, tbw=11436, tp=-1, tpl=-1, uplat=99, ullat=0
pragma: no-cache
x-fb-debug: t9W493ywDlgK6L5M/QzHAoBZe2X5v1PvZYK+wKtqyMgCUfYSATs495PmEoF3mjU6Xx7ejMY/5v78Apbd8etbCA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401217469508086501"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 71ms
37ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=529815473883968&ev=LF_pageview&dl=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&rl=&if=false&ts=1723230227467&cd[artist]=Jae%20Stephens&cd[album]=Body%20Favors&cd[upcs]=%5B%2200602475036753%22%5D&cd[genre]=%5B%22R%26B%2FSoul%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=Def%20Jam%20US&cd[url]=jaestephens.lnk.to%2FBodyFavors&cd[countryCode]=CA&cd[country]=Canada&cd[city]=Toronto&cd[artists]=%5B%22Jae%20Stephens%22%5D&cd[oid]=6f04753c-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=8fc0a72d-4c47-11e6-9fd0-066c3e7a8751&cd[linkId]=bad42e45-4cb0-4531-9941-f56592ff64dc&cd[furl]=jaestephens.lnk.to%2FBodyFavors&cd[domain]=jaestephens.lnk.to&cd[subdomain]=jaestephens&cd[luuid]=bad42e45-4cb0-4531-9941-f56592ff64dc&cd[ouuid]=6f04753c-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=8fc0a72d-4c47-11e6-9fd0-066c3e7a8751&cd[sid]=678de808e0706fa3f155d3847a1a4c17&cd[uid]=66b668109b2ea9.12423094&cd[channel]=Original&cd[referrer]=direct&cd[timestamp]=09%3A08%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=4126&fbp=fb.1.1723230227412.694594161868112066&ler=empty&cdl=API_unavailable&it=1723230226105&coo=false&tm=2&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=14, mss=1316, tbw=3523, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Aug 2024 19:03:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 169ms
136ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=529815473883968&ev=LF_pageview&dl=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&rl=&if=false&ts=1723230227467&cd[artist]=Jae%20Stephens&cd[album]=Body%20Favors&cd[upcs]=%5B%2200602475036753%22%5D&cd[genre]=%5B%22R%26B%2FSoul%22%5D&cd[organisation]=Universal%20Music%20Group&cd[board]=Def%20Jam%20US&cd[url]=jaestephens.lnk.to%2FBodyFavors&cd[countryCode]=CA&cd[country]=Canada&cd[city]=Toronto&cd[artists]=%5B%22Jae%20Stephens%22%5D&cd[oid]=6f04753c-4c47-11e6-9fd0-066c3e7a8751&cd[bid]=8fc0a72d-4c47-11e6-9fd0-066c3e7a8751&cd[linkId]=bad42e45-4cb0-4531-9941-f56592ff64dc&cd[furl]=jaestephens.lnk.to%2FBodyFavors&cd[domain]=jaestephens.lnk.to&cd[subdomain]=jaestephens&cd[luuid]=bad42e45-4cb0-4531-9941-f56592ff64dc&cd[ouuid]=6f04753c-4c47-11e6-9fd0-066c3e7a8751&cd[buuid]=8fc0a72d-4c47-11e6-9fd0-066c3e7a8751&cd[sid]=678de808e0706fa3f155d3847a1a4c17&cd[uid]=66b668109b2ea9.12423094&cd[channel]=Original&cd[referrer]=direct&cd[timestamp]=09%3A08%3A2024&cd[action]=pageview&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=4126&fbp=fb.1.1723230227412.694594161868112066&ler=empty&cdl=API_unavailable&it=1723230226105&coo=false&tm=2&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x8e1be71e1978e242","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["23:8547487138595505","7811:8547487138595505","10193:8547487138595505","10853:8547487138595505","40:8547487138595505","8050:8547487138595505"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 09 Aug 2024 19:03:47 GMT
x-fb-server-load: 41
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401217470144618297", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=14, mss=1316, tbw=7875, tp=-1, tpl=-1, uplat=98, ullat=0
pragma: no-cache
