gojedistro.lnk.to Open in urlscan Pro
54.72.234.65 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gojedistro.lnk.to/JustLikeMagic
Submission: On November 05 via api (November 5th 2022, 12:00:43 am UTC) from IE — Scanned from DE

Summary HTTP 79 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 15 domains to perform 79 HTTP transactions. The main IP is 54.72.234.65, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is gojedistro.lnk.to.
TLS certificate: Issued by Amazon on August 9th 2022. Valid for: a year.

This is the only time gojedistro.lnk.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	54.72.234.65 54.72.234.65	16509 (AMAZON-02) (AMAZON-02)
7	52.222.236.112 52.222.236.112	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.27.72 13.32.27.72	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:223... 2600:9000:223e:2200:14:38a4:2ec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.216.244.31 54.216.244.31	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	18.200.211.36 18.200.211.36	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	23.203.77.3 23.203.77.3	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
79	24

3 54.72.234.65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-234-65.eu-west-1.compute.amazonaws.com

gojedistro.lnk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.222.236.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-112.fra56.r.cloudfront.net

static.assetlab.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-72.fra56.r.cloudfront.net

linkstorage.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:223e:2200:14:38a4:2ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

services.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.216.244.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-244-31.eu-west-1.compute.amazonaws.com

srv.clickfuse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.200.211.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-211-36.eu-west-1.compute.amazonaws.com

srv.tonemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

smarttag.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com 573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	209 KB
12	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 367	267 KB
9	linkfire.com linkstorage.linkfire.com — Cisco Umbrella Rank: 100193 services.linkfire.com — Cisco Umbrella Rank: 98931	175 KB
7	assetlab.io static.assetlab.io — Cisco Umbrella Rank: 127092	190 KB
5	gstatic.com fonts.gstatic.com	79 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118 imasdk.googleapis.com — Cisco Umbrella Rank: 468	348 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	142 KB
3	rubiconproject.com ads.rubiconproject.com — Cisco Umbrella Rank: 3759 smarttag.rubiconproject.com — Cisco Umbrella Rank: 15896 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1289	10 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17	2 KB
3	lnk.to gojedistro.lnk.to	83 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 352	76 KB
2	tonemedia.com srv.tonemedia.com — Cisco Umbrella Rank: 50844	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 475	104 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5594	792 B
1	clickfuse.com srv.clickfuse.com — Cisco Umbrella Rank: 44518	43 KB
79	15

	Domain	Requested by
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net gojedistro.lnk.to 573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com gojedistro.lnk.to 573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com
9	securepubads.g.doubleclick.net	gojedistro.lnk.to securepubads.g.doubleclick.net static.assetlab.io www.googletagservices.com
8	services.linkfire.com	gojedistro.lnk.to
7	static.assetlab.io	gojedistro.lnk.to static.assetlab.io
5	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagservices.com	securepubads.g.doubleclick.net 573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com
3	gojedistro.lnk.to	gojedistro.lnk.to
2	googleads4.g.doubleclick.net	gojedistro.lnk.to
2	www.google.com	tpc.googlesyndication.com 573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com
2	s0.2mdn.net	imasdk.googleapis.com 573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com
2	573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	srv.tonemedia.com	srv.clickfuse.com
2	imasdk.googleapis.com	static.assetlab.io imasdk.googleapis.com
2	fonts.googleapis.com	gojedistro.lnk.to securepubads.g.doubleclick.net
1	secure-assets.rubiconproject.com	gojedistro.lnk.to
1	googleads.g.doubleclick.net	573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com
1	smarttag.rubiconproject.com	ads.rubiconproject.com
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	ads.rubiconproject.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	srv.clickfuse.com	gojedistro.lnk.to
1	linkstorage.linkfire.com	gojedistro.lnk.to
79	24

This site contains links to these domains. Also see Links.

Domain
music.apple.com
open.spotify.com
music.amazon.de
listen.tidalhifi.com
audiomack.com
music.youtube.com
www.deezer.com

Subject Issuer	Validity	Valid
lnk.to Amazon	`2022-08-09` - `2023-09-07`	a year	crt.sh
static.assetlab.io Amazon	`2022-10-20` - `2023-11-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
linkfire.com Amazon	`2022-03-29` - `2023-04-25`	a year	crt.sh
srv.tunefindforfans.com Amazon	`2022-08-30` - `2023-09-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://gojedistro.lnk.to/JustLikeMagic
Frame ID: 608884A4936F517C58A874ECC677A0EC
Requests: 38 HTTP requests in this frame

Frame: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 19C87F1AE6A7862BBF27D7C695122EAD
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.542.0_en.html
Frame ID: 09305139171D91BC806D512D528A5503
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFPy7HjEMJEAyIEJPczQ_oCLY39QiTSn6v9L_Mh3eMiN78qt6dQgKGkhe3YD-uCJHE9b_E_2sS5WfXOSzrn7BA769Lb5luLnyWsoMX6FnXGNHBlA75XEgwHatHCwDthpRkCxjJThZHAFv7z1nhncmGHjhf5shfnZeXxSC6OM2Gg2ciEt8-CqkXyFB_4rtBXkxbBj-ul3NtTaeNcnehb-AoBY2FgVicugj6zhmq377nHfPJl-RzyorBTeL2Jg-hhxTsgkR-tuzaKQ4sRH4MvVdEFbxcP6ysaJbmj-GH3Iynj3riGJRFebdOlUbz8Sp2T2qHttXF2eoU44JcARHU69U&sai=AMfl-YTbJ7bhYyMrj8iviPpnpXchgRLd6Ghljn6S7zTVK6Vnrb_mnz20ClwkhJmARPAkwH44ool9B4ldHQbTCQvDIfE19lI6g0d1rAsSZ_6tBEEKaKVY2sneVTu3rucgjMZ3vsut9w&sig=Cg0ArKJSzI51DvQ910u3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DC54039661787FF5903CA2C59087C851
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqwt7n0cWRpWs9Aml_dyuWdgfPWSyW0c1_rxuMBW72lM1BztVpcyFzJ5YaTQXWFrDgp7uCtdiucxyU8hkMszggHFOoipQK763MXZhIXen4n8K9V7rFuD0v5J4cKJDH4eHNEvhaU2qbpfcrWIW4nQXrQVtqofhqLaODkcY76g1GhmwTplsifaU2HsTEHKiTS_G9MeDiIcgT7Iflgw6lY1Rbwgn33I1J-pvJg4aomn1t8e_9WyrXHaJ6vSr2xtf8wdivj6Bqlppoe2ZXg_RBUjP5AjNndqOMRxDPVVLfMJxaalGm6_ZkgvBBZxn6PbUu7PBdjELpR-xeKbhKIS7tHLw&sai=AMfl-YTVDDZD_NXwvzZ98E5kaacoxwl_mjakZoPRlBGhQK9Djxk7NWXIM5zXc2g08eKEzF1XUUlIbLrrWykA_dPn_nJhs5cA3Eyrek9fR7zt7veuD38l0I0bBnPlT8z9Y4wguCfPZQ&sig=Cg0ArKJSzMQY7zeO_wfMEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D21ED0CD1424B8F8754274A630DE2F50
Requests: 12 HTTP requests in this frame

Frame: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: A7CCFE5A83FCD23F95742D7702F49BE7
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CBB08BB2078302D72A86037E1612B02C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2E68C7FC404CDAA3A2D5BA9FDC1510DF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNu5KRDRjp2AAhj90PTXATAB&v=APEucNVxYu0aieCZ_Nea8y2YAU3ktdpp9ODRDAgeRermElrdNT_Jkw1dCJIKHkom1GXJNBieCiLBAlRYVsqskUM6MuRRVlcT2Q
Frame ID: 64728182AF24B9D1F28F0F2C8177243D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DAB786DED37C5DF659061A6816EC4B0F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Standard Dii - Just Like Magic

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

79
Requests

100 %
HTTPS

70 %
IPv6

15
Domains

24
Subdomains

24
IPs

3
Countries

1732 kB
Transfer

4641 kB
Size

9
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://music.apple.com/de/album/1580778855?app=music&at=1l3vpUI&ct=LFV_afdec6e0f5d2416d00d8d52f36d92d57&itscg=30440&itsct=catchall_p1&lId=23623898&cId=none&sr=1&src=Linkfire&ls=1
Title: Abspielen

