urlscan.io logo urlscan.io
SecurityTrails logo

jimmyfallon.lnk.to Open in urlscan Pro
54.72.188.190  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://us.umusic-online.com/4YU9-3F43-SSXF5-2UQ4W-1/c.aspx
Effective URL: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_20...
Submission: On December 08 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 13 domains to perform 54 HTTP transactions. The main IP is 54.72.188.190, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is jimmyfallon.lnk.to.
TLS certificate: Issued by Amazon on September 8th 2021. Valid for: a year.
This is the only time jimmyfallon.lnk.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    104.16.206.86 (None, )

ASN13335 (CLOUDFLARENET, US)
us.umusic-online.com
3    54.72.188.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-188-190.eu-west-1.compute.amazonaws.com
jimmyfallon.lnk.to
7    143.204.209.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-99.fra53.r.cloudfront.net
static.assetlab.io
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
1    13.32.22.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-72.fra56.r.cloudfront.net
linkstorage.linkfire.com
6    2600:9000:214f:b200:14:38a4:2ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
services.linkfire.com
4    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
11    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a48408812a811b1e48dbe170172ba357.safeframe.googlesyndication.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
11 www.youtube.com static.assetlab.io
www.youtube.com
7 static.assetlab.io jimmyfallon.lnk.to
static.assetlab.io
6 services.linkfire.com jimmyfallon.lnk.to
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 securepubads.g.doubleclick.net jimmyfallon.lnk.to
securepubads.g.doubleclick.net
3 jimmyfallon.lnk.to jimmyfallon.lnk.to
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 www.google.com www.youtube.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 a48408812a811b1e48dbe170172ba357.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 linkstorage.linkfire.com jimmyfallon.lnk.to
1 fonts.googleapis.com jimmyfallon.lnk.to
1 us.umusic-online.com 1 redirects
54 20

This site contains links to these domains. Also see Links.

Domain
music.apple.com
music.amazon.com
open.spotify.com
www.deezer.com
music.youtube.com
Subject Issuer Validity Valid
lnk.to
Amazon		 2021-09-08 -
2022-10-07		 a year crt.sh
static.assetlab.io
Amazon		 2021-11-20 -
2022-12-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
linkfire.com
Amazon		 2021-03-24 -
2022-04-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Frame ID: AA5D947A76315EA8AB105F1AC12CDAB0
Requests: 32 HTTP requests in this frame

Frame: https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Frame ID: 17DA9B3A646DCE35896EABD94FE73CC0
Requests: 18 HTTP requests in this frame

Frame: https://a48408812a811b1e48dbe170172ba357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 51A53AF72735913B1CBE4B054185BF15
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D0F24563895BCDEDC6DA98527415F07B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 57B04D28875CE98C00DBADEEDDBC4614
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

It Was A...(Masked Christmas)

Page URL History Show full URLs

  1. https://us.umusic-online.com/4YU9-3F43-SSXF5-2UQ4W-1/c.aspx HTTP 302
    https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_U... Page URL

Page Statistics

54
Requests

98 %
HTTPS

75 %
IPv6

13
Domains

20
Subdomains

20
IPs

4
Countries

1634 kB
Transfer

4737 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://us.umusic-online.com/4YU9-3F43-SSXF5-2UQ4W-1/c.aspx HTTP 302
    https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request itwasamaskedxmas
jimmyfallon.lnk.to/
Redirect Chain
  • https://us.umusic-online.com/4YU9-3F43-SSXF5-2UQ4W-1/c.aspx
  • https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
75 KB
75 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.188.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-188-190.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
65de69df55f9aeaaa55e23462c7b8ff3a9802fd437c9f3888a7c57b6ca23c8f0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 08 Dec 2021 18:50:57 GMT
content-type
text/html; charset=UTF-8
server
nginx
x-redirector-version
redirector-v3

Redirect headers

date
Wed, 08 Dec 2021 18:50:57 GMT
content-type
text/html; charset=utf-8
content-length
322
location
https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
cache-control
private
x-dm-activity-id
2639d450c0e74189a637f77b9a5c1d81
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ba82ea929c139c9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
release-classic.css
static.assetlab.io/red3/353/ 		69 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.assetlab.io/red3/353/release-classic.css
Requested by
Host: jimmyfallon.lnk.to
URL: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-99.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff58990f1277f052f93f21f4758d1e17c21f31a81bff87ca3d50a1783a0b888