x-fb-debug: smaJHpVO82Y97Pqquw1ZtOzzdaYmoeIhevhqxY+9u9NW22QRSFhC1x/+DDIIR/VxHivq+B2EMXnpYovTBDf6Xg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401217470144618297"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/784983735/ 42 B
64 B 59ms
57ms Image
image/gif 172.217.197.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/784983735/?random=1723230226374&cv=11&fst=1723230000000&bg=ffffff&guid=ON&async=1&gtm=45be4880v891621318za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&hn=www.googleadservices.com&frm=0&tiba=Jae%20Stephens%20-%20Body%20Favors&npa=0&pscdl=noapi&auid=339458840.1723230226&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfX7ftH6huA7jOKZio2B_oS_N_nLoOfhAe7DovyDhfjKwN8c2j&random=3031446202&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/784983735/ 42 B
64 B 66ms
63ms Image
image/gif 64.233.180.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/784983735/?random=1723230226374&cv=11&fst=1723230000000&bg=ffffff&guid=ON&async=1&gtm=45be4880v891621318za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&hn=www.googleadservices.com&frm=0&tiba=Jae%20Stephens%20-%20Body%20Favors&npa=0&pscdl=noapi&auid=339458840.1723230226&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfX7ftH6huA7jOKZio2B_oS_N_nLoOfhAe7DovyDhfjKwN8c2j&random=3031446202&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/784983735/ 42 B
64 B 57ms
56ms Image
image/gif 172.217.197.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/784983735/?random=1723230226450&cv=11&fst=1723230000000&bg=ffffff&guid=ON&async=1&gtm=45be4880v891621318za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&hn=www.googleadservices.com&frm=0&tiba=Jae%20Stephens%20-%20Body%20Favors&npa=0&pscdl=noapi&auid=339458840.1723230226&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&delc=Canada&data=event%3Dpage_view%3Bartist%3DJae%20Stephens%3Balbum%3DBody%20Favors%3Bupcs%3D00602475036753%3Bgenre%3DR%26B%2FSoul%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DDef%20Jam%20US%3Burl%3Djaestephens.lnk.to%2FBodyFavors%3BcountryCode%3DCA%3Bcountry%3DCanada%3Bcity%3DToronto%3Bartists%3DJae%20Stephens%3Baction%3Dpageview&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfXoLUYz1oVg4jzYCUbYBRs4munchB3GGemp_BbBTmcV_EdxMM&random=2434557168&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/784983735/ 42 B
64 B 64ms
63ms Image
image/gif 64.233.180.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/784983735/?random=1723230226450&cv=11&fst=1723230000000&bg=ffffff&guid=ON&async=1&gtm=45be4880v891621318za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&hn=www.googleadservices.com&frm=0&tiba=Jae%20Stephens%20-%20Body%20Favors&npa=0&pscdl=noapi&auid=339458840.1723230226&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&delc=Canada&data=event%3Dpage_view%3Bartist%3DJae%20Stephens%3Balbum%3DBody%20Favors%3Bupcs%3D00602475036753%3Bgenre%3DR%26B%2FSoul%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DDef%20Jam%20US%3Burl%3Djaestephens.lnk.to%2FBodyFavors%3BcountryCode%3DCA%3Bcountry%3DCanada%3Bcity%3DToronto%3Bartists%3DJae%20Stephens%3Baction%3Dpageview&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfXoLUYz1oVg4jzYCUbYBRs4munchB3GGemp_BbBTmcV_EdxMM&random=2434557168&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
744 B 57ms
53ms Script
text/javascript 173.194.66.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.66.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f100.1e100.net

