klemen.lnk.to Open in urlscan Pro
63.34.44.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://klemen.lnk.to/UnderMyXmasTree
Submission: On November 23 via api (November 23rd 2023, 10:19:35 pm UTC) from FI — Scanned from FI

Summary HTTP 52 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 52 HTTP transactions. The main IP is 63.34.44.168, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is klemen.lnk.to.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 10th 2023. Valid for: a year.

This is the only time klemen.lnk.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	63.34.44.168 63.34.44.168	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
11	108.138.36.69 108.138.36.69	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	13.32.99.14 13.32.99.14	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:223... 2600:9000:223f:600:14:38a4:2ec0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2 4	18.245.60.107 18.245.60.107	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:8e:... 2a04:4e42:8e::760	54113 (FASTLY) (FASTLY)
52	14

4 63.34.44.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-44-168.eu-west-1.compute.amazonaws.com

klemen.lnk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 108.138.36.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-69.muc50.r.cloudfront.net

static.assetlab.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-14.fra60.r.cloudfront.net

linkstorage.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223f:600:14:38a4:2ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

services.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.245.60.107 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-107.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

465df146b3cf0eb0c78724d8df717a22.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8e::760 (United States)

ASN54113 (FASTLY, US)

p.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	assetlab.io static.assetlab.io — Cisco Umbrella Rank: 87356	395 KB
9	googlesyndication.com 465df146b3cf0eb0c78724d8df717a22.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	42 KB
9	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	167 KB
8	linkfire.com linkstorage.linkfire.com — Cisco Umbrella Rank: 106922 services.linkfire.com — Cisco Umbrella Rank: 106333	235 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
4	gstatic.com fonts.gstatic.com	63 KB
4	lnk.to klemen.lnk.to	114 KB
2	scdn.co p.scdn.co — Cisco Umbrella Rank: 21471	356 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
52	11

	Domain	Requested by
11	static.assetlab.io	klemen.lnk.to static.assetlab.io
9	securepubads.g.doubleclick.net	klemen.lnk.to securepubads.g.doubleclick.net
6	services.linkfire.com	klemen.lnk.to
5	pagead2.googlesyndication.com	static.assetlab.io securepubads.g.doubleclick.net tpc.googlesyndication.com
4	sb.scorecardresearch.com	2 redirects klemen.lnk.to
4	fonts.gstatic.com	fonts.googleapis.com
4	klemen.lnk.to	klemen.lnk.to static.assetlab.io
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	p.scdn.co	static.assetlab.io
2	linkstorage.linkfire.com	klemen.lnk.to static.assetlab.io
1	www.google.com	tpc.googlesyndication.com
1	cdnjs.cloudflare.com	static.assetlab.io
1	465df146b3cf0eb0c78724d8df717a22.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fonts.googleapis.com	klemen.lnk.to
52	14

This site contains links to these domains. Also see Links.

Domain
music.apple.com
open.spotify.com
music.youtube.com
www.deezer.com
listen.tidalhifi.com

Subject Issuer	Validity	Valid
lnk.to Amazon RSA 2048 M02	`2023-07-10` - `2024-08-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
static.assetlab.io Amazon RSA 2048 M03	`2023-09-20` - `2024-10-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
linkfire.com Amazon RSA 2048 M02	`2023-04-19` - `2024-05-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.scdn.co GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-07` - `2024-08-07`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://klemen.lnk.to/UnderMyXmasTree
Frame ID: 9039657DA27B5AB6A288D481AB3D094F
Requests: 46 HTTP requests in this frame

Frame: https://465df146b3cf0eb0c78724d8df717a22.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0E2D0016D2073987684BFC4793784B7B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E4927942363D4B84F53EC1D7C6C28FE3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DEFDD7F034C02B5027AD9C5C93DEDEBE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Under My Xmas Tree (EP)

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

96 %
HTTPS

71 %
IPv6

11
Domains

14
Subdomains

14
IPs

3
Countries

1378 kB
Transfer

2881 kB
Size

5
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://music.apple.com/fi/album/1539010913?uo=4&app=music&at=1010lNTK&ct=LFV_67d4323c431b16942f0a534f8a050c37&itscg=30440&itsct=catchall_p1&lId=22512415&cId=none&sr=1&src=Linkfire&ls=1
Title: Kuuntele