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 08 Dec 2021 01:15:56 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 15:17:09 GMT
server
AmazonS3
age
63302
etag
W/"de12dab60df3a6c64519ae0db53743b6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
oA.zgFVsoViqYv0QNx41yE8W2P7Wu2MD
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
content-type
text/css
x-amz-cf-id
qznusx3twRwi4_uzp0BWGC-wg5cb2amEpPG6QXLkpUgcBoiKpiRsrQ==
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: jimmyfallon.lnk.to
URL: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 17:40:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 08 Dec 2021 18:50:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Dec 2021 18:50:57 GMT
release-classic-video.js
static.assetlab.io/red3/353/ 		413 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.assetlab.io/red3/353/release-classic-video.js
Requested by
Host: jimmyfallon.lnk.to
URL: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-99.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b94c603d497f95142c49a85d2d397b48ea30e24d5005a61b0a79cafe3ef5912

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
GmoblP_ntyuoV.PIZ5i_XIsp4JR2s_Pm
content-encoding
gzip
etag
W/"f1eb7a9e79bedc162836ec068b17976f"
last-modified
Tue, 30 Nov 2021 15:17:09 GMT
server
AmazonS3
age
56823
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
date
Wed, 08 Dec 2021 03:04:16 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
Isf3zMmz2qToKC21Xt5Zogse71O8JD0ZOa9QQK5u_KSnV18VOjyKdA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: jimmyfallon.lnk.to
URL: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
3f29550b363950a26ec1b1c7faab15c15736d233b0fc1b404c9cc443c120beec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 18:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1066 / 339 of 1000 / last-modified: 1638965328"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27037
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 08 Dec 2021 18:50:57 GMT
artwork-440x440.jpg
linkstorage.linkfire.com/medialinks/images/48d618d8-8500-470b-8c67-d8304d13d293/ 		157 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkstorage.linkfire.com/medialinks/images/48d618d8-8500-470b-8c67-d8304d13d293/artwork-440x440.jpg
Requested by
Host: jimmyfallon.lnk.to
URL: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-72.fra56.r.cloudfront.net
Software
The Great Gig In The Sky / Master of Puppets
Resource Hash
9547dfb45daec2fde40661fb2a2ea3e0348d202739cd5a932cfaf9dae6a93d8f
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10368000; includeSubdomains; preload
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
49972
x-powered-by
Master of Puppets
x-cache
Hit from cloudfront
date
Wed, 08 Dec 2021 05:03:45 GMT
content-length
160632
x-xss-protection
1; mode=block
x-linkfire-security
security@linkfire.com
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 06 Dec 2021 19:26:33 GMT
server
The Great Gig In The Sky
etag
"70a79d376b2e0bdd177fb2e4fb35d9f7"
expect-ct
max-age=0
x-frame-options
DENY
content-type
image/jpeg
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
GEqHBGILV0xjIkySzxA01ou_63LEDk3KgH3B6f0zrqBQQRp0EXe3Fg==
logo_applemusic_onlight.svg
services.linkfire.com/ 		7 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.linkfire.com/logo_applemusic_onlight.svg
Requested by
Host: jimmyfallon.lnk.to
URL: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 07:09:08 GMT
content-encoding
gzip
last-modified
Tue, 17 Nov 2020 11:13:55 GMT
server
AmazonS3
age
387710
etag
W/"3d4894f0254dc9d917c86fffd766046a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
nGo7v092Ub92VgXy.O3WmDeRgTKJPui3
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
content-type
image/svg+xml
x-amz-cf-id
WSaANgeRm9wcC3t3WV4Xe8bDrUB9ZUbHAqX3R_nPOm_pEJ4FlxRh6Q==
logo_amazonmusic_onlight.svg
services.linkfire.com/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.linkfire.com/logo_amazonmusic_onlight.svg
Requested by
Host: jimmyfallon.lnk.to
URL: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
012d4cc53ce9470d70ee381caa4ee89f4b4f5229922af1db0a5b23dbf0b67610