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 18:07:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 09 Aug 2024 19:07:35 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 56ms
54ms Script
text/javascript 173.194.66.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.66.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f100.1e100.net

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 18:36:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1665
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 09 Aug 2024 19:36:02 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 59ms
58ms XHR
text/plain 173.194.66.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1563574582&t=pageview&_s=1&dl=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&ul=en-ca&de=UTF-8&dt=Jae%20Stephens%20-%20Body%20Favors&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUIZAAAAACAAI~&jid=592527161&gjid=674920108&cid=1513319937.1723230227&tid=UA-54175133-1&_gid=1851056253.1723230227&_r=1&gtm=457e4880za200&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&jsscut=1&z=760214743

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.66.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jaestephens.lnk.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/802909747/ 42 B
64 B 64ms
63ms Image
image/gif 172.217.197.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/802909747/?random=1723230227008&cv=11&fst=1723230000000&bg=ffffff&guid=ON&async=1&gtm=45be4880v9161945549za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&hn=www.googleadservices.com&frm=0&tiba=Jae%20Stephens%20-%20Body%20Favors&npa=0&pscdl=noapi&auid=339458840.1723230226&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfm0DcITVo41N3GJMRwIqQs_YlzJdabvB7l8IejJDShWxq4G0y&random=132150824&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/802909747/ 42 B
64 B 64ms
62ms Image
image/gif 64.233.180.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/802909747/?random=1723230227008&cv=11&fst=1723230000000&bg=ffffff&guid=ON&async=1&gtm=45be4880v9161945549za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&hn=www.googleadservices.com&frm=0&tiba=Jae%20Stephens%20-%20Body%20Favors&npa=0&pscdl=noapi&auid=339458840.1723230226&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfm0DcITVo41N3GJMRwIqQs_YlzJdabvB7l8IejJDShWxq4G0y&random=132150824&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/802909747/ 42 B
64 B 151ms
143ms Image
image/gif 172.217.197.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/802909747/?random=1723230227055&cv=11&fst=1723230000000&bg=ffffff&guid=ON&async=1&gtm=45be4880v9161945549za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&hn=www.googleadservices.com&frm=0&tiba=Jae%20Stephens%20-%20Body%20Favors&npa=0&pscdl=noapi&auid=339458840.1723230226&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&delc=Canada&data=event%3Dpage_view%3Bartist%3DJae%20Stephens%3Balbum%3DBody%20Favors%3Bupcs%3D00602475036753%3Bgenre%3DR%26B%2FSoul%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DDef%20Jam%20US%3Burl%3Djaestephens.lnk.to%2FBodyFavors%3BcountryCode%3DCA%3Bcountry%3DCanada%3Bcity%3DToronto%3Bartists%3DJae%20Stephens%3Baction%3Dpageview&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfTXESsHQ_QZgdWvp7YIp_VZxPHjp7PaZDD461XT1dlxevDcME&random=267720947&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/802909747/ 42 B
64 B 69ms
61ms Image
image/gif 64.233.180.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/802909747/?random=1723230227055&cv=11&fst=1723230000000&bg=ffffff&guid=ON&async=1&gtm=45be4880v9161945549za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&hn=www.googleadservices.com&frm=0&tiba=Jae%20Stephens%20-%20Body%20Favors&npa=0&pscdl=noapi&auid=339458840.1723230226&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&delc=Canada&data=event%3Dpage_view%3Bartist%3DJae%20Stephens%3Balbum%3DBody%20Favors%3Bupcs%3D00602475036753%3Bgenre%3DR%26B%2FSoul%3Borganisation%3DUniversal%20Music%20Group%3Bboard%3DDef%20Jam%20US%3Burl%3Djaestephens.lnk.to%2FBodyFavors%3BcountryCode%3DCA%3Bcountry%3DCanada%3Bcity%3DToronto%3Bartists%3DJae%20Stephens%3Baction%3Dpageview&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfTXESsHQ_QZgdWvp7YIp_VZxPHjp7PaZDD461XT1dlxevDcME&random=267720947&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 19:03:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
34 B 104ms
96ms XHR
text/plain 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://jaestephens.lnk.to
date: Fri, 09 Aug 2024 19:03:47 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b0a021a2d49ac9a-YYZ
vary: Origin

GET getpixels
pixels.ad.gt/api/v1/ 0
0

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
34 B 105ms
97ms XHR
text/plain 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://jaestephens.lnk.to
date: Fri, 09 Aug 2024 19:03:47 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b0a021a2d4cac9a-YYZ
vary: Origin

GET getpixels
pixels.ad.gt/api/v1/ 0
0

GET
H2 200 google_dv360
c.lytics.io/c/f1d9d94ded8b13388a12e4bb69e532f1/ 35 B
406 B 69ms
69ms Image
image/gif 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/f1d9d94ded8b13388a12e4bb69e532f1/google_dv360?_ts=1723230227607&_nmob=t&_device=desktop&url=jaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&_ga=GA1.2.1513319937.1723230227&_uid=372e7343-d018-47bc-a2ea-7dd98cec770d&_v=3.0.36

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YR83LhsNJexQI7girwMx1i76ct0BmZD2axTZAoKqKiO%2BvhaCqQP9rPU3bBdJ2av2bfaSGVZ3Li5GFRUUYp6lWNOBTNnYPuufNwSaDp1WLoDwbM1H327mEIBw6TyX"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 7a3a9624d2f03979cd735c76d1dc9668
cf-ray: 8b0a021abee1ac70-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 215ms
70ms XHR
application/json 173.194.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202408070101&st=env

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTM2ZmRjOGQyMA.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f154.1e100.net

Software

cafe /

Resource Hash

4e4a25a38e2a55635b488c369f06a49778d0bdd4f428ccb3dd967276e6b977f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12926
x-xss-protection: 0

GET
H2 200 favicon.ico
static.assetlab.io/redirector-prod/3.163.0/img/icons/ 1 KB
2 KB 49ms
49ms Other
image/vnd.microsoft.icon 52.85.151.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.163.0/img/icons/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-104.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6612dd210a4b7623c5c1f4e0d1cc38745fe818da57d3af521527d4cae9d06df1

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: mqJ.lIUN0AkXBSiLtOueXhGmSjTjnW7Y
date: Fri, 09 Aug 2024 12:31:44 GMT
via: 1.1 a1157b69a14bebe8162237750a074fae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Aug 2024 12:23:26 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
age: 27646
x-amz-server-side-encryption: AES256
etag: "a1dc412a42d1c7f6a905633a93f0fe06"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
content-length: 1150
x-amz-cf-id: Pjmre-t6cE8mVp6Sbt-jKev6bTy-xZg5HgZaM3OOGv2kMdN4gc2N-w==

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 103 KB
22 KB 39ms
38ms Script
text/javascript 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a0f3694e0c1a799d58c517dc9fc267b089fffd11d447d9d379daff24c362010

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 09 Aug 2024 17:44:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4743
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FAgl6N09cdurSLiT5V7WT70iPG3jDsgvQMa5jAvHJuexP9iHRWfy2ZlKDBT3f1LdkCtk%2BR5ga3DF8%2FHTp0DKgWwPwWU7m8lWy00jZOM0m3CDw%2BTGKhUAjrdlluwL"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 8b0a021c885cac70-YYZ