Search URL Search Domain Scan URL

URL: https://open.spotify.com/album/1U50KJDhdkvdzOFDE4tMbC
Title: Abspielen

Search URL Search Domain Scan URL

URL: https://music.amazon.de/albums/B09CF3W3T9?tag=linkfiregen&ie=UTF8&linkCode=as2&ascsubtag=afdec6e0f5d2416d00d8d52f36d92d57&ref=dmm_acq_soc_de_u_lfire_lp_x_afdec6e0f5d2416d00d8d52f36d92d57
Title: Abspielen

Search URL Search Domain Scan URL

URL: https://music.apple.com/de/album/1580778855?app=itunes&at=1l3vpUI&ct=LFV_afdec6e0f5d2416d00d8d52f36d92d57&itscg=30440&itsct=catchall_p4&lId=23623898&cId=none&sr=4&src=Linkfire&ls=1
Title: Laden

Search URL Search Domain Scan URL

URL: http://listen.tidalhifi.com/album/193868822
Title: Abspielen

Search URL Search Domain Scan URL

URL: https://audiomack.com/standard_dii/album/just-like-magic
Title: Abspielen

Search URL Search Domain Scan URL

URL: https://music.youtube.com/playlist?list=OLAK5uy_n-V3tk6quLzYuwNGYvZNdjveLFzNKYZ8Q&src=Linkfire&lId=4a9021d2-5ffa-4f2b-8b27-e7e491a438e3&cId=d3d58fd7-4c47-11e6-9fd0-066c3e7a8751
Title: Abspielen

Search URL Search Domain Scan URL

URL: https://www.deezer.com/album/251132902?app_id=140685&utm_source=partner_linkfire&utm_campaign=afdec6e0f5d2416d00d8d52f36d92d57&utm_medium=Original&utm_term=objective-stream&utm_content=album-251132902
Title: Abspielen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request JustLikeMagic Show response
gojedistro.lnk.to/ 82 KB
82 KB 1200ms
1136ms Document
text/html 54.72.234.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gojedistro.lnk.to/JustLikeMagic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.234.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-234-65.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 70ca1a22691fe0c65a806b887aa1db5107f1f646e7a373449d76e35030b31287

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 05 Nov 2022 00:00:37 GMT
server: nginx
x-redirector-version: redirector-v3

GET
H2 200 release-freemium.css
static.assetlab.io/red3/473/ 32 KB
8 KB 34ms
8ms Stylesheet
text/css 52.222.236.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/473/release-freemium.css
Requested by: Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-112.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12e2bd670485922ff4aa25ef930c6aa4db4634dd410de01157dcdcc06825b5bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: lpBqLCBskS.EInT_Vdwv01BwCgXOkyon
content-encoding: gzip
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 15:27:21 GMT
last-modified: Thu, 03 Nov 2022 14:35:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 30803
x-amz-server-side-encryption: AES256
etag: W/"4c0c9225a00685b16f5845b2ab006fbc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: C_Av7rLBEgwIt1fn9ytN6guH6ddQfUsVc2eZWftk8MmH0esflres8w==

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 134ms
49ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700|IBM+Plex+Sans:400,500,600,700&display=swap&subset=latin-ext

Requested by

Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ca7d6cf452ff72ed31f2be62277da6a0eee441187df240c9fdd551c2d8945ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 05 Nov 2022 00:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Nov 2022 00:00:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Nov 2022 00:00:37 GMT

GET
H2 200 release-freemium.js Show response
static.assetlab.io/red3/473/ 524 KB
157 KB 33ms
8ms Script
application/javascript 52.222.236.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/473/release-freemium.js
Requested by: Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-112.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc532768d3e0d31e18ae7078093f175ae3454d81453fe20e9fb644260a1c140e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: n0GNUXdsP7_Sy_qV6vUrvNWA1XMfM5gf
content-encoding: gzip
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 15:34:53 GMT
last-modified: Thu, 03 Nov 2022 14:35:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 30699
x-amz-server-side-encryption: AES256
etag: W/"6161c8b5917520c20a7772b70016eca7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: CyGozwrvfVewIDo1-F4GZOEsXQdjSqY1-3PCA3wlz7ce_8y2tAohRg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 128ms
49ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39f747b9be76f0bfabea1d4db021ab5faa85174441339b96d9ae6d47a794a5b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27352
x-xss-protection: 0
server: sffe
etag: "1384 / 979 of 1000 / last-modified: 1667599556"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Nov 2022 00:00:37 GMT

GET
H2 200 artwork-440x440.jpg
linkstorage.linkfire.com/medialinks/images/860c29b2-70e7-469d-b002-993260ab7172/ 146 KB
147 KB 567ms
515ms Image
image/jpg 13.32.27.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linkstorage.linkfire.com/medialinks/images/860c29b2-70e7-469d-b002-993260ab7172/artwork-440x440.jpg

Requested by

Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-72.fra56.r.cloudfront.net

Software

The Great Gig In The Sky / Master of Puppets

Resource Hash

07d644eb7847d3f5d6ea966b689b5d5c76c4981b4d3c7870e57f08ecac61eb4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:39 GMT
content-encoding
x-content-type-options: nosniff
strict-transport-security: max-age=10368000; includeSubdomains; preload
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-powered-by: Master of Puppets
x-cache: Miss from cloudfront
content-length: 149448
x-xss-protection: 1; mode=block
x-linkfire-security: security@linkfire.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 Aug 2021 23:07:39 GMT
server: The Great Gig In The Sky
etag: "65139a6670d61d3c9fa7c90b041aacbb"
expect-ct: max-age=0
x-frame-options: DENY
content-type: image/jpg
accept-ranges: bytes
x-amz-cf-id: 7K2r9orj5sXA-hkfYuSNSa0mxhDpAA_GBsWZwx1WP3RPG149gdKWkQ==

GET
H2 200 logo_applemusic_onlight.svg
services.linkfire.com/ 7 KB
8 KB 45ms
8ms Image
image/svg+xml 2600:9000:223e:2200:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_applemusic_onlight.svg
Requested by: Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: nGo7v092Ub92VgXy.O3WmDeRgTKJPui3
date: Fri, 04 Nov 2022 03:37:30 GMT
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
last-modified: Tue, 17 Nov 2020 11:13:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 368463
etag: "3d4894f0254dc9d917c86fffd766046a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 7423
x-amz-cf-id: 2hSq9sci4Mm3iXjJ8SmFWUgR__n_NpFP3MIMeVaWbjPlbWhJMLc5JA==

GET
H2 200 logo_spotify_onlight.svg
services.linkfire.com/ 6 KB
3 KB 46ms
9ms Image
image/svg+xml 2600:9000:223e:2200:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_spotify_onlight.svg
Requested by: Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 03:37:30 GMT
last-modified: Wed, 02 Nov 2016 12:14:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 421367
etag: W/"10ebad8fc307d85d6ed34e9fa95a7577"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: KjnmvForSyicZxarFvPesYRe2nA2nMOf8ZdQaKnLKTpsn7MmkPtmuQ==

GET
H2 200 logo_amazonmusic_onlight.svg
services.linkfire.com/ 6 KB
2 KB 46ms
9ms Image
image/svg+xml 2600:9000:223e:2200:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_amazonmusic_onlight.svg
Requested by: Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 012d4cc53ce9470d70ee381caa4ee89f4b4f5229922af1db0a5b23dbf0b67610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 03:38:55 GMT
last-modified: Tue, 28 May 2019 09:23:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 84135
etag: W/"767a82b484396b01dc4295b10e20c5a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: tM12f9zP401WIOah2z8SGqu_M92L8Ilzj0sp9TOk-b_BigrkAUixXg==

GET
H2 200 logo_itunes_onlight.svg
services.linkfire.com/ 19 KB
5 KB 47ms
10ms Image
image/svg+xml 2600:9000:223e:2200:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_itunes_onlight.svg
Requested by: Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 03:38:44 GMT
last-modified: Fri, 23 Mar 2018 08:26:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 221302
etag: W/"db14889932940c59c989f46bcff71c80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 7ak0fQuXPNdxBcudyeysvY8-0p_R2U86BbOfNHfbps3IC90q5zeOgQ==

GET
H2 200 logo_tidal_onlight.svg
services.linkfire.com/ 4 KB
2 KB 47ms
10ms Image
image/svg+xml 2600:9000:223e:2200:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_tidal_onlight.svg
Requested by: Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 763c09aa56110b05ed4d4d716ba81736b6fe696c57d66cbef6d850d9bfe35782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 03:38:44 GMT
last-modified: Wed, 10 Aug 2016 15:07:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 84175
etag: W/"2fd0abb508ea5e93eec3ad5a5d46141c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: WEmx1ELmTasc-f-Ng0i8N24L59E3XbPZeSAO0t5KLBCRtVvdMlVKfA==