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 13:18:08 GMT
content-encoding
gzip
last-modified
Tue, 28 May 2019 09:23:52 GMT
server
AmazonS3
age
451970
etag
W/"767a82b484396b01dc4295b10e20c5a7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
content-type
image/svg+xml
x-amz-cf-id
ctwU3WzqcrYV-0jXHQ9lN5WhvnfR4xAH4gJXJuU6lAM0tZ6WVfWndQ==
logo_spotify_onlight.svg
services.linkfire.com/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.linkfire.com/logo_spotify_onlight.svg
Requested by
Host: jimmyfallon.lnk.to
URL: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 05:38:48 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2016 12:14:43 GMT
server
AmazonS3
age
393129
etag
W/"10ebad8fc307d85d6ed34e9fa95a7577"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
content-type
image/svg+xml
x-amz-cf-id
y3OQksoG1ohBXK8ZYLw1bq6-NNydwdNPl9ZLq1mGN0EyOs2roUix6A==
logo_itunes_onlight.svg
services.linkfire.com/ 		19 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.linkfire.com/logo_itunes_onlight.svg
Requested by
Host: jimmyfallon.lnk.to
URL: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 13:02:12 GMT
content-encoding
gzip
last-modified
Fri, 23 Mar 2018 08:26:33 GMT
server
AmazonS3
age
366526
etag
W/"db14889932940c59c989f46bcff71c80"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
content-type
image/svg+xml
x-amz-cf-id
aO9nMw0qXvffWB8hBV6OYiEgDJVvF29nUyVodpxt1TouRypJtvSE6Q==
logo_deezer_onlight.svg
services.linkfire.com/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.linkfire.com/logo_deezer_onlight.svg
Requested by
Host: jimmyfallon.lnk.to
URL: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8a9b6a12cd203128f1fbde87d4fb396511cec3492ae458f654e44a97afb9d90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 07:09:08 GMT
content-encoding
gzip
last-modified
Tue, 07 May 2019 14:18:49 GMT
server
AmazonS3
age
387710
etag
W/"c488f62a2b4ec4cc5f9368f3f9969eed"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
content-type
image/svg+xml
x-amz-cf-id
l-C2ELztItxlvqQ49FB47-sHtAt_so-5WpLOeWTMQZc8s8Ru9r0hkg==
logo_youtubemusic_onlight.svg
services.linkfire.com/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.linkfire.com/logo_youtubemusic_onlight.svg
Requested by
Host: jimmyfallon.lnk.to
URL: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc0d8191ca9bacc9a33b5aa1a79a8e9a4dde46ec1e7133242f10500456e6b2e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 23:53:29 GMT
content-encoding
gzip
last-modified
Fri, 26 Mar 2021 15:08:02 GMT
server
AmazonS3
age
327448
etag
W/"d2de296d98c733c648651b948706f9dc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
UeleBMRRAgzkCE7yjb7LHjMGLzKWgsch
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
content-type
image/svg+xml
x-amz-cf-id
LfP5W6_YzSmJEJ-QNWQ8nRkAsDWbVMiQs3FD5wukrIYwj5R8sMnzZA==
skin.js
static.assetlab.io/red3/353/ 		424 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.assetlab.io/red3/353/skin.js
Requested by
Host: jimmyfallon.lnk.to
URL: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-99.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d01bf15794daac61409bfc152b3743f5ca80a7bc747f70177819d5f752da45f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
TSyWeURGBNMDngcGc4U6qjQEx3ZI7DrJ
content-encoding
gzip
etag
W/"18e6516f5ef0302e71dbdf4ca6248b2c"
last-modified
Tue, 30 Nov 2021 15:17:09 GMT
server
AmazonS3
age
20295
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
date
Wed, 08 Dec 2021 13:12:43 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
ewyZc9Snivk1ckR3fvNA7XGZlYGcj6_EpawT60P4EUv-7o0GJyDjBg==
consent.js
static.assetlab.io/consent/1.5.10/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.assetlab.io/consent/1.5.10/consent.js
Requested by
Host: jimmyfallon.lnk.to
URL: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-99.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47a0de82972ab10059d98340e89b9a3d5f0e554334c3ac66b85c60a4b4e9e780