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 21 KB
4 KB 40ms
39ms Stylesheet
text/css 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efdc3d2e048a532d0bd1b49483ea9908ce1d60e3518971f08faa118f344b76f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 09 Aug 2024 17:45:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4709
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X2Ru1hsvRDWbtcpxT2dtFSC11WQtmWbzdmNyA2LuElH5WsN8jb5teuLzWaYvcELVBFgMRlnPIZojzyOsvdJNA53uNj6ZikYkcXyx5XW%2BLoDcd0E21Z3zqBkv4hDi"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 8b0a021cd892ac70-YYZ

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/f1d9d94ded8b13388a12e4bb69e532f1/ 302 B
558 B 33ms
33ms Script
application/javascript 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/program/campaign/config/f1d9d94ded8b13388a12e4bb69e532f1/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/f1d9d94ded8b13388a12e4bb69e532f1/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebb10e03bfe495ef4a51f61ab2e3c9e3b94cb8bc1e4b2c5294e9d8c94550fb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:47 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4748
content-length: 215
last-modified: Fri, 09 Aug 2024 17:44:39 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mnHeO5FDYhsr1AZ1yqe0MrILbuPD0IINQzDzXmLwGX7BnGtBuID5afARieHQnCRpaOOiVyb3hJAXTt3Sw7SRHIKJPv11U4zrjkQxbzLy0JFVqEdrtX4Yah6csfNT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
x-lytics-trace: 1686b27802f19d4fdb729ef25b55803f
accept-ranges: bytes
cf-ray: 8b0a021cd89fac70-YYZ

GET
H2 200 favicon-32x32.png
static.assetlab.io/redirector-prod/3.163.0/img/icons/ 890 B
1 KB 45ms
44ms Other
image/png 52.85.151.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.163.0/img/icons/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-104.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bb9eaf55f6b1925fd4cd5c541bbecf276034beaeb6709556bfbce24990239de

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: DS8ulPp.EToRPN.DEL9AexmqElistBoN
date: Fri, 09 Aug 2024 12:37:37 GMT
via: 1.1 a1157b69a14bebe8162237750a074fae.cloudfront.net (CloudFront)
last-modified: Tue, 06 Aug 2024 12:23:26 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
age: 23171
x-amz-server-side-encryption: AES256
etag: "a55d7209ea91a404dd1317f89985f559"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 890
x-amz-cf-id: pzJ6LsdSOV1EqBS6x_uI9rucYrMh_DXpOxCAtK49nhAZLhOgRLac5Q==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 162ms
50ms Script
text/javascript 173.194.207.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408070101/pubads_impl.js?cb=31085956

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 19:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Aug 2024 19:03:48 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6759 0
0 153ms
49ms Document
text/html 173.194.207.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jaestephens.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 196262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Aug 2024 12:32:46 GMT
expires: Thu, 07 Aug 2025 12:32:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 806B 0
0 177ms
62ms Document
text/html 172.217.197.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f106.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aWVQkylWvzllWxToLPrPvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jaestephens.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-aWVQkylWvzllWxToLPrPvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 09 Aug 2024 19:03:48 GMT
expires: Fri, 09 Aug 2024 19:03:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixels.ad.gt
URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=79dec93c3fb9d08be02432e0f8533b9b&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&code=%27none%27

Domain: pixels.ad.gt
URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=79dec93c3fb9d08be02432e0f8533b9b&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&code=%27none%27

Domain: pixels.ad.gt
URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=a6f8f1ab2abb3bc7385275523c0e9ab8&url=https%3A%2F%2Fjaestephens.lnk.to%2FBodyFavors%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D559000_08.09.24_Def%2520Jam_Def%2520Jam%2520Newsletter_FULL_231785_US%26dm_i%3D4YUH%2CBZBS%2C3D2TUT%2C1SW8M%2C1&code=%27none%27

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202408070101&jk=2195805783835952&bg=!X1ylXBPNAAZjy5caQ8s7ADQBe5WfOI3P6YzZyjKzXNivlbqZRA3R_lfE4PzoLPQOTtugXCYCCW7uZFi0NfH20BpkkCQ-AgAAA19SAAAACWgBB34ANvo4-IOev8JgoWW5JMxjtthuUjUcVjAR6fcaAbPy5iXIvXwcoc7T9NdSzRE0IKvSZAlGOIkqVJkCqkSGFyv5WDaAhIJiRDFIpXu6q7CmX1utSp16EpjYRzxRFD5HzKSbWqscqe0tMFgPXUFnmDd-9gse0YZ0Qr01Of8l_6gQLfofj8GP1AfcGvg6lDfz2U0-MSeWO7R-O3qaqmvVB_kD2zVfHT26a1SfmtH9i-S7gsSjpNpXObobVYjazMMvuQ-N48i5maBvwgGrLeWH7gr9kz94W5gCj40RL2RyKj1ujQRD5lyOlGScuzwg-klRFTJwH8e4hlB0HtYXMGVCd08F2Zd36IGIQz4qQVvzpBPKjs6iYvpDtI9G8oLKMixmWitWeP7b1MINBHouGFDZ_qug4aJAlqWUBUS_7GnVdLABjHubfN3g2Pv8VkUVD0YDQqysPJfw-WI7P8eSkTAtJeip2B8yBl9arp6_Qz4xOtz31AUZneM74oHUTpwvXCF-vQRpVtPCpW3l-fagaezcQ9L0ULpBZN49SnLcihFwG1dfHmVIFnwlnHMLz4V2yg_MfwA6bFXQ3VEb9kvlvg-c7ZeEiTWI-IwrVHtCmfpn0p0sdyUgg_9yMZ23N5cYP9TCfw4jJzCtFtjVHLCCyQk-y_swNZ1ES2FapC3dGH3vuD2N1rAugt0qXIqogMRsbRXloDpBh1mrKK43mDc74EKDbKylPcUxMp9nijZi0s7cB8rWDTp0XzOq4oOA8nG--xKg0FKuCLyPM114fuUc-RdAMC6h7xi33aeP3KGGn3gX5VF5o6AF2x6_JwDa0sg29nSZKHU2wxSaGVCaxdF40ThVOvVKWo2MkI9_F_Ptzh8Na-6nOgRgA4Mzn1kiET7hTWSPghTDS4Dp6-jwEa-kCRKSg1jzY5Mr-x4Xd9xgGejhWIwMEtXeFOoxK39lRaM2XpxjbwjzdGEESwrBV-7fzRzb9pZFxA3UJN4