GET
H2 200 logo_audiomack_onlight.svg
services.linkfire.com/ 7 KB
3 KB 47ms
11ms Image
image/svg+xml 2600:9000:223e:2200:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_audiomack_onlight.svg
Requested by: Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac792a20ca5b8fe8ed620f5dc4118c77684e978a7e137749dc9ecb9100a765b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 03:38:56 GMT
last-modified: Fri, 10 May 2019 08:01:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 73302
etag: W/"5168fa46ce415224a7beccf881b614ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: zLQ6lic4IkL4HPah1riGOV4nloGOMKR8izzULkp2DbtYY7S4cAe78g==

GET
H2 200 logo_youtubemusic_onlight.svg
services.linkfire.com/ 6 KB
3 KB 8ms
8ms Image
image/svg+xml 2600:9000:223e:2200:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_youtubemusic_onlight.svg
Requested by: Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc0d8191ca9bacc9a33b5aa1a79a8e9a4dde46ec1e7133242f10500456e6b2e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: UeleBMRRAgzkCE7yjb7LHjMGLzKWgsch
content-encoding: gzip
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 03:38:50 GMT
last-modified: Fri, 26 Mar 2021 15:08:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 180662
etag: W/"d2de296d98c733c648651b948706f9dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: f4DW8-zMT5dTkJnCIHyyuyBbdYSGndcLtVQy7IfEmTDsltA-SZam_w==

GET
H2 200 logo_deezer_onlight.svg
services.linkfire.com/ 7 KB
2 KB 8ms
8ms Image
image/svg+xml 2600:9000:223e:2200:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_deezer_onlight.svg
Requested by: Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2200:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8a9b6a12cd203128f1fbde87d4fb396511cec3492ae458f654e44a97afb9d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 01:13:48 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 07 May 2019 14:18:49 GMT
server: AmazonS3
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
etag: W/"c488f62a2b4ec4cc5f9368f3f9969eed"
age: 600410
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: VYztqwlcoGXmibAO84wDbF3rjA_1k6MAlLRyL1MdIUWuxVymIcaXRQ==

GET
H/1.1 200
OK showad.js Show response
srv.clickfuse.com/showads/ 130 KB
43 KB 159ms
62ms Script
text/javascript 54.216.244.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.clickfuse.com/showads/showad.js
Requested by: Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.244.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-244-31.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.54 (Amazon) /
Resource Hash: b33c40fd260a6fb043e9d89a974727df7d3058a2e5e80a438eab12c7fedd9083

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sat, 05 Nov 2022 00:00:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 16:31:42 GMT
Server: Apache/2.4.54 (Amazon)
ETag: "207f2-5eca79be4dedd-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=60, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44101
Expires: Sat, 05 Nov 2022 00:01:37 GMT

GET
H2 200 consent.js Show response
static.assetlab.io/consent/1.5.15/ 53 KB
17 KB 7ms
7ms Script
application/javascript 52.222.236.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.5.15/consent.js
Requested by: Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-112.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e7b29707ddd9bf0b1604fcbc8d6f4741d886de7361a9cba0cd0d1b38860af1d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: G2bubUOnP1lz17CgMSXE1IK5HdcOok6P
content-encoding: gzip
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 15:45:07 GMT
last-modified: Wed, 22 Jun 2022 14:15:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 29732
x-amz-server-side-encryption: AES256
etag: W/"f71041de856bdbd4558fdaa65aeaf30d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ldohHrQROP88hZVcjfM63ktZL3DJVq-KHvThj7-kzFx_LOgZn-K9Fw==

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ 12 KB
13 KB 118ms
37ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|IBM+Plex+Sans:400,500,600,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gojedistro.lnk.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 16:22:46 GMT
x-content-type-options: nosniff
age: 373071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 16:22:46 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 13 KB
13 KB 158ms
76ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|IBM+Plex+Sans:400,500,600,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gojedistro.lnk.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 17:47:57 GMT
x-content-type-options: nosniff
age: 367960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 17:47:57 GMT

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 18 KB
18 KB 125ms
44ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v14/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|IBM+Plex+Sans:400,500,600,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gojedistro.lnk.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 23:13:53 GMT
x-content-type-options: nosniff
age: 89204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18000
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 23:13:53 GMT

POST
H2 200 / Show response
gojedistro.lnk.to/~/tr/pageview/ 70 B
186 B 93ms
92ms XHR
application/json 54.72.234.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gojedistro.lnk.to/~/tr/pageview/
Requested by: Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.234.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-234-65.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4c57e5bf6cda84597e206866f1eacb0ab1ab49a4a34a9e937633f01fb5ea587e

Request headers

Referer: https://gojedistro.lnk.to/JustLikeMagic
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Nov 2022 00:00:37 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 370 KB
124 KB 151ms
44ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/red3/473/release-freemium.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab659f3b8c832932b95844fe1945e22b637f9650ed46c1713dc23af760d99b83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126790
x-xss-protection: 0
expires: Sat, 05 Nov 2022 00:00:37 GMT

GET
H2 200 noise.png
static.assetlab.io/gui/3.2.9/img/ 1 KB
2 KB 8ms
8ms Image
image/png 52.222.236.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/gui/3.2.9/img/noise.png
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/red3/473/release-freemium.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-112.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69f55a3ab55de5a5d1888c5b3a40b2e4389f260a6c60c226f21d197905b87a7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.assetlab.io/red3/473/release-freemium.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: TlPbe8vGHsFh2GbjYMYhli6muYM1O7HG
date: Fri, 04 Nov 2022 08:45:41 GMT
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
last-modified: Fri, 07 Oct 2022 11:22:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 55096
x-amz-server-side-encryption: AES256
etag: "66495ec08bff9951b78266ccf961d871"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1497
x-amz-cf-id: wvqolYVEQJLBzJdb_MarYwTazqXwM5P6QJzxQG5QU05gHDl7jgvR4Q==

GET
H2 200 consent.css
static.assetlab.io/consent/1.5.15/ 23 KB
4 KB 7ms
7ms Stylesheet
text/css 52.222.236.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.5.15/consent.css
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.5.15/consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-112.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52da3158656fa25f0cf23f4c607cec939b53480478e9f72dbc79c98aeeae664d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:05:29 GMT
x-amz-version-id: ZztqAdLKuuTcx96RVIbPdB_CAI0ozWZx
content-encoding: gzip
last-modified: Wed, 22 Jun 2022 14:15:24 GMT
server: AmazonS3
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
etag: W/"df42cc979f3e0534af60d4cf312c4ff1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 17709
x-amz-cf-id: E3-hW0E8mc33-4d1mSoe9cHfLjfJua6JHH9l4g8X--s1BmXgfKlQhg==

GET
H/1.1 200
OK adunit.php Show response
srv.tonemedia.com/showads/ 234 B
1 KB 140ms
35ms Script
text/javascript 18.200.211.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.tonemedia.com/showads/adunit.php?id=100001073&di=&subtag=&search=&artist=Standard%20Dii&song=&tvt=&alb=&alb_is=false&dvid=&vpw=1600&abf=1&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=true&cm=&url=https%3A%2F%2Fgojedistro.lnk.to%2FJustLikeMagic&t=1667606437825
Requested by: Host: srv.clickfuse.com
URL: https://srv.clickfuse.com/showads/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.211.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-211-36.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.54 (Amazon) /
Resource Hash: ec615a7dac80e0a29aad5a4c976ebfe0e40c21547fa39c1e27c4749d1d016a1e

Request headers

Referer: https://gojedistro.lnk.to/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 05 Nov 2022 00:00:37 GMT
Server: Apache/2.4.54 (Amazon)
Content-Type: text/javascript;charset=UTF-8
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="/w3c/p3p.xml"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 234
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pubads_impl_2022110101.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
128 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce331bf5c6c5e330f399d37e697146dd66cbc23038c122adba0b3cd3b1fe2781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130882
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 08:35:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Nov 2023 20:49:38 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 95 B
105 B 117ms
45ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gojedistro.lnk.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5801755f47793ba0c976903e6a7ec8ed68e05cf80c4197dab78b9cde4049c918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80
x-xss-protection: 0
expires: Sat, 05 Nov 2022 00:00:37 GMT