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 08 Dec 2021 01:15:57 GMT
content-encoding
gzip
last-modified
Thu, 25 Nov 2021 12:27:22 GMT
server
AmazonS3
age
63301
etag
W/"a07a35b4fc6a3affa56f9defa6cae210"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
UI7DOFgR6yp3AoEBqNwQA_f17zTh771C
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
ccWkZ5yiA6WNoyuK5ujvHplnp6z_vxVUGIWhrRhU-rqgqbBpBEhiyQ==
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jimmyfallon.lnk.to
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 14:02:00 GMT
x-content-type-options
nosniff
age
103737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 07 Dec 2022 14:02:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jimmyfallon.lnk.to
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 13:39:48 GMT
x-content-type-options
nosniff
age
450669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 03 Dec 2022 13:39:48 GMT
consent.css
static.assetlab.io/consent/1.5.10/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.assetlab.io/consent/1.5.10/consent.css
Requested by
Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.5.10/consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-99.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad82c4bfce978981031dc3fc21c4f64f55732265dda6d75058b809952519c23c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
x.FhFOc9JaUDOa5H_.Se3.iG25WUQyAh
content-encoding
gzip
etag
W/"d11a7ed8f77473c4ccd20e030f4242c4"
last-modified
Thu, 25 Nov 2021 12:27:22 GMT
server
AmazonS3
age
20293
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
date
Wed, 08 Dec 2021 13:12:45 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
LVAGaTo--0g-1ijcW7o0uj6hAH0pFuiqg-oIZQlDt_2ajj8tP0LsuQ==
/
jimmyfallon.lnk.to/~/tr/pageview/ 		70 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jimmyfallon.lnk.to/~/tr/pageview/
Requested by
Host: jimmyfallon.lnk.to
URL: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.188.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-188-190.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f697716dd5d38544a44b00153ddf3ff940a5362bb05f605d04102a91e4171ce6

Request headers

Referer
https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Dec 2021 18:50:57 GMT
x-redirector-version
redirector-v3
server
nginx
content-type
application/json; charset=UTF-8
iframe_api
www.youtube.com/ 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: static.assetlab.io
URL: https://static.assetlab.io/red3/353/release-classic-video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
acae2a044a08809b9ab6c0faad8476acf047e0bd23557453fa68f80854f4beb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 18:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires
Wed, 08 Dec 2021 18:50:57 GMT
bSHz5S3yIzg
www.youtube.com/embed/ Frame 17DA 		60 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Requested by
Host: static.assetlab.io
URL: https://static.assetlab.io/red3/353/release-classic-video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
72518da5052876b5a0335f1767c31d69596a22d84c3e3273a379eaea57f4d4b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 08 Dec 2021 18:50:57 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
jimmyfallon.lnk.to/~/tr/consent/ 		70 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jimmyfallon.lnk.to/~/tr/consent/
Requested by
Host: jimmyfallon.lnk.to
URL: https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.188.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-188-190.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f697716dd5d38544a44b00153ddf3ff940a5362bb05f605d04102a91e4171ce6