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 22:41:56	Name: X-AB Value: 3c1412b8a0a94f31a19b66f8b63dbed5
.us.umusic-online.com/	1970-01-20 22:40:32	Name: __cf_bm Value: Iw_4E3j4I2lJTFdxzCSkRbjsA4RjufDjVXc7QutzXeg-1723230224-1.0.1.1-m5iE9iPfCiUSoumRaJHyIeW86w4FJ5k4Mmplh6d9OhxQC3OpHbWJqNalSYgSEPXvQXYlbjNAEHxLm_bJBABLCw
.lnk.to/	1970-01-20 22:40:30	Name: LF_session_b1808b36c8d790acf480b07188e1f62f Value: 1
.ad.gt/	1969-12-31 23:59:59	Name: au_3p_check Value: 1
.lnk.to/	1970-01-21 08:10:16	Name: _scid Value: b4b7d4fc-bf71-4c6b-a077-853f914ce86b
.lnk.to/	1970-01-21 08:10:16	Name: _scid_r Value: b4b7d4fc-bf71-4c6b-a077-853f914ce86b
.tiktok.com/	1970-01-21 08:02:06	Name: _ttp Value: 2kQyiwKDTOgXahMxbQxjQDH9od5
.lnk.to/	1970-01-21 08:16:30	Name: __td_signed Value: true
.lnk.to/	1970-01-21 08:16:30	Name: _td Value: c3afb9c5-bfb6-477c-8381-9a20eb84feeb
.jaestephens.lnk.to/	1970-01-21 07:26:06	Name: _au_1d Value: AU1D-0100-001723230226-J7E9GQN7-T2KO
.jaestephens.lnk.to/	1970-01-20 22:40:32	Name: seerses Value: e
.lnk.to/	1970-01-21 00:50:06	Name: _gcl_au Value: 1.1.339458840.1723230226
.lnk.to/	1970-01-21 08:02:06	Name: __gads Value: ID=5605f587e27dfe2a:T=1723230225:RT=1723230225:S=ALNI_MZcU6PAuTQLi29xpuZSd67sj7JCAg
.lnk.to/	1970-01-21 08:02:06	Name: __gpi Value: UID=00000ec8cfce03eb:T=1723230225:RT=1723230225:S=ALNI_Mag1AW0_2UFAiQKW5zjP_GHeBxCJw
.lnk.to/	1970-01-21 02:59:42	Name: __eoi Value: ID=9c1c9320f1f3ba1b:T=1723230225:RT=1723230225:S=AA-AfjZwLJsDNO3J12r-LTgaIVwn
.scorecardresearch.com/	1970-01-21 08:02:06	Name: UID Value: 13Cc3b4a07497d1ddc6c8d41723230226
.scorecardresearch.com/	1970-01-21 08:02:06	Name: XID Value: 13Cc3b4a07497d1ddc6c8d41723230226
.adnxs.com/	1970-01-21 00:50:06	Name: XANDR_PANID Value: 8Mpo5Djhphy59WXi5SuRQaVPWOnabVMCrYnMvpzCS4RADpbARXfTtAk2o5YtcDs-Afkz0EbRIOQGrqypTweYSi1XTxDkVEL9BWMN2AexbjM.
.adnxs.com/	1970-01-21 08:16:30	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:50:06	Name: uuid2 Value: 8313656486714025574
.rubiconproject.com/	1970-01-21 07:26:06	Name: audit_p Value: 1\|SplGcL1WQ93dPTCByTHNrnS0Wn6oPVWdYxeA/LPk2LzH5NJDjBcymRTxsk3t3AtgjECkZ6/TA7hBK03vAHceEHP0swe0RknJoRjbyWWLTN4j5+SvyefVPHoIhkm+fl1G0zxzrO92Ag98dtMR76I92Rb29MxeCdnyzY7yoJVHQ3jeJRBGYIPH7rKpUjWTmmg0
.rubiconproject.com/	1970-01-21 07:26:06	Name: khaos Value: LZN2S8N0-1R-7M1W
.rubiconproject.com/	1970-01-21 07:26:06	Name: khaos_p Value: LZN2S8N0-1R-7M1W
.rubiconproject.com/	1970-01-21 07:26:06	Name: audit Value: 1\|SplGcL1WQ93dPTCByTHNrnS0Wn6oPVWdYxeA/LPk2LzH5NJDjBcymRTxsk3t3AtgjECkZ6/TA7hBK03vAHceEHP0swe0RknJoRjbyWWLTN4j5+SvyefVPHoIhkm+fl1G0zxzrO92Ag98dtMR76I92Rb29MxeCdnyzY7yoJVHQ3jeJRBGYIPH7rKpUjWTmmg0
.tapad.com/	1970-01-21 00:06:54	Name: TapAd_TS Value: 1723230226632
.tapad.com/	1970-01-21 00:06:54	Name: TapAd_DID Value: 3632ceb7-7122-4bd3-bd82-7d62bc5fb140
.adsrvr.org/	1970-01-21 07:26:06	Name: TDID Value: b536f7cb-94b6-4386-b7f2-7250b09045af
.pubmatic.com/	1970-01-21 00:50:06	Name: KTPCACOOKIE Value: true
.ad.gt/	1970-01-21 07:26:06	Name: au_id Value: AU1D-0100-001723230226-J7E9GQN7-T2KO
.jaestephens.lnk.to/	1970-01-21 08:16:30	Name: seerid Value: 372e7343-d018-47bc-a2ea-7dd98cec770d