Search URL Search Domain Scan URL

URL: https://open.spotify.com/album/5vf2hijiVBKAbIgKFFBsqm?go=1
Title: Kuuntele

Search URL Search Domain Scan URL

URL: https://music.youtube.com/playlist?list=OLAK5uy_mSEtCNykKoUzBcx_X6HjiyCqDhxpGzCQU&src=Linkfire&lId=a1721ab4-a789-475b-8c2f-dbca6aa65798&cId=d3d58fd7-4c47-11e6-9fd0-066c3e7a8751
Title: Kuuntele

Search URL Search Domain Scan URL

URL: https://www.deezer.com/album/184481332?app_id=140685&utm_source=partner_linkfire&utm_campaign=67d4323c431b16942f0a534f8a050c37&utm_medium=Original&utm_term=klemen-slakonja&utm_content=album-184481332
Title: Kuuntele

Search URL Search Domain Scan URL

URL: http://listen.tidalhifi.com/album/161194848
Title: Kuuntele

Search URL Search Domain Scan URL

URL: https://music.apple.com/fi/album/1539010913?uo=4&app=itunes&at=1010lNTK&ct=LFV_67d4323c431b16942f0a534f8a050c37&itscg=30440&itsct=catchall_p6&lId=22512415&cId=none&sr=6&src=Linkfire&ls=1
Title: Lataa

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://sb.scorecardresearch.com/cs/9923941/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 31

https://sb.scorecardresearch.com/b?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1700777970186&ns_c=UTF-8&cs_ucfr=&comscorekw=umg&c7=https%3A%2F%2Fklemen.lnk.to%2FUnderMyXmasTree&c8=Under%20My%20Xmas%20Tree%20(EP)&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1700777970186&ns_c=UTF-8&cs_ucfr=&comscorekw=umg&c7=https%3A%2F%2Fklemen.lnk.to%2FUnderMyXmasTree&c8=Under%20My%20Xmas%20Tree%20(EP)&c9=

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request UnderMyXmasTree Show response
klemen.lnk.to/ 113 KB
113 KB 1387ms
1215ms Document
text/html 63.34.44.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://klemen.lnk.to/UnderMyXmasTree
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.44.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-44-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fc03a8faa5dee1758e895b3341a21a1f174ed1091c65e98eed12691edd983560

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 22:19:29 GMT
server: nginx
x-redirector-version: redirector-v3

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 254ms
110ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3973c80583de9bcf5f2240148fb9ed0a9501625dc04bed7830970bd873d73589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 22:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30385
x-xss-protection: 0
server: cafe
etag: 638 / 19684 / 31079745 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 22:19:29 GMT

GET
H2 200 release-classic.css
static.assetlab.io/red3/611/ 70 KB
11 KB 220ms
74ms Stylesheet
text/css 108.138.36.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/611/release-classic.css
Requested by: Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef17fd02e9f074657b637aeb3db41dd53b820d831344308aa5e11e561251dd51

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: y6sJpyHuCrAQJBzXePiboRO1wEMxYlHy
content-encoding: gzip
via: 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
date: Thu, 23 Nov 2023 00:03:24 GMT
last-modified: Mon, 20 Nov 2023 09:39:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 80181
x-amz-server-side-encryption: AES256
etag: W/"413b78e3be6884e0fc2b57bdefa8bf12"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: tDyUp8H7Bnp3AEI3jJ3YjwhyIDbJPl86_dm7IDrjO6ylUaLJ7jPN0Q==

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 201ms
70ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 22:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 21:30:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 22:19:29 GMT

GET
H2 200 release-classic.js Show response
static.assetlab.io/red3/611/ 488 KB
149 KB 231ms
85ms Script
application/javascript 108.138.36.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/611/release-classic.js
Requested by: Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d46395e04493be869f02b037407116e73a2023fcdce6185085bce05f55de7532

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: CmelaWtaylMvyd5gfcIiz6r5XsThZXcJ
content-encoding: gzip
via: 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
date: Thu, 23 Nov 2023 00:01:38 GMT
last-modified: Mon, 20 Nov 2023 09:39:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 80317
x-amz-server-side-encryption: AES256
etag: W/"0ad59826a0ac52302aa2811323a6a102"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: kCOAodJ2yGnxWqhtvMPqn5pUuRxKCewuahN2cx-72vQrKhmCE8MlnQ==