Request headers

Referer
https://jimmyfallon.lnk.to/itwasamaskedxmas?utm_source=dotmailer&utm_medium=email&utm_campaign=159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US&dm_i=4YU9,3F43,SSXF5,G555,1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Dec 2021 18:50:57 GMT
x-redirector-version
redirector-v3
server
nginx
content-type
application/json; charset=UTF-8
pubads_impl_2021120201.js
securepubads.g.doubleclick.net/gpt/ 		347 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 18:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119206
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 15:41:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 08 Dec 2021 18:50:57 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		93 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=jimmyfallon.lnk.to
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e9aa98b63a7bc0b8866f8bd655c4507a87c57d3f2433d13acf7bcc897d63499a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Dec 2021 18:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Wed, 08 Dec 2021 18:50:57 GMT
www-widgetapi.js
www.youtube.com/s/player/46ac5f60/www-widgetapi.vflset/ 		148 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/46ac5f60/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b088200d88cffb83790e02e2ca1232cdd9505260ec5e0e1caa43e916a6a4450d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 17:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
4077
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49287
x-xss-protection
0
last-modified
Tue, 07 Dec 2021 17:33:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 08 Dec 2022 17:43:00 GMT
ic-shield-blue.svg
static.assetlab.io/consent/1.5.10/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.assetlab.io/consent/1.5.10/assets/ic-shield-blue.svg
Requested by
Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.5.10/consent.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-99.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.assetlab.io/consent/1.5.10/consent.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
Go5UBS8tkNCN3eVPxjsXmxVL9QhoW4yo
content-encoding
gzip
etag
W/"560dd3386ebf80f78c934aeff4a6a82c"
last-modified
Thu, 25 Nov 2021 12:27:22 GMT
server
AmazonS3
age
75498
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
date
Tue, 07 Dec 2021 21:52:40 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
eGDBQmU1yBRVXc0XF-VLTCUnDR8WQ3OhsUbKMZyOWsH8_rz9uarGjg==
ic-close-s.svg
static.assetlab.io/consent/1.5.10/assets/ 		351 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.assetlab.io/consent/1.5.10/assets/ic-close-s.svg
Requested by
Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.5.10/consent.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-99.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.assetlab.io/consent/1.5.10/consent.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
f48HCUo4dvFXbN2WedcOaqpZ.4Sa_j25
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
etag
"d303b6c7d844d91101e1e4c63156cfec"
last-modified
Thu, 25 Nov 2021 12:27:22 GMT
server
AmazonS3
age
71388
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
date
Tue, 07 Dec 2021 23:01:10 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
351
x-amz-cf-id
RcA-tle97uT-bHdSbKu5JgXeFP6r2hrxyG2T5xwMa8RGDA3azXiF2g==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jimmyfallon.lnk.to
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 17:56:19 GMT
x-content-type-options
nosniff
age
3278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 08 Dec 2022 17:56:19 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jimmyfallon.lnk.to
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Dec 2021 18:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jimmyfallon.lnk.to
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Dec 2021 18:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		853 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2101968470022016&correlator=1179822382301829&output=ldjh&impl=fifs&eid=31063915&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211208&iu_parts=22051246401%2CFooter_Client%2CHeader_Client&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%7C300x100%7C300x250%7C320x50%7C320x100%7C320x120%2C1x1&cust_params=explicit%3Dno%26artist%3DARIANA%2520GRANDE%252Cariana%2520grande%252CAriana%2520Grande%26linkid%3D71b833ba-ca59-4c25-8888-2c7c3a6c8e51%26boardid%3D8fbedcdf-4c47-11e6-9fd0-066c3e7a8751%26toplevelboardid%3D6ee9623a-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6ee969a8-4c47-11e6-9fd0-066c3e7a8751%252C6EE969A8-4C47-11E6-9FD0-066C3E7A8751%252C6ee969a8-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DDE%26city%3DFrankfurt%2520am%2520Main%26days%3D0%2520days&cookie_enabled=1&bc=31&abxe=1&lmt=1638989457&dt=1638989457749&dlt=1638989457448&idt=266&frm=20&biw=1600&bih=1200&oid=2&adxs=640%2C0&adys=855%2C-160&adks=3182824665%2C1239882355&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fjimmyfallon.lnk.to%2Fitwasamaskedxmas%3Futm_source%3Ddotmailer%26utm_medium%3Demail%26utm_campaign%3D159555_UMG_US_UMG_Holiday_2021_ArianaGrande_Actives_12082021_231777_US%26dm_i%3D4YU9%2C3F43%2CSSXF5%2CG555%2C1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x0%7C1600x-1&msz=320x0%7C1600x-1&ga_vid=1442404134.1638989458&ga_sid=1638989458&ga_hid=1223050442&ga_fc=false&fws=4%2C516&ohw=1600%2C1600&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