.pubmatic.com/	1970-01-21 07:26:06	Name: KADUSERCOOKIE Value: A940F01A-CED2-4F4A-BCD0-E076F1DEC8F8
.adsrvr.org/	1970-01-21 07:26:06	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjo-K71gKycPRAFGAEgASgCMgsI_u6xopesnD0QBTgBWgV0YXBhZGAC
.lytics.io/	1970-01-21 08:16:30	Name: seerid Value: 372e7343-d018-47bc-a2ea-7dd98cec770d
.openx.net/	1970-01-21 07:26:06	Name: i Value: 032cdcc1-0fdc-4491-ac7e-ff26a39d56f2\|1723230226
.doubleclick.net/	1970-01-21 08:16:30	Name: IDE Value: AHWqTUniwnzCFAx-Cum3bRwKzC9Q4veb2hUs6BVCxf8B4oE5oj9oU5HSprgaFImDNM0
.demdex.net/	1970-01-21 02:59:42	Name: demdex Value: 35593302282076354572148693058963493044
.lnk.to/	1970-01-21 08:16:30	Name: _ga_SK2KRMG100 Value: GS1.1.1723230226.1.0.1723230226.0.0.0
.t.co/	1970-01-21 08:16:30	Name: muc_ads Value: 7add3320-007a-48e1-98df-49cf4029fadd
.dpm.demdex.net/	1970-01-21 02:59:42	Name: dpm Value: 35593302282076354572148693058963493044
.in.treasuredata.com/	1970-01-21 08:16:30	Name: _td_global Value: 3f74be08-d109-4e6d-9176-7af3e527cf71
.twitter.com/	1970-01-21 08:16:30	Name: personalization_id Value: "v1_QkRkXSqzrISUhpqqXN1z+Q=="
.tapad.com/	1970-01-21 00:06:54	Name: TapAd_3WAY_SYNCS Value: 1!5347
.go.sonobi.com/	1970-01-21 07:26:06	Name: __uis Value: 2c16fe6a-46bf-4afc-918a-8a01db887177
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8654\|ZrZoF
.lnk.to/	1970-01-21 08:02:06	Name: _tt_enable_cookie Value: 1
.turn.com/	1970-01-21 02:59:42	Name: uid Value: 4235834547988288768
.lnk.to/	1970-01-21 08:02:06	Name: _ttp Value: dY2EgpWm3zrZ-LQFBG6MdJxuTUz
.colossusssp.com/	1970-01-21 07:26:06	Name: gtm_usr Value: c017fedd-ec6d-48f4-a343-23791beb9757
.colossusssp.com/	1970-01-21 07:26:06	Name: lmg_r Value: 66
.snapchat.com/	1970-01-21 08:02:06	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwQ3AMAgDwImQjLFC6Di0yRQZPt/e65a4uyoMY5VpfmEzq02E59sbgzouPJ4MBsg8v+ICRLyZE0AAAAA=
.lnk.to/	1970-01-20 22:50:35	Name: _ScCbts Value: %5B%5D
.lnk.to/	1970-01-21 00:50:06	Name: _fbp Value: fb.1.1723230227412.694594161868112066
.lnk.to/	1970-01-21 08:16:30	Name: _ga Value: GA1.2.1513319937.1723230227
.lnk.to/	1970-01-20 22:41:56	Name: _gid Value: GA1.2.1851056253.1723230227
.lnk.to/	1970-01-20 22:40:30	Name: _gat_gtag_UA_54175133_1 Value: 1
.lnk.to/	1970-01-21 08:10:16	Name: _sctr Value: 1%7C1723186800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8f7eeaedaa6b154ae300f809be90907f.safeframe.googlesyndication.com
a.ad.gt
analytics.tiktok.com
analytics.twitter.com
c.lytics.io
cdn.hadronid.net
cdn.linkfire.com
cdn.treasuredata.com
cm.g.doubleclick.net
connect.facebook.net
d.turn.com
dpm.demdex.net
googleads.g.doubleclick.net
id.hadron.ad.gt
ids.ad.gt
image2.pubmatic.com
jaestephens.lnk.to
linkstorage.linkfire.com
match.adsrvr.org
onetag-sys.com
p.ad.gt
pagead2.googlesyndication.com
pixel.tapad.com
pixels.ad.gt
platform.twitter.com
sb.scorecardresearch.com
sc-static.net
secure.adnxs.com
securepubads.g.doubleclick.net
services.linkfire.com
static.ads-twitter.com
static.assetlab.io
sync.1rx.io
sync.colossusssp.com
sync.go.sonobi.com
t.co
token.rubiconproject.com
tpc.googlesyndication.com
tr.snapchat.com
tr6.snapchat.com
u.openx.net
us.umusic-online.com
us01.records.in.treasuredata.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