GET
H/1.1 200
OK imp.php Show response
srv.tonemedia.com/showads/track/ 42 B
1 KB 126ms
38ms XHR
image/gif 18.200.211.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.tonemedia.com/showads/track/imp.php?cid=60768809&aid=100001073&artist=Standard+Dii&song=&search=&b=Chrome_107&cs=1&uri=https%3A%2F%2Fgojedistro.lnk.to%2FJustLikeMagic&t=1667606437&subtag=&ldmo=&av=true&atv=old
Requested by: Host: srv.clickfuse.com
URL: https://srv.clickfuse.com/showads/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.211.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-211-36.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.54 (Amazon) /
Resource Hash: b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Accept: application/json, text/plain, */*
Referer: https://gojedistro.lnk.to/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sat, 05 Nov 2022 00:00:38 GMT
Server: Apache/2.4.54 (Amazon)
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sat, 26 Jul 1997 05:00:00 GMT

HEAD
H3 200 pubads_impl_2019062401.js
securepubads.g.doubleclick.net/gpt/ 0
0 36ms
36ms Fetch
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019062401.js

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/red3/473/release-freemium.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 10:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56392
x-xss-protection: 0
last-modified: Mon, 24 Jun 2019 13:05:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Nov 2023 10:28:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 152ms
47ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gojedistro.lnk.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 138ms
45ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gojedistro.lnk.to

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 607 KB
112 KB 572ms
572ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=730493295245365&correlator=1826994735624607&eid=31068367%2C31061167%2C31069103&output=ldjh&gdfp_req=1&vrg=2022110101&ptt=17&impl=fifs&iu_parts=22051246401%2CFooter%2CChurned_Footer%2CHeader%2CChurned_Header%2CDesktop_Right_Med_Rec%2CChurned_Desktop_Right_Med_Rec%2C1.5-Click_Client%2CInterstitial_Client%2CInterstitial_Footer_Client&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F3%2F4%2C%2F0%2F5%2F6%2C%2F0%2F7%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=1x1%7C300x100%7C300x250%7C320x50%7C320x100%7C320x120%2C1x1%2C300x250%2C1x1%2C1x1%2C1x1%2C300x250&ifi=1&adks=607592665%2C1315738517%2C187623302%2C4032110609%2C4032110700%2C2642735821%2C2709597352&sfv=1-0-39&ists=4&cust_params=explicit%3Dno%26artist%3Dstandard%2520dii%26album%3DJust%2520Like%2520Magic%26linkid%3D4a9021d2-5ffa-4f2b-8b27-e7e491a438e3%26boardid%3D5a621ad7-a8a7-4e7c-8328-46f5a49f0600%26toplevelboardid%3De1e62dfe-4811-4b77-8e11-805340d5d633%26organizationid%3De1e62dfe-4811-4b77-8e11-805340d5d633%26countrycode%3DDE%26city%3DFrankfurt%2520am%2520Main%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%252C45%2520days%252C60%2520days%26planid%3Dcf28ab68-2251-422d-af21-3322e0639ee5&sc=1&cookie_enabled=1&abxe=1&dt=1667606438010&lmt=1667606438&dlt=1667606437556&idt=425&adxs=640%2C0%2C1000%2C-12245933%2C-12245933%2C-9%2C-9&adys=747%2C-160%2C294%2C-12245933%2C-12245933%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fgojedistro.lnk.to%2FJustLikeMagic&frm=20&vis=1&psz=320x0%7C1600x-1%7C300x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=320x0%7C1600x-1%7C300x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=4%2C516%2C4%2C644%2C644%2C2%2C2&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C0%2C0&ga_vid=2076413108.1667606438&ga_sid=1667606438&ga_hid=1225258811&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b159dc6a159f41c950e3d76f4e14cd667bc5fcae2f316edabb51d3c7d6d490cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114193
x-xss-protection: 0
google-lineitem-id: 5873409254,6013481272,-1,-2,-2,6047369944,6133937907
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138376871984,138391463534,-1,-2,-2,138392874836,138408257876
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gojedistro.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 19C8 6 KB
3 KB 166ms
43ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gojedistro.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 00:00:38 GMT
expires: Sun, 05 Nov 2023 00:00:38 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ic-shield-blue.svg
static.assetlab.io/consent/1.5.15/assets/ 1 KB
1 KB 7ms
7ms Image
image/svg+xml 52.222.236.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/consent/1.5.15/assets/ic-shield-blue.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.5.15/consent.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-112.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.assetlab.io/consent/1.5.15/consent.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: GexGEXWrKbErY7uVJiOBePDhbEsoNeWq
content-encoding: gzip
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 22:09:31 GMT
last-modified: Wed, 22 Jun 2022 14:15:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 6667
x-amz-server-side-encryption: AES256
etag: W/"560dd3386ebf80f78c934aeff4a6a82c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 08Bi2yY1v9GBUP1zng94ZvJP3VPVVnd3Y40lBlhlEGn6sLde9SWQiw==

GET
H2 200 ic-close-s.svg
static.assetlab.io/consent/1.5.15/assets/ 351 B
758 B 7ms
7ms Image
image/svg+xml 52.222.236.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/consent/1.5.15/assets/ic-close-s.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.5.15/consent.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-112.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.assetlab.io/consent/1.5.15/consent.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: u1ZeqXODDID7yOlAp1Ue7kMFg5Oq11V1
date: Fri, 04 Nov 2022 22:09:32 GMT
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 14:15:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 6667
x-amz-server-side-encryption: AES256
etag: "d303b6c7d844d91101e1e4c63156cfec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 351
x-amz-cf-id: 4fMBEyzSKmK4gOkekbBHsLmlQqiiO-NQHHR0wVqGN5xhXIbu5nm_ng==

GET
H3 200 bridge3.542.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0930 688 KB
222 KB 108ms
35ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.542.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd0aba78213949a0e6a7318d9af345b513e91eb5ccca7b86f72855e8d5368f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gojedistro.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 191354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226915
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 18:51:24 GMT
expires: Thu, 02 Nov 2023 18:51:24 GMT
last-modified: Mon, 31 Oct 2022 12:16:09 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 144ms
46ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Nov 2022 00:00:38 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 138ms
53ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f33f9d7ab163a4e639a636f6f5293db193fd0ef1b5d5df181b7f83af98e7d761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11086
x-xss-protection: 0

POST
H2 200 / Show response
gojedistro.lnk.to/~/tr/consent/ 70 B
186 B 106ms
106ms XHR
application/json 54.72.234.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gojedistro.lnk.to/~/tr/consent/
Requested by: Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.234.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-234-65.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4c57e5bf6cda84597e206866f1eacb0ab1ab49a4a34a9e937633f01fb5ea587e

Request headers

Referer: https://gojedistro.lnk.to/JustLikeMagic
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Nov 2022 00:00:38 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DC54 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFPy7HjEMJEAyIEJPczQ_oCLY39QiTSn6v9L_Mh3eMiN78qt6dQgKGkhe3YD-uCJHE9b_E_2sS5WfXOSzrn7BA769Lb5luLnyWsoMX6FnXGNHBlA75XEgwHatHCwDthpRkCxjJThZHAFv7z1nhncmGHjhf5shfnZeXxSC6OM2Gg2ciEt8-CqkXyFB_4rtBXkxbBj-ul3NtTaeNcnehb-AoBY2FgVicugj6zhmq377nHfPJl-RzyorBTeL2Jg-hhxTsgkR-tuzaKQ4sRH4MvVdEFbxcP6ysaJbmj-GH3Iynj3riGJRFebdOlUbz8Sp2T2qHttXF2eoU44JcARHU69U&sai=AMfl-YTbJ7bhYyMrj8iviPpnpXchgRLd6Ghljn6S7zTVK6Vnrb_mnz20ClwkhJmARPAkwH44ool9B4ldHQbTCQvDIfE19lI6g0d1rAsSZ_6tBEEKaKVY2sneVTu3rucgjMZ3vsut9w&sig=Cg0ArKJSzI51DvQ910u3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 05 Nov 2022 00:00:38 GMT