GET
H2 200 artwork-440x440.jpg
linkstorage.linkfire.com/medialinks/images/dafc3a8a-b0e4-4a6a-8b08-9d5b7f1ce895/ 108 KB
108 KB 625ms
481ms Image
image/jpg 13.32.99.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linkstorage.linkfire.com/medialinks/images/dafc3a8a-b0e4-4a6a-8b08-9d5b7f1ce895/artwork-440x440.jpg

Requested by

Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-14.fra60.r.cloudfront.net

Software

The Great Gig In The Sky / Master of Puppets

Resource Hash

a2a37fe49e26a2c4889612640f0efef0d4f624aa3e1b5de10f6dec16d93ca3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding
x-content-type-options: nosniff
strict-transport-security: max-age=10368000; includeSubdomains; preload
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
date: Thu, 23 Nov 2023 22:19:30 GMT
x-amz-cf-pop: FRA60-P3
x-powered-by: Master of Puppets
x-cache: RefreshHit from cloudfront
content-length: 110105
x-xss-protection: 1; mode=block
x-linkfire-security: security@linkfire.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 20 Nov 2020 09:09:24 GMT
server: The Great Gig In The Sky
etag: "e8291fc78fd5a7e5433594e8f415f6fb"
expect-ct: max-age=0
x-frame-options: DENY
content-type: image/jpg
accept-ranges: bytes
x-amz-cf-id: R5bER99Ij2HuWrjHMuS-SNoO3QdakgEIPsSHGOt8bNbLszmjYND_Dw==

GET
H2 200 logo_applemusic_onlight.svg
services.linkfire.com/ 7 KB
4 KB 188ms
54ms Image
image/svg+xml 2600:9000:223f:600:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_applemusic_onlight.svg
Requested by: Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:600:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: nGo7v092Ub92VgXy.O3WmDeRgTKJPui3
content-encoding: gzip
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
date: Wed, 22 Nov 2023 01:45:37 GMT
last-modified: Tue, 17 Nov 2020 11:13:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 160434
etag: W/"3d4894f0254dc9d917c86fffd766046a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: jtZsIYe1Kk3luP-3J95VYpnwmXKUva2QcV_Dd_sswqq179NXnIAkkw==

GET
H2 200 logo_spotify_onlight.svg
services.linkfire.com/ 6 KB
3 KB 55ms
55ms Image
image/svg+xml 2600:9000:223f:600:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_spotify_onlight.svg
Requested by: Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:600:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
date: Mon, 20 Nov 2023 01:51:26 GMT
last-modified: Wed, 02 Nov 2016 12:14:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 420027
etag: W/"10ebad8fc307d85d6ed34e9fa95a7577"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 5CaPAQ4XcEaeNcW13Kzv_RfftVBN5zKr4ILgiyO6d8WDT7jaEIvqcQ==

GET
H2 200 logo_youtubemusic_onlight.svg
services.linkfire.com/ 5 KB
2 KB 58ms
56ms Image
image/svg+xml 2600:9000:223f:600:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_youtubemusic_onlight.svg
Requested by: Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:600:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ce9c869d01258f4e024478cbb35d9c6d905e247fe95a11984e5277a96dde0fd

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: G1rOQPF3JpQef3z0Vi5fsLBWAO__tg2E
content-encoding: gzip
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
date: Sun, 19 Nov 2023 16:11:23 GMT
last-modified: Fri, 23 Jun 2023 08:30:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 367688
x-amz-server-side-encryption: AES256
etag: W/"d074b492d1d7017ee94ac92a3891a8c7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 75TKgVuzDOMl7hbXh2xqfB6kWAuYOd53XSRT41Dda_zUldj0iEosMA==

GET
H2 200 logo_deezer_onlight.svg
services.linkfire.com/ 7 KB
2 KB 58ms
57ms Image
image/svg+xml 2600:9000:223f:600:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_deezer_onlight.svg
Requested by: Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:600:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8a9b6a12cd203128f1fbde87d4fb396511cec3492ae458f654e44a97afb9d90