pagead2.googlesyndication.com
pixels.ad.gt
104.22.4.69
104.22.5.69
104.22.53.173
104.244.42.195
104.26.2.22
108.138.64.106
13.249.39.122
146.75.28.157
157.240.229.1
157.240.229.35
172.217.197.106
172.240.155.108
172.66.0.126
172.67.23.234
173.194.175.155
173.194.175.156
173.194.175.97
173.194.204.157
173.194.205.157
173.194.207.132
173.194.66.100
173.194.68.154
18.160.10.79
18.165.83.104
18.67.76.13
192.229.163.25
209.85.201.132
23.205.107.73
3.163.245.4
3.33.220.150
34.111.113.62
34.200.107.235
34.226.66.151
35.190.43.134
35.244.159.8
44.209.241.117
44.236.255.143
51.222.239.230
52.85.151.104
64.233.180.94
68.67.160.137
69.166.1.35
69.173.146.5
69.194.240.13
69.194.242.12
72.21.81.130
8.28.7.83
047f4d701bf8b33cf7a9bb1b2511ea4a0a462c0f6d6f46f284770b25df54238b
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05a5fac03580933e0a88b0749020180b52b3f53580684264a0cae62686739071
0988674dcbae9072417b073f69fcb0a2f8b887dc6609a353bf51dbc9505e2d5f
0a62e2a09d9302d437f2946feb2e5c2d3933ce7c6bc1e6f984f4af0ac6ef81f0
0b859eae851e5007abfe9ad50cf55918e8c790e17abb52e30d67b1ed14002706
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ffb1d1dc49957a81f4f36a479bd27106c9ad65e55016ee652a29a1411c245d6
16dfe2622801a8049653ac7723d7f86a28592e5413198a419e4fbcf1753f0e07
1cdc48d2d02d42dab7aae3a1499a7a9467d578a04469c9ab27564f9b436a58ff
1df9c953053965fc56c34399bc55ac59f6ab462e6027ce3cb0643d8028319ab3
23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e
26d0665adb8baaa3e2352e065c04e89bb53bdaf3c824692a5446ab282a13d409
27c621bcf54245087460636275667abc0fada8175d4a824dd9bdca25ad3440d4
2953217b5e320afbe57db90ecb6b3081e7eeae485330fe325b8b1ff17519f3c4
298e1724e5a8ff4a0aae0986b5cfbe261483ae73bbbd896c36957b951dfa2782
2af0f5c12099fb857aeda94a926b0ab19f253b649b4b159f04f0f9e342de2d9f
2c562bbf0a899671eb08e7820d061513040d83fd8d29fe095757c162fd86f6c5
34078200e60ca43461630face48ad447b8f0b168fb47690f478072e2c1a9e5f5
3a26214bd1e8719fc7fba6929bdaab7d7f6971af5336aa013606160d1a580929
3c6be37faa97f53115f6ecc3fbd12b36008b98236e8994b5967e4f6eb674ee41
3ce9c869d01258f4e024478cbb35d9c6d905e247fe95a11984e5277a96dde0fd
40039e484599ff9d06a8b426c17036fd4808e27f9f80f36857f0dd43e398df35
443bd021aa712597d57545b3c4619aa0a85eeb7099228e1f88d94bc8395e0933
456b754e1caa7fcd288e77b75538dc19583a9196d8f49f56c16b90746ae8509f
46e6d969d3750cf78ff97f16a89cb39d85fd821ac85d18e8f37cce91d44f8f10
48442a68a245429c0b9e568a6aa953928ddfa30d565551ecf09fe2420479f2af
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4a0f3694e0c1a799d58c517dc9fc267b089fffd11d447d9d379daff24c362010
4bb9eaf55f6b1925fd4cd5c541bbecf276034beaeb6709556bfbce24990239de
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4e4a25a38e2a55635b488c369f06a49778d0bdd4f428ccb3dd967276e6b977f0
4fd4b7e713294135370ef4930c307da265fe617b2208d2ebe82550a206195740
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3
5a15ede2e1e08b7a537a814d9650c38d21a643029939c11ba64ebcad196ec666
5cb6351051390a39f597d6b8c1e466ef369c53f319f6dbfa82b5a21315deb9fe
5daff687839ebd17d7fa2a4c6910a9351e9b70d0db515d8d1b81f47feb83430d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63
6612dd210a4b7623c5c1f4e0d1cc38745fe818da57d3af521527d4cae9d06df1