GET
H2 200 23872.js Show response
ads.rubiconproject.com/ad/ Frame DC54 30 KB
9 KB 72ms
7ms Script
text/javascript 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/23872.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:38 GMT
content-encoding: gzip
server: Apache
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1968
access-control-allow-credentials: true
content-length: 8916
expires: Sat, 05 Nov 2022 00:33:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC54 154 KB
48 KB 302ms
218ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 00:00:38 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 132ms
45ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 00:00:38 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D21E 0
0 74ms
74ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqwt7n0cWRpWs9Aml_dyuWdgfPWSyW0c1_rxuMBW72lM1BztVpcyFzJ5YaTQXWFrDgp7uCtdiucxyU8hkMszggHFOoipQK763MXZhIXen4n8K9V7rFuD0v5J4cKJDH4eHNEvhaU2qbpfcrWIW4nQXrQVtqofhqLaODkcY76g1GhmwTplsifaU2HsTEHKiTS_G9MeDiIcgT7Iflgw6lY1Rbwgn33I1J-pvJg4aomn1t8e_9WyrXHaJ6vSr2xtf8wdivj6Bqlppoe2ZXg_RBUjP5AjNndqOMRxDPVVLfMJxaalGm6_ZkgvBBZxn6PbUu7PBdjELpR-xeKbhKIS7tHLw&sai=AMfl-YTVDDZD_NXwvzZ98E5kaacoxwl_mjakZoPRlBGhQK9Djxk7NWXIM5zXc2g08eKEzF1XUUlIbLrrWykA_dPn_nJhs5cA3Eyrek9fR7zt7veuD38l0I0bBnPlT8z9Y4wguCfPZQ&sig=Cg0ArKJSzMQY7zeO_wfMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame D21E 4 KB
637 B 120ms
48ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500&display=swap

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ecf7b976377faa5bde06f7e25ac0080ce722442ac7e361f6b14ddd4c32e63ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 05 Nov 2022 00:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Nov 2022 00:00:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Nov 2022 00:00:38 GMT

GET
H2 200 vue.js Show response
cdn.jsdelivr.net/npm/vue/dist/ Frame D21E 423 KB
104 KB 63ms
33ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue/dist/vue.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a2ca5d5ba8b698ba822e508ae08498ed2af912c1c8ed9944541fdfba2cb63f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7770
x-jsd-version: 2.7.13
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19163-FRA, cache-itm18849-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"69b70-mpeufWA15Ina+VaK0fRUagnFmdA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xdq72z1OTqjyk5iaSVk66AsTjNxTb3cXUYerhXPD0Xi9EO%2FlQOpCwjCLfqXuvddpenpO1LMzQu5MTQomJrSgoe2djzxdiDKyRg2GokLmqOKlMy0OVvVEweEPYdpxL6J0hx65zI%2FZ10zK%2BcrK60%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 76514f720b95bb77-FRA

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D21E 154 KB
47 KB 287ms
282ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 00:00:38 GMT

GET
H3 200 container.html Show response
573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame A7CC 6 KB
3 KB 108ms
36ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gojedistro.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 00:00:38 GMT
expires: Sun, 05 Nov 2023 00:00:38 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 2265572-15.js Show response
smarttag.rubiconproject.com/a/23872/404494/ Frame DC54 147 B
917 B 194ms
101ms Script
text/javascript 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/23872/404494/2265572-15.js?&cb=0.8942802863443591&tk_st=1&rf=https%3A//gojedistro.lnk.to/JustLikeMagic&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=404494_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/23872.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 00:00:38 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 147
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CBB0 13 KB
5 KB 110ms
36ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gojedistro.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 871
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 23:46:07 GMT
expires: Sat, 04 Nov 2023 23:46:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2E68 783 B
1001 B 134ms
50ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

81b1985171c253f0853abe585981d642b2d910c521e66bdecb72603b501a33e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yhFB-1qi6PXYToWzHroVmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gojedistro.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-yhFB-1qi6PXYToWzHroVmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 00:00:38 GMT
expires: Sat, 05 Nov 2022 00:00:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6472 0
434 B 132ms
48ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNu5KRDRjp2AAhj90PTXATAB&v=APEucNVxYu0aieCZ_Nea8y2YAU3ktdpp9ODRDAgeRermElrdNT_Jkw1dCJIKHkom1GXJNBieCiLBAlRYVsqskUM6MuRRVlcT2Q

Requested by

Host: 573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com
URL: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 00:00:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame A7CC 23 KB
9 KB 111ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:06:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 18:06:32 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/ Frame A7CC 6 KB
2 KB 109ms
37ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:06:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 18:06:32 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A7CC 0
0 165ms
78ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssp_SBDielhaYWXvvc_zx14uIJp_buyNXSnbC0ij3C03htG4iu1Dc5tdpP_FmGv8h2j4rjkbcFWaPZdACjzsDxoXhWfduGY7UaH2-Xi5n02f313VCISGIDt8fJ9esKKU4iGVD9DVOpNfK0Y7udDIeEcfDEnmhgVjeZ0cE3pmItK4kQBABg9m6hhwiRcdejj5KlE1k__wkTjcRrlLlavWJ8US7A1akTn38wHh3yGS3Oo_mTtms9fSxmCYaACU6Ou3st7NPABpiat4685kagKB-8CuEsK75iihgzoMIh42nczBfZfYlsg-zKg25s9hg4UbUHNDmpnUqxkhMEcnqYNipbHxvSrvcOlT-jykvxDX9XIqHXk7RsNLNp3cjaY20lulduq6IVVFNdHYZcpdr2rskoWHON8YZR_CdCGGBgbsHi-c2nsUvx6tKkI9vL_9NfeXB_CgmdDztfi5tZY7QRHaCnWHwZLmL1wQbYKP7mWA2CFss96Z9XjVr0lIlWk5B1iwiDunnlhUGtuxmkiy7oXf7AKUYFE74B2iRsrWuMjJqGkK3ZmIfViBXtVLwdecD-dQ5riC_S7jabTA7K_Vx__EA5CSUsvFqDxo1wTHcLnWPS-_xpNlqE3qHgCwlH4cjlQF9NzCtunPDkpzz-yzCUECCL1D--HLwHg0nDNoTnI_a0RG3Cvu25fvMMln83JkWl5wAQrupGDQ-4ZLXGmlbYlcakzrei6CaRSCNWkDgXrlN1IAiJlb-uPcok2-VAuPeAhiryzT9AXPVZGX4DTLRlL_-ASdICUjT-m6dwwNlW3P20VW0bUHP9jUVZIiCe_uOT07qRj2LecEAAbpne-61oQEN6OdFPWQz4blzb7KbdORaCv54d7z82k9INFuFRaufeXobrODzTbpi3ruQL6SRjhhyQH3gaSQjH-niDPZUTYQ2HkTQ__InPXUZPhocd0SNvDBs0LwuLpZnKw9e0JPjTgGLXHnA_hSwIRWtyjsE2BFDHDFn_1N90RaMxrN5itM850c4fTvIaTffgnXbR4EnXnvmhu1CrQpqcb6gOeK2kD_p9uxgZGKJEsJb9EwUi2XbMGabD8Otq3LrdCYE-Jprmtzp8ZzpzkgZ00zynwb1fDlu8Vpxp5wv5W9__ysCIOAw&sai=AMfl-YTGwtYzaLlNSWmQwUcbjhJ7ijvhlK1KjxF5Ww6RsmxzcOP14yiqXkhkG1UXkN60gfTC2HdU7TW7GMGbAG2BEdmxmU2qZDrU39m_iNt886zQs2wsNV-Qv6uESNSj7WKZfPGzbp4uIKmMqgC92vphI1y89MIDaKxqj0a1S0epmoRacRJMLvTaC0y24STJ_iQecrjrFYo7UXJpTMJxFc9IoHSoNcfaRCakY0_lKhIdG60THdGb9t7-LlI0qxBlZxizQ_rAKPeq50oLYkHw6g4qO2gRiGrd1Wnf-oEXVJrX6OlOPIAj4m83youJz_2LuCgAnX4mvfEFhzhMLGaEQe6vJ8FkYkNAvhs6WbS0CPjtJn2PRJYmrigDG4aNCnNRG0pyhbe9NtsgC7Sv7LQQ92sv0bjS73wN5h7-l8omsYFT&sig=Cg0ArKJSzH-E9UwztEowEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221101.15356&arae=0&ftch=1&adurl=

Requested by

Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 05 Nov 2022 00:00:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 05 Nov 2022 00:00:38 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A7CC 41 KB
15 KB 162ms
113ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 12:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215946
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 12:01:32 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A7CC 42 B
63 B 145ms
76ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DQHj3bIqyKocw5S3t6lkQuD_LxgAySrlrLL3qoE4OsKUjiukjX4Pkce8_jf5nb_2StCjB-1h_JYhQxdiXReirq4xa_fiTl2sdsCfcyZZgOmUO6NAg

Requested by

Host: 573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com
URL: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 00:00:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame A7CC 3 KB
1 KB 165ms
117ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: 573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com
URL: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:02:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 18:02:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame A7CC 17 KB
7 KB 99ms
51ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com
URL: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 14:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 14:35:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A7CC 0
0 105ms
46ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_oe_LwnfG3Gns2RsPTby2WViqBSiI47JZR9psOSVX7wksOqGDS5jZH-PCJjMw50D4eM88
Requested by: Host: 573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com
URL: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A7CC 154 KB
47 KB 141ms
140ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com
URL: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 00:00:38 GMT

GET
H3 200 14603591626211048355
s0.2mdn.net/simgad/ Frame A7CC 59 KB
59 KB 110ms
37ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14603591626211048355

Requested by

Host: 573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com
URL: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289507a9db822574491ac2b20fae0083d66a4b144fc69c8f204176392ac95868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 00:15:12 GMT
x-content-type-options: nosniff
age: 85526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60485
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 15:17:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Nov 2023 00:15:12 GMT

GET
H3 200 3095447070234999794
tpc.googlesyndication.com/simgad/ Frame D21E 13 KB
13 KB 59ms
42ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3095447070234999794?