fc043da5ed2b64026b30d8ed29e308e06dd46f7dbee708e67f995a1aa4d9b19b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 18:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
251
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://jimmyfallon.lnk.to
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a48408812a811b1e48dbe170172ba357.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 51A5 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a48408812a811b1e48dbe170172ba357.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 08 Dec 2021 18:50:57 GMT
expires
Thu, 08 Dec 2022 18:50:57 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-player-webp.css
www.youtube.com/s/player/46ac5f60/ Frame 17DA 		336 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/46ac5f60/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6ec215ae1f79058f76e3ac67a8637b37baadf10dabcd5450b0cc8d0fa97934a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 19:36:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
83673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47257
x-xss-protection
0
last-modified
Tue, 07 Dec 2021 17:33:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 07 Dec 2022 19:36:24 GMT
www-embed-player.js
www.youtube.com/s/player/46ac5f60/www-embed-player.vflset/ Frame 17DA 		219 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/46ac5f60/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5498bc67ac496a3fc5af517d67021c41a5c96115e91bf953fc4d3e754b41ba7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 19:36:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
83673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73167
x-xss-protection
0
last-modified
Tue, 07 Dec 2021 17:33:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 07 Dec 2022 19:36:24 GMT
base.js
www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/ Frame 17DA 		2 MB
526 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11d24f62c32af98af1804be380a821385f1f76220ff21c4207172ba9bbc2f7d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 19:36:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
83673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
538358
x-xss-protection
0
last-modified
Tue, 07 Dec 2021 17:33:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 07 Dec 2022 19:36:24 GMT
fetch-polyfill.js
www.youtube.com/s/player/46ac5f60/fetch-polyfill.vflset/ Frame 17DA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/46ac5f60/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 19:36:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
83673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Tue, 07 Dec 2021 17:33:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 07 Dec 2022 19:36:24 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 17DA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 17:06:41 GMT
x-content-type-options
nosniff
age
92656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 07 Dec 2022 17:06:41 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 17DA
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H3
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6db09005a3c378aa1877688a722219268119579d762d0155c4f0b8975b62c1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 18:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 08 Dec 2021 18:50:57 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 17DA 		29 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 18:42:27 GMT
x-content-type-options
nosniff
age
510
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Dec 2021 18:57:27 GMT
remote.js
www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/ Frame 17DA 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8d2d5f209843357c521bc9e45c43341f93933bd4ac31f7b4024931a62e82af1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 19:44:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
83192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29831
x-xss-protection
0
last-modified
Tue, 07 Dec 2021 17:33:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 07 Dec 2022 19:44:25 GMT
_5cMNwgFbhqFzysIXU1z-fdfZ3ZelUNkfvkSZuNNDpg.js
www.google.com/js/th/ Frame 17DA 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/_5cMNwgFbhqFzysIXU1z-fdfZ3ZelUNkfvkSZuNNDpg.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff970c3708056e1a85cf2b085d4d73f9f75f67765e9543647ef91266e34d0e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 17:35:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
4499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13294
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 17:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Dec 2022 17:35:58 GMT