6a01570a34308b3c89e3492bbeac7b2e0c7c3f7156c30260b9796a7624251fb3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b77e8b16934e41ec804bd55e7e0ad86a54691763faca0115bfbf030f360833c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc941967ca99e77acba81788e339b7a17ef89a05894911b347c82c6940c09a2
6fd2f6fd3de9bca254015dd0e7a468d206f64d6519f77ea9fa54a28c801ee0cf
7674c3e12cb0793756b5223f262e6cf44996cfed2d1326b69abff34d5d5d857d
7ddbf94d213292524ce720d82d612e1ed95c025daeae3271bd574de4a5e1a278
7f0ad4f7a0165d615fd89b316985e84b34bac0ae4b01c8440d20035a79b5882a
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8a84db9b68205fcfd5edd9dd6d022b315a2a0bfa1fac0483335210dde124ab02
8c554840debebb1ab92ddae039e500fb187996ee010f6a623cf7e801ab9f37b5
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8f49cce9bd323da713aca6487010ca645998561a5e7f0ce805f1c424e70bbcc1
90987f8be400d29ce8eac3c580d22f69aac11a85dfeb6af0acd32ffe613b106c
975f93c89036852225cae57756ec08a8a54b479e5084889dd5b7c1c5c4ea3533
9ab068eb0b8d6e3a68fca4324abf1863d484bfe06dcce3348448d0fa80bba11d
a526e6f162cefdb6a60ba47786e531e20c92c97c92347f8dbfe262d3ece1f131
a5dc7a155ab3ee249e7050d0783aeeafff50620bcb6560ed90465cbb1375a1da
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b424c8b96a0a79e02312ac23d09607c4006fd6d9242848089fbc19caceed805d
c15503f8f66e5fd8bed995c231a6fd0b5fa183f83ddaaa4b8948bc000bde2801
c2c6de23c5f547d7c9ef4e7e8f9d39763bd1e102349d4d275a78e1d18359b01d
c690c5c6a92b09f05ee624f3e114e1146ab1cd0ea0343bd2f20c5c0633ff8b64
ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff
d812f3c0511015c397cb86798af8b46a4d92130bbfb0adae32057045e1108a37
db5705fc667bcad46aad8fb85a4886672c7a74a5b391eaac027813c77b46583c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df70f2987ecc23e5472cd4f2c5188c6ed1142ec7990f5dc2a5e70901a9c671f2
e05072f03f20074c4f879c15fe499526026162b83a9f532c098243b83b897c7a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebb10e03bfe495ef4a51f61ab2e3c9e3b94cb8bc1e4b2c5294e9d8c94550fb95
ed9c49b306d4e301a8b843e4d5a7221dd10ba2c2b8b2210e127a21793af0e472
eeba3ace9cbfefe01391c267ac236776ebe26bf6cd629ea90a9fb07f7253042b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2fb7b3c360cfd7151533ebabcfea7ccadee9eb866b635c67a8b60a93814b51
efdc3d2e048a532d0bd1b49483ea9908ce1d60e3518971f08faa118f344b76f1
f1b320172542471f39032d57582ed6aeb2f242b1bdc1e4286046bff72f1747f9
f5ff26a923cb0acaff12f2cb375af4d3dc1e33a6040fe3f048dd8bb1a92980ad
fd745cefdeee961a34e41acc28c8d08ee5141e6e4c16b136bf1b066d9536aa25
fdaf641251a8854b64e807fef8f115f1e47cf644cfe6c76e0e36d067962bb9a3
ff362590942cd8bb93423aefea52b6f7c6cdabbc9e43e8e8833d6b3164959133

jaestephens.lnk.to Open in urlscan Pro 34.226.66.151 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

159 Requests

87 %HTTPS

0 %IPv6

36 Domains

49 Subdomains

37 IPs

3 Countries

1765 kBTransfer

5277 kBSize

56 Cookies

7 Outgoing links

Page URL History

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

jaestephens.lnk.to Open in urlscan Pro
34.226.66.151 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

87 %
HTTPS

0 %
IPv6

36
Domains

49
Subdomains

37
IPs

3
Countries

1765 kB
Transfer

5277 kB
Size

56
Cookies

159 HTTP transactions
0 data transactions