Requested by

Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eb85fa74e221b1fbe2c5108af14970e6e2e011c8dabe94e5b6056eb5f696eb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 15:08:26 GMT
x-content-type-options: nosniff
age: 204732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13268
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 17:54:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Nov 2023 15:08:26 GMT

GET
DATA 200
OK truncated
/ Frame D21E 334 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 388f9cc9fec7d049d4a74919c92f0d866d1e21efaf9cfbba39341a746a5bfd41

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 14107765740151134259
tpc.googlesyndication.com/simgad/ Frame D21E 92 KB
92 KB 56ms
40ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14107765740151134259?

Requested by

Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85dd38e8a7c98fd9b5dabf1ba17ab6da7059401f62359d9ef271e1823adc216b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 15:45:55 GMT
x-content-type-options: nosniff
age: 202483
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94282
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 15:29:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Nov 2023 15:45:55 GMT

GET
H3 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ Frame D21E 18 KB
18 KB 120ms
43ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gojedistro.lnk.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 18:05:40 GMT
x-content-type-options: nosniff
age: 280498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18860
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 18:05:40 GMT

GET
H3 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ Frame D21E 18 KB
18 KB 115ms
39ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v14/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gojedistro.lnk.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 23:13:53 GMT
x-content-type-options: nosniff
age: 89205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18000
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 23:13:53 GMT

GET
H2 200 1x1.png
secure-assets.rubiconproject.com/static/psa/blank/ Frame DC54 156 B
319 B 7ms
7ms Image
image/png 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-assets.rubiconproject.com/static/psa/blank/1x1.png
Requested by: Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:38 GMT
content-encoding: gzip
last-modified: Tue, 01 Oct 2019 16:53:58 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 155

GET
H3 200 yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js Show response
pagead2.googlesyndication.com/bg/ Frame CBB0 36 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 06:17:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2E68 0
0 69ms
69ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110101&jk=730493295245365&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame A7CC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a51139d72ba3881551462d52efd7fc42398d505f936ffd749ccb6c98725d90a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DC54 0
0 73ms
72ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIuay3lpINiiwOK5OdbnXYyRKZ9vYIYsFHzT-ogUw_zfwrQ1MU-Jv5UNpxjwhVKxb_Au4-B4bB6ZhEQDBeOShhB4bj3LN_1jQ0kC6NXoN_oiJMDVXXcwbhJYkgvBvfc1rv5VOgBzKArvNZlRNLnK4qk_M4kxliPvhUuneoaQAHeCPFtGf0-oYj5lJdMFZVTWEN78vvdGnr_1uj7qcwMYNJy8QAGCtFcN0JuyzYkVm5KlNs590eamr1RWAPSvEQ2YAOxcqcwUwUXJPoU49jXMp_knRWHNZnB0aZG_7rnTcT3dmJawFD0IPiHwZ2R2UfIbj2MChpGobhpp9oYFCNbE0YVQ&sai=AMfl-YTFM1EQN4lxZQN2uqleWQsA-GoUx7v5iKpS3gG4-zLZHLGhflu_oK4C4TR9FAJX0SAmCN1K7yw1-1k2_oJW_n9-y0Hy-Zo4pBVvvFxje_yxva-Rg12N3Ti5hmRZbmMoutoCoQ&sig=Cg0ArKJSzIx9O1ubEVbgEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 05 Nov 2022 00:00:39 GMT

GET
DATA 200
OK truncated
/ Frame DC54 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c191574803a5ea10ee34d6f3c78a4b4fd277fdbf49e444b647460ec640c78dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A7CC 0
0 129ms
70ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssp_SBDielhaYWXvvc_zx14uIJp_buyNXSnbC0ij3C03htG4iu1Dc5tdpP_FmGv8h2j4rjkbcFWaPZdACjzsDxoXhWfduGY7UaH2-Xi5n02f313VCISGIDt8fJ9esKKU4iGVD9DVOpNfK0Y7udDIeEcfDEnmhgVjeZ0cE3pmItK4kQBABg9m6hhwiRcdejj5KlE1k__wkTjcRrlLlavWJ8US7A1akTn38wHh3yGS3Oo_mTtms9fSxmCYaACU6Ou3st7NPABpiat4685kagKB-8CuEsK75iihgzoMIh42nczBfZfYlsg-zKg25s9hg4UbUHNDmpnUqxkhMEcnqYNipbHxvSrvcOlT-jykvxDX9XIqHXk7RsNLNp3cjaY20lulduq6IVVFNdHYZcpdr2rskoWHON8YZR_CdCGGBgbsHi-c2nsUvx6tKkI9vL_9NfeXB_CgmdDztfi5tZY7QRHaCnWHwZLmL1wQbYKP7mWA2CFss96Z9XjVr0lIlWk5B1iwiDunnlhUGtuxmkiy7oXf7AKUYFE74B2iRsrWuMjJqGkK3ZmIfViBXtVLwdecD-dQ5riC_S7jabTA7K_Vx__EA5CSUsvFqDxo1wTHcLnWPS-_xpNlqE3qHgCwlH4cjlQF9NzCtunPDkpzz-yzCUECCL1D--HLwHg0nDNoTnI_a0RG3Cvu25fvMMln83JkWl5wAQrupGDQ-4ZLXGmlbYlcakzrei6CaRSCNWkDgXrlN1IAiJlb-uPcok2-VAuPeAhiryzT9AXPVZGX4DTLRlL_-ASdICUjT-m6dwwNlW3P20VW0bUHP9jUVZIiCe_uOT07qRj2LecEAAbpne-61oQEN6OdFPWQz4blzb7KbdORaCv54d7z82k9INFuFRaufeXobrODzTbpi3ruQL6SRjhhyQH3gaSQjH-niDPZUTYQ2HkTQ__InPXUZPhocd0SNvDBs0LwuLpZnKw9e0JPjTgGLXHnA_hSwIRWtyjsE2BFDHDFn_1N90RaMxrN5itM850c4fTvIaTffgnXbR4EnXnvmhu1CrQpqcb6gOeK2kD_p9uxgZGKJEsJb9EwUi2XbMGabD8Otq3LrdCYE-Jprmtzp8ZzpzkgZ00zynwb1fDlu8Vpxp5wv5W9__ysCIOAw&sai=AMfl-YTGwtYzaLlNSWmQwUcbjhJ7ijvhlK1KjxF5Ww6RsmxzcOP14yiqXkhkG1UXkN60gfTC2HdU7TW7GMGbAG2BEdmxmU2qZDrU39m_iNt886zQs2wsNV-Qv6uESNSj7WKZfPGzbp4uIKmMqgC92vphI1y89MIDaKxqj0a1S0epmoRacRJMLvTaC0y24STJ_iQecrjrFYo7UXJpTMJxFc9IoHSoNcfaRCakY0_lKhIdG60THdGb9t7-LlI0qxBlZxizQ_rAKPeq50oLYkHw6g4qO2gRiGrd1Wnf-oEXVJrX6OlOPIAj4m83youJz_2LuCgAnX4mvfEFhzhMLGaEQe6vJ8FkYkNAvhs6WbS0CPjtJn2PRJYmrigDG4aNCnNRG0pyhbe9NtsgC7Sv7LQQ92sv0bjS73wN5h7-l8omsYFT&sig=Cg0ArKJSzH-E9UwztEowEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=201&vt=11&dtpt=200&dett=2&cstd=0&cisv=r20221101.15356&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: gojedistro.lnk.to
URL: https://gojedistro.lnk.to/JustLikeMagic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 05 Nov 2022 00:00:39 GMT