embed.js
www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/ Frame 17DA 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0a5e84d37c0709a0ee28281b1678c168ade905efb0edd03c9aaffbf8614d144
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 19:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
83671
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7357
x-xss-protection
0
last-modified
Tue, 07 Dec 2021 17:33:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 07 Dec 2022 19:36:26 GMT
truncated
/ Frame 17DA 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
x3B6yT0d9DfCsdiSrBkquE4mCjnnfoi81lZLL77p6xYr_HI96xOV3lmM7_J3W8FznanvFRtlqg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 17DA 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/x3B6yT0d9DfCsdiSrBkquE4mCjnnfoi81lZLL77p6xYr_HI96xOV3lmM7_J3W8FznanvFRtlqg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bd2fe3cc1195f1b7a6ff4db077de5c07077fc9d08fbae9b9101c7a4b35a8c098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 17:03:04 GMT
x-content-type-options
nosniff
age
6474
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4268
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 08 Dec 2021 05:02:42 GMT
maxresdefault.jpg
i.ytimg.com/vi/bSHz5S3yIzg/ Frame 17DA 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/bSHz5S3yIzg/maxresdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88f2d3d2405648dafe38a623c9241f62af57dbc061f617b3e2cb6dffffba8e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 18:50:07 GMT
x-content-type-options
nosniff
age
51
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63951
x-xss-protection
0
server
sffe
etag
"1638844213"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 08 Dec 2021 18:55:07 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 17DA 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 18:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Dec 2021 18:50:58 GMT
generate_204
www.youtube.com/ Frame 17DA 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?MLgG_A
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 18:50:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/96/ Frame 17DA 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/96/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 18:36:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15236
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 15:10:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Thu, 09 Dec 2021 18:36:31 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b2a1d1035cec797db7a4a164fc873ab64f9904abf1c70efb49c517fc61f057c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Dec 2021 18:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8475
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 18:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Wed, 08 Dec 2021 18:50:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D0F2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Wed, 08 Dec 2021 18:30:42 GMT
expires
Thu, 08 Dec 2022 18:30:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1216
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 57B0 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3b6d479c04737cb23a587cfa0481c6850b18c839dd114e7317b42b367dd9c8f7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fD+/IrKIh2pRNby4nNnvtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 08 Dec 2021 18:50:58 GMT
date
Wed, 08 Dec 2021 18:50:58 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-fD+/IrKIh2pRNby4nNnvtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
pagead2.googlesyndication.com/bg/ Frame D0F2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 11:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
27486
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13379
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Dec 2022 11:12:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 57B0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120201&jk=2101968470022016&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120201&jk=2101968470022016&bg=!HxylHFjNAAaQHwIOkB87ACkAdvg8Wh13CW_8T31fOba2Qr8R_zsMuAiuf4USxPn1WzcMg4pz-UZFLAIAAABiUgAAAAtoAQcKAMBH0LC_VxP7Ciqn8wVlmFiH4tsPjs2f7sjDYa4LDIpzq-vMfaP3MU5m9JpWmCB6xpuIbK7jvwgPrwqY5gpw0Cy-ZOycY8EDCkEsZm-DBugU1oI8Iq2tjH5WRC9-pJzkNhycsvkIl95KD6MVp7gjHYZQQQwg-dmLzxwk7osm1OZ2dM-031Jc5aT4BafCXSjMZ3F2sEf3K5q_cDbLLvpblnvYIjjpnwo3cWjGbkMHp_HQJzPnWZ3gvZCK7Iy2EQo36O6ZAquWNARVg9A9intCh90jaf_wclMbc7nR9B9wYIA222qGSCcyikeeZdsA2zd2wKp1iY3QgPU4F9LzjRDdef9rPIjYSHE309jybWAmAyCtbyPL2-b-QYjTzUTw4HjKAUY7QfXf3CxparV_ou82HL8qWabquDDMLKAtVZIEmKXtWXaFNXZXWAB4fWMm5nCdYunbsuraM7ji0uvWC_c9mi0Xtn3YTqXY69bD_Qkl97zazb02zuXKOGaRfVpYA9FAsYgb9NJTUtuQkgycJC_xe-0tSfka78yADFwkgAmWKf8Pvl8mVcMMqSMTkCnHljajxpZ4DPVtSjTszUARQpQkjnL-3mm5yqzdXZoUYBmduWypwKvJQ_KdaUwaT-3lPs8BzQ6OXQiIDNxrwXzqCDE_8mZZaoC7TaDqNpEF1_nnWJkQzdAPmnGv5YrbG1gZJ7NTKS2l3nKpZZ1tHYA67upHYMSyCpAbp07GCLKBL6NmqxyEdLXwiT6ohqM15b9Y1l6e0J2hTsj0Ynrf_s96CUXE_ChnXZ9Ijx8QosiXquG-4rBinDW8BVuHg7XrWBvWObSu3SjLYPUiNPU0yDrRUrLT9tmrQhgS6Ugc4npeDra2P-OHC4SETbQCfi32hO48DZ-vPy5bdaPTaVzcQ8GlpFymxyQJ7Nn3zUNsbQdKLNC6dIkO0mjX8WWmVtuoxgk3wR0pd6YhTN2nBRpP-81k-_rnnkUICxIVtNHP2gkeNQH3xwOkC2snxtlq0oPSVZP8uIU-Y8lPbxZgOgvOWaOgEVwFmPAhS4zP_733n06hxgmEMczAEqqhR-oR-xyCHuwcl-rkNysBVlox85qAaYRX9Vw4Gpy0BWkPCo3J8O8HkM4PzWt3sk7_NSNHzo-mgn0OkqsSoxBwYLhDJGegpjgYrCqTJA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jimmyfallon.lnk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Dec 2021 18:50:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 17DA 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/bSHz5S3yIzg?enablejsapi=1&controls=1&modestbranding=1&rel=0&showinfo=1&html5=1