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
date: Sun, 19 Nov 2023 09:40:40 GMT
last-modified: Tue, 07 May 2019 14:18:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 391130
etag: W/"c488f62a2b4ec4cc5f9368f3f9969eed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: -GHjpbvA6Q4HQROEyhVvSbGmit-u94ioDx8QjXmgAUOa4FDnLSjFdA==

GET
H2 200 logo_tidal_onlight.svg
services.linkfire.com/ 4 KB
2 KB 58ms
57ms Image
image/svg+xml 2600:9000:223f:600:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_tidal_onlight.svg
Requested by: Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:600:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 763c09aa56110b05ed4d4d716ba81736b6fe696c57d66cbef6d850d9bfe35782

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
date: Sat, 18 Nov 2023 13:21:05 GMT
last-modified: Wed, 10 Aug 2016 15:07:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 464306
etag: W/"2fd0abb508ea5e93eec3ad5a5d46141c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: a7owzsaqaipZ_RxX4p9Kev9yt9mn6aZgVjLTnl3T7VN_iUEcNZYLUA==

GET
H2 200 logo_itunes_onlight.svg
services.linkfire.com/ 19 KB
5 KB 63ms
62ms Image
image/svg+xml 2600:9000:223f:600:14:38a4:2ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.linkfire.com/logo_itunes_onlight.svg
Requested by: Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:600:14:38a4:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
date: Sun, 19 Nov 2023 17:30:53 GMT
last-modified: Fri, 23 Mar 2018 08:26:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 362919
etag: W/"db14889932940c59c989f46bcff71c80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: g4ebBQyNJA8MNUcEBwB6wd4gg8B8rMgxORars7OFHiFLPKbAU0GT7A==

GET
H2 200 skin.js Show response
static.assetlab.io/red3/611/ 544 KB
160 KB 162ms
161ms Script
application/javascript 108.138.36.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/611/skin.js
Requested by: Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: add9fd7db536525d1ca4bc512c4c4fc4398bd403f1762fea3810fe2621dc04fe

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: j2XbQxqs39LDhnhiqSfchuI5Lpx4Hc97
content-encoding: gzip
via: 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
date: Thu, 23 Nov 2023 03:37:37 GMT
last-modified: Mon, 20 Nov 2023 09:39:42 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 67426
x-amz-server-side-encryption: AES256
etag: W/"388bcd3cc98c0ff817045ffdd4a75b2c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: gxs505zmTfDxWFoYMUEtW7BoJs57aeZ6F_TrBhlDoPLxQVcjMmpzkQ==

GET
H2 200 legacy-scripts.js Show response
static.assetlab.io/red3/611/ 151 KB
48 KB 225ms
224ms Script
application/javascript 108.138.36.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/611/legacy-scripts.js
Requested by: Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da0c5870836a5450370f318edf8fd417c62ae42447d6c86c422017f2a3f56ee7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: g5JUspLHjfcLuTJiuVIKiKzpfD8.iK6h
content-encoding: gzip
via: 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
date: Thu, 23 Nov 2023 08:59:27 GMT
last-modified: Mon, 20 Nov 2023 09:39:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 48013
x-amz-server-side-encryption: AES256
etag: W/"97c8f7647ac11b9a125aa49c72a928f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 6fRbd4XtK5hYmU8P37ys2plah8xTE7I8-wxYjBljWKZGRbpNEJMIKQ==

GET
H2 200 consent.js Show response
static.assetlab.io/consent/1.11.4/ 53 KB
17 KB 238ms
237ms Script
application/javascript 108.138.36.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.11.4/consent.js
Requested by: Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fa2916552b7c847586b1150413a4626cb87e310dd751544091125f86fa46fdd

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: DO3Y.PjwotHLU6BR1DmWQNj5.HnLCS5k
content-encoding: gzip
via: 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
date: Thu, 23 Nov 2023 09:21:47 GMT
last-modified: Mon, 11 Sep 2023 15:03:40 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 46683
x-amz-server-side-encryption: AES256
etag: W/"bf5bf954f85d2f7c8c7788597ca69cec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: QOFpEXIIAL6O25gKiqL1YU0BcPercNQosOIqwisq202HHp0ahqVJVQ==

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 205ms
76ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://klemen.lnk.to
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:58:11 GMT
x-content-type-options: nosniff
age: 512478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 23:58:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 190ms
61ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://klemen.lnk.to
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:25:42 GMT
x-content-type-options: nosniff
age: 521627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 21:25:42 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 431 KB
135 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 17:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15982
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138149
x-xss-protection: 0
server: cafe
etag: 11558412289700915514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 22 Nov 2024 17:53:07 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/9923941/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