GET
DATA 200
OK truncated
/ Frame D21E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40ec9f68de96e3d796b79c79319de354fb3ed93381d39cc628efa7fdded34d94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D21E 0
0 73ms
72ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssidpRnSQzZCmQiJbgBo3w3nH7zv3WVMRX4hb7GXAnbGpdkenK0C22o5lCPu_PrQcYIn5raIiTJsEbcAcgag6U6mqiJzpt2VLw2azcdG3R9Zt-97VmGEi-CJZw4UogBSKElmBl3VSLyZ2NDxRvCAex5c5tLJr3ARRXSE6x108bzW6RjBO-MP2EJKHaf-UyyRYSYyfzz00wDTYWL0DPbncVz9rl_54qDPRaZoRwv5Nccc5CWWzYYGj3e7pWDd5WEjP9g-17Am1SuxFYkZoxJQyHv9WB_4o8kzg05-bPqI4N6VM9isS3clLjLTLC9sjY9Xr9fTkjqxCQWgcwb_z7fcwIfOw&sai=AMfl-YQEkOuD_hbWi_gV0vfKVzeIxkMcDcScD3LWwUoqj73T246CymaXDLvwaPAfeohPQcBWrPQTNrFuQJ-SllzRoQoHTcpu1AiXZBDiqeHxQdy8MfXOYwzCX24lnbQEM7aPqoaZXg&sig=Cg0ArKJSzMnHO8bU56vJEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 05 Nov 2022 00:00:39 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DAB7 22 KB
8 KB 36ms
36ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 215946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 12:01:33 GMT
expires: Thu, 02 Nov 2023 12:01:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CBB0 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2qidHg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 00:00:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js Show response
pagead2.googlesyndication.com/bg/ Frame DAB7 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 06:17:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DAB7 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-8qDpqdlY8jjBNThgAfW26OYDgAAAAA4AeAEAg&bg=!39yl3JjNAAZPh4lnb4c7ACkAdvg8WvrHhlSDQ32kCvlsPvAVTentANXtZlWDaz--NpKqLx-pYEkeDAIAAABOUgAAAAJoAQeZAviCmeCZ1v-PvpdvdOizMXO4B-VzCj9MRIHIGtOL8LQ1o2pNvBiu1XgUS3eb6Ej-yVTMDYTi9v6u2iIs8E-vcjrEeyoMJiAHgy_KT79wp46DVW7WoifeK45EmotjF_5ptztKsAq2A0KoymMFRrArtt2ONBTJWcUsvs74KtSZMUiPUgL3SjvUY1-RUvnJ-sMt9XRyZSxx0wlRCzIGSK0Q_4MjRs2k5MBLPWurwrAzPooPYu_F73SwkcZCauKOcKwooqHu-2c9PYKZC1FGh2iY9dYN3JtEj_D3Z42zlQtrrdGYZDjczoSwWlc3Hbsg3CAn49BdKfKPp5l7yXkwDjVeLFrb11bXjrJy157JwC9VjVDhdJ7ADARtS31lhomC4bCi8YCvZb7jAcqTXTzOGoLgaFcp_iBIdzRkkKKr8rAeT3z8eIGhTXdX-3kSBw1Uqv3SPjT_o7vQUJI5QOJCZYGjQeqORoyj__zeksz85GyARObiEsgXDBwzJI_K5QYnEqshXqvKtfguR1bFJAjxHtLW41fey92qtKSmKH3qFMRADVB0nM6PuCy669Ls1GbYtV4waV2DNQ5fBhXl62vI1RTXOnCaCWGsKHgaC2tqhE6V2IcJL2ZTmeUyj3CrcOc5Kvp-fegmeDHHs0iYU_QA0fY1OLynU-LitLLWni-niLuVauNVO8K8PLMUmEERu3Ah_kfkm-CZ_XalXOZaJr9VJqBkITnMX2LvMSTrJvfMY8vSiFtccsCn6k8QJQH9cTgF_ZfhT-4FyhaOjpfhFEwUyGFiYfL1YGqn7aEKN0bf0xMzvHX4Emm_JXToBHwe6jNL5ygMlt0kGaULoFW6_vhjYcb_ma_CxnPVige3KzImDAoI83Ff-GCZNVnXzVU4-SJ_evBAIoHQO9VqmoEWtsRsaQnd-2r4sxmt7SyuGdwojWNRF_LMv7KYCXc2ypv_FMZYgrfQkwld4_MNaKYcJO8_hw7vXBqwdpOcyEKVZpewtsMrVBJG4WzK7Xy-mrpW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 00:00:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
73ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110101&jk=730493295245365&bg=!mpmlmd3NAAZPh4lnb4c7ACkAdvg8WgHuP1fJrVE_CjcfFzKA0ecsFp8iZazBwtOInSDJe_fY0iPPuwIAAADtUgAAAANoAQeZApzjUfnil_vC_YVVswXLFQyamY1XJGMqCLQsY5aE3KC8RGMF_AQHBIiuyFt4c1PuRwPcmjIb4f8phFO5iq1mhAHRhprfrJLzl5d069-7f5aPEl_uM68wDqpbwTqXhLz8her_m2x7GFYcYBjzg1iYweBhoY0AYUq6aizkdQS_wYxiLTaFlxReHcDCOxH1JaO_G7En_IeRAqwIIS9k2fvV8IOFDdfJwSPtxgg_cN1-WQyHurif7RqJW-lijlkx1KsZ1Xa0GqTaJzS3kcaXSZ0l0tURd8D9VCohcPLzKMeYG2NXbgxFWaWJjKnNgH5WdvmEjgkqAx5us9ANqcXVymPcSBIV8U99iSbagjB4jpSKaZ6b092g1fRutF-ovImaQ6sFS2njL83hyhBulRgYsF-jgCIqLTqvzVZ3iP8ADF0xfGQIVHDZsJnwBzyFWm_Zcl4myeaCL87KCkgrk8nNiFdhjrfBuSwLDcLThK5QwdLVY2wx1TkhC67FdI6H0eTopbX9RR5CSml6pqY4WYnbUPMPFfPm00YPn8kfmc753-5pTyjFnOI8N6KbUqIqeDXmyIZmyML2NZV8AaDoD0S4-jprAarlG2jAFNYEDQxb0gu9BROO9QwM1zuYAdbsLzzT1ceishr6HpFcJQmOUsXLhMb84DfEw7MSAuHlP10qgs7hq8H2R1oYcojzc3wkmA9-i7jlRuiK_6tGCS4H3kuzxFm6BvaZj9Y0Y-8Bkp4sIgMQL5G4OC2HAD-FJhzGYTt7oHcNE03k6z_t4WoGrf40QHR0EGDVYURB7TqY8Z76bpqLNbCgj5xpKA2qxRpesoL9Aexie_RvlVlrzR_vxrIzpWR3XB0DJgEu1CvQSVC1fo65x0nHToQI5Ld1_qIyG30w4g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DC54 42 B
64 B 142ms
70ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcr2eIMPq2cHIG6eFIQKgLbTlwjk_AFxmnsKyZR1KHlVFbaCzZzxy6ZU0SssDOp-YrUAUeehlNPZdgc_z6aLVxlKKRJDA8zDT26f0zYNoeQalgJEk_&sig=Cg0ArKJSzDPY9pMVkhynEAE&id=lidar2&mcvt=1000&p=755,640,1005,940&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221103&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=607592665&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667606438608&rpt=404&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 00:00:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A7CC 42 B
64 B 106ms
73ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-TO5M8_U9sl3nn3cOPDXGNj8cTllpWJgQbJULvXNXVryoBvZtNaD4j-k5FN-V6QJgFecYGH__n11RPNzlcvohqxpGJWIDjmO6gmt49dlhq6GtnMktscCqTL7usw&sai=AMfl-YQp6trxkD-1Us1LQEi1fdq9zwOPNewaCcXNEDHBFPDf6PHTn5HcyR488Dzg_UE6C31fC9c3xc8CjVfImALcor2ugoFv4usqlV5xUnF8ZyX74EdMsq0ZMNTKtkwm0Cp1qis&sig=Cg0ArKJSzA8JQiI5OCqCEAE&cid=CAQSPwDq26N9KZK-orf2_CAT1vOAcxeq_j-JbAHV7QN5zW0YnoYpstIlb0zWxX1WX5nn5tYDhLGOxUt1IDAoZh5yhhgBIA4&id=lidar2&mcvt=1000&p=294,1000,544,1300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=187623302&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667606438704&rpt=362&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 00:00:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D21E 42 B
64 B 70ms
69ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMTcwOBPg8blY5IchMB0ZS479N8Kt5ioEWLVKbqouXGl3_0osze6BwmE1PKh-AVAlvHP7WdNceMqpX5sVvakysSsHMiig9KB_f9mYnHe3riSd84CUG&sig=Cg0ArKJSzL0fkNmZsWmwEAE&id=lidar2&mcvt=1000&p=-160,0,1040,1600&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221103&bin=7&avms=nio&bs=1600,1200&mc=0.87&vu=1&app=0&itpl=19&adk=1315738517&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667606438688&rpt=399&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gojedistro.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 00:00:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lnk.to/	1970-01-20 07:13:27	Name: LF_session_a05ace53a8078f49f8f8abe26484fc95 Value: 1
.tonemedia.com/	1970-01-20 16:49:26	Name: CF_ID Value: 3e0f3504a232c6bcead4d96f0a2f254b
.tonemedia.com/	1970-01-20 16:49:26	Name: CF_ID_New Value: 1
.tonemedia.com/	1970-01-20 07:35:02	Name: bot_tracker Value: a%3A2%3A%7Bs%3A11%3A%22ads_counter%22%3Ba%3A1%3A%7Bi%3A1667606437%3Bi%3A1%3B%7Ds%3A5%3A%22isbot%22%3Bb%3A0%3B%7D
.lnk.to/	1970-01-20 16:35:02	Name: __gads Value: ID=dd2149ee412dbb6b-227282ef6ace00ce:T=1667606438:S=ALNI_Mab6b52iFbPt8QzJhZuk6AuuAyIkA
.lnk.to/	1970-01-20 16:35:02	Name: __gpi Value: UID=00000b7cae857d85:T=1667606438:RT=1667606438:S=ALNI_Mb87qGg34Ty2rLhW7X1E0bKQfXyCw
.doubleclick.net/	1970-01-20 16:35:02	Name: IDE Value: AHWqTUnF_w6E3d10564CzeOATYXexMxdUD4lPHPQdCt1MXle92x3krM-2enl88Bhayg
.rubiconproject.com/	1970-01-20 15:59:02	Name: khaos Value: LA35TFAB-I-GMNB
.rubiconproject.com/	1970-01-20 15:59:02	Name: audit Value: 1\|hLZGFuTafB0XSB0mvesutT5APvdogVCbaTd6KyMQnavCRi4Lg8bJK+gLnokKq62KBNX0cV9UD0Jk7ICUBcb5fTOZUHL6E73chfs3YucIAePQD5U7tEfUTQ==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://srv.clickfuse.com/showads/showad.js(Line 12) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://srv.tonemedia.com/showads/adunit.php?id=100001073&di=&subtag=&search=&artist=Standard%20Dii&song=&tvt=&alb=&alb_is=false&dvid=&vpw=1600&abf=1&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=true&cm=&url=https%3A%2F%2Fgojedistro.lnk.to%2FJustLikeMagic&t=1667606437825, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://srv.clickfuse.com/showads/showad.js(Line 12) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://srv.tonemedia.com/showads/adunit.php?id=100001073&di=&subtag=&search=&artist=Standard%20Dii&song=&tvt=&alb=&alb_is=false&dvid=&vpw=1600&abf=1&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=true&cm=&url=https%3A%2F%2Fgojedistro.lnk.to%2FJustLikeMagic&t=1667606437825, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