X-YouTube-Client-Version
1.20211205.00.02
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtqMkIzeHMyNTdLOCiR_cONBg%3D%3D
X-YouTube-Ad-Signals
dt=1638989457901&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C720%2C405&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 08 Dec 2021 18:51:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 08 Dec 2021 18:51:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| LnkConsentObject function| lnk_consent object| googletag object| webpackJsonp object| __core-js_shared__ function| setImmediate function| clearImmediate object| core object| linkfire object| regeneratorRuntime function| loadAlreadyConsented function| onYouTubeIframeAPIReady object| ggeac object| google_js_reporting_queue object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.lnk.to/ Name: LF_session_4db5353c177a8a1c7d78212653b31da3
Value: 1
.youtube.com/ Name: YSC
Value: 8SamoKaTG3E
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: j2B3xs257K8
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.lnk.to/ Name: __gads
Value: ID=004d854e229b3162-228ba06302cd0003:T=1638989457:S=ALNI_MaLeTP0bjSv-0xxsdYz_khJYVnGyQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a48408812a811b1e48dbe170172ba357.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jimmyfallon.lnk.to
linkstorage.linkfire.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
services.linkfire.com
static.assetlab.io
static.doubleclick.net
tpc.googlesyndication.com
us.umusic-online.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.16.206.86
13.32.22.72
142.250.184.226
143.204.209.99
2600:9000:214f:b200:14:38a4:2ec0:93a1
2a00:1450:4001:801::2001
2a00:1450:4001:809::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2006
2a00:1450:4001:830::2016
2a00:1450:4001:831::200e
54.72.188.190
012d4cc53ce9470d70ee381caa4ee89f4b4f5229922af1db0a5b23dbf0b67610
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
11d24f62c32af98af1804be380a821385f1f76220ff21c4207172ba9bbc2f7d6
23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
2b2a1d1035cec797db7a4a164fc873ab64f9904abf1c70efb49c517fc61f057c
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
3b6d479c04737cb23a587cfa0481c6850b18c839dd114e7317b42b367dd9c8f7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f29550b363950a26ec1b1c7faab15c15736d233b0fc1b404c9cc443c120beec
47a0de82972ab10059d98340e89b9a3d5f0e554334c3ac66b85c60a4b4e9e780
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63
65de69df55f9aeaaa55e23462c7b8ff3a9802fd437c9f3888a7c57b6ca23c8f0
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6db09005a3c378aa1877688a722219268119579d762d0155c4f0b8975b62c1c1
72518da5052876b5a0335f1767c31d69596a22d84c3e3273a379eaea57f4d4b3
88f2d3d2405648dafe38a623c9241f62af57dbc061f617b3e2cb6dffffba8e46
8b94c603d497f95142c49a85d2d397b48ea30e24d5005a61b0a79cafe3ef5912
947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419
9547dfb45daec2fde40661fb2a2ea3e0348d202739cd5a932cfaf9dae6a93d8f
9d01bf15794daac61409bfc152b3743f5ca80a7bc747f70177819d5f752da45f
9ff58990f1277f052f93f21f4758d1e17c21f31a81bff87ca3d50a1783a0b888
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6ec215ae1f79058f76e3ac67a8637b37baadf10dabcd5450b0cc8d0fa97934a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acae2a044a08809b9ab6c0faad8476acf047e0bd23557453fa68f80854f4beb1
ad82c4bfce978981031dc3fc21c4f64f55732265dda6d75058b809952519c23c
ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d
b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68
b088200d88cffb83790e02e2ca1232cdd9505260ec5e0e1caa43e916a6a4450d
b0a5e84d37c0709a0ee28281b1678c168ade905efb0edd03c9aaffbf8614d144
b5498bc67ac496a3fc5af517d67021c41a5c96115e91bf953fc4d3e754b41ba7
b8d2d5f209843357c521bc9e45c43341f93933bd4ac31f7b4024931a62e82af1
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd2fe3cc1195f1b7a6ff4db077de5c07077fc9d08fbae9b9101c7a4b35a8c098
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc0d8191ca9bacc9a33b5aa1a79a8e9a4dde46ec1e7133242f10500456e6b2e2
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9aa98b63a7bc0b8866f8bd655c4507a87c57d3f2433d13acf7bcc897d63499a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f697716dd5d38544a44b00153ddf3ff940a5362bb05f605d04102a91e4171ce6
f8a9b6a12cd203128f1fbde87d4fb396511cec3492ae458f654e44a97afb9d90
fc043da5ed2b64026b30d8ed29e308e06dd46f7dbee708e67f995a1aa4d9b19b
ff970c3708056e1a85cf2b085d4d73f9f75f67765e9543647ef91266e34d0e98