573a4621dc0c6c37e8e9dd0239a717e2.safeframe.googlesyndication.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
gojedistro.lnk.to
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
linkstorage.linkfire.com
pagead2.googlesyndication.com
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
services.linkfire.com
smarttag.rubiconproject.com
srv.clickfuse.com
srv.tonemedia.com
static.assetlab.io
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
13.32.27.72
142.250.186.34
18.200.211.36
23.203.77.3
2600:9000:223e:2200:14:38a4:2ec0:93a1
2602:803:c004:200::143
2606:4700::6810:5814
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:802::2002
2a00:1450:4001:802::2006
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
52.222.236.112
54.216.244.31
54.72.234.65
012d4cc53ce9470d70ee381caa4ee89f4b4f5229922af1db0a5b23dbf0b67610
07d644eb7847d3f5d6ea966b689b5d5c76c4981b4d3c7870e57f08ecac61eb4e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e2bd670485922ff4aa25ef930c6aa4db4634dd410de01157dcdcc06825b5bc
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
1eb85fa74e221b1fbe2c5108af14970e6e2e011c8dabe94e5b6056eb5f696eb2
23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e
289507a9db822574491ac2b20fae0083d66a4b144fc69c8f204176392ac95868
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
388f9cc9fec7d049d4a74919c92f0d866d1e21efaf9cfbba39341a746a5bfd41
39f747b9be76f0bfabea1d4db021ab5faa85174441339b96d9ae6d47a794a5b1
3a2ca5d5ba8b698ba822e508ae08498ed2af912c1c8ed9944541fdfba2cb63f0
40ec9f68de96e3d796b79c79319de354fb3ed93381d39cc628efa7fdded34d94
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785
4c57e5bf6cda84597e206866f1eacb0ab1ab49a4a34a9e937633f01fb5ea587e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52da3158656fa25f0cf23f4c607cec939b53480478e9f72dbc79c98aeeae664d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5801755f47793ba0c976903e6a7ec8ed68e05cf80c4197dab78b9cde4049c918
58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e
5bd0aba78213949a0e6a7318d9af345b513e91eb5ccca7b86f72855e8d5368f1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63
69f55a3ab55de5a5d1888c5b3a40b2e4389f260a6c60c226f21d197905b87a7e
70ca1a22691fe0c65a806b887aa1db5107f1f646e7a373449d76e35030b31287
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
763c09aa56110b05ed4d4d716ba81736b6fe696c57d66cbef6d850d9bfe35782
7ca7d6cf452ff72ed31f2be62277da6a0eee441187df240c9fdd551c2d8945ab
81b1985171c253f0853abe585981d642b2d910c521e66bdecb72603b501a33e9
85dd38e8a7c98fd9b5dabf1ba17ab6da7059401f62359d9ef271e1823adc216b
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
9ecf7b976377faa5bde06f7e25ac0080ce722442ac7e361f6b14ddd4c32e63ae
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51139d72ba3881551462d52efd7fc42398d505f936ffd749ccb6c98725d90a3
ab659f3b8c832932b95844fe1945e22b637f9650ed46c1713dc23af760d99b83
ac792a20ca5b8fe8ed620f5dc4118c77684e978a7e137749dc9ecb9100a765b2
ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d
b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68
b159dc6a159f41c950e3d76f4e14cd667bc5fcae2f316edabb51d3c7d6d490cd
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b33c40fd260a6fb043e9d89a974727df7d3058a2e5e80a438eab12c7fedd9083
bc532768d3e0d31e18ae7078093f175ae3454d81453fe20e9fb644260a1c140e
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c191574803a5ea10ee34d6f3c78a4b4fd277fdbf49e444b647460ec640c78dd5
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
ce331bf5c6c5e330f399d37e697146dd66cbc23038c122adba0b3cd3b1fe2781
ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
dc0d8191ca9bacc9a33b5aa1a79a8e9a4dde46ec1e7133242f10500456e6b2e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b29707ddd9bf0b1604fcbc8d6f4741d886de7361a9cba0cd0d1b38860af1d1
ec615a7dac80e0a29aad5a4c976ebfe0e40c21547fa39c1e27c4749d1d016a1e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f33f9d7ab163a4e639a636f6f5293db193fd0ef1b5d5df181b7f83af98e7d761
f8a9b6a12cd203128f1fbde87d4fb396511cec3492ae458f654e44a97afb9d90
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2

gojedistro.lnk.to Open in urlscan Pro 54.72.234.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

79 Requests

100 %HTTPS

70 %IPv6

15 Domains

24 Subdomains

24 IPs

3 Countries

1732 kBTransfer

4641 kBSize

9 Cookies

8 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gojedistro.lnk.to Open in urlscan Pro
54.72.234.65 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

100 %
HTTPS

70 %
IPv6

15
Domains

24
Subdomains

24
IPs

3
Countries

1732 kB
Transfer

4641 kB
Size

9
Cookies

79 HTTP transactions
4 data transactions