57ms
57ms

Script
application/javascript

18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree
Protocol: H2
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 07:10:20 GMT
content-encoding: gzip
via: 1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 09:10:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 54551
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: kj8TtZKaXF0-65YfXYGDCzRZpVvAB133ULOBqA8XM1wEXLc9n1JxcA==

Redirect headers

date: Thu, 23 Nov 2023 22:19:30 GMT
via: 1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: x9TaGTVWnY337g5rR3m5O0qsXnL8OglXC_z1Hdh95fY9oMOHiSR_7A==

POST
H2 200 / Show response
klemen.lnk.to/~/tr/visit/ 70 B
186 B 141ms
141ms XHR
application/json 63.34.44.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://klemen.lnk.to/~/tr/visit/
Requested by: Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.44.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-44-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2b1c21bfacddde29f214a5a93c2f28011805aac91082f6b74fbaee6a01e92fcb

Request headers

Referer: https://klemen.lnk.to/UnderMyXmasTree
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Nov 2023 22:19:29 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 689 B
380 B 104ms
103ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4165815614746838&correlator=2077500508516056&eid=31079659%2C31079666%2C31079745%2C31079525%2C31061690&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=22051246401%2CHeader_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700777969940&lmt=1700777969&adxs=0&adys=-160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fklemen.lnk.to%2FUnderMyXmasTree&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&ga_vid=1181760097.1700777970&ga_sid=1700777970&ga_hid=1582691382&ga_fc=false&dlt=1700777969318&idt=573&cust_params=genre%3DPop%252CPop%26contextualgenre%3DHoliday%252CChristmas%26explicit%3Dno%26artist%3Dklemen%2520slakonja%26album%3DUnder%2520My%2520Xmas%2520Tree%2520EP%26linkid%3Da1721ab4-a789-475b-8c2f-dbca6aa65798%26boardid%3D8811bce5-05ea-4701-a8f0-9feffbde8618%26toplevelboardid%3D6ee96e95-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6ee96e95-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DFI%26city%3DHelsinki%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%252C45%2520days%252C60%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=2736067097&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4314d3c8ab57f8b5244b06cdc38e015e0d29a1a645898b43530540c4c261bf50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 22:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 350
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://klemen.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 535 B
294 B 95ms
95ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4165815614746838&correlator=2077500508516056&eid=31079659%2C31079666%2C31079745%2C31079525%2C31061690&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-Click_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1700777969949&lmt=1700777969&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fklemen.lnk.to%2FUnderMyXmasTree&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=1181760097.1700777970&ga_sid=1700777970&ga_hid=1582691382&ga_fc=false&dlt=1700777969318&idt=573&cust_params=genre%3DPop%252CPop%26contextualgenre%3DHoliday%252CChristmas%26explicit%3Dno%26artist%3Dklemen%2520slakonja%26album%3DUnder%2520My%2520Xmas%2520Tree%2520EP%26linkid%3Da1721ab4-a789-475b-8c2f-dbca6aa65798%26boardid%3D8811bce5-05ea-4701-a8f0-9feffbde8618%26toplevelboardid%3D6ee96e95-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6ee96e95-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DFI%26city%3DHelsinki%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%252C45%2520days%252C60%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=1338496054&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b519838cac72317c4cb0b940205f97db23201ff26048391aa097ae143ef8e126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 22:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 264
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://klemen.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 549 B
301 B 121ms
120ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4165815614746838&correlator=2077500508516056&eid=31079659%2C31079666%2C31079745%2C31079525%2C31061690&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-amazon-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1700777969952&lmt=1700777969&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fklemen.lnk.to%2FUnderMyXmasTree&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=1181760097.1700777970&ga_sid=1700777970&ga_hid=1582691382&ga_fc=false&dlt=1700777969318&idt=573&cust_params=genre%3DPop%252CPop%26contextualgenre%3DHoliday%252CChristmas%26explicit%3Dno%26artist%3Dklemen%2520slakonja%26album%3DUnder%2520My%2520Xmas%2520Tree%2520EP%26linkid%3Da1721ab4-a789-475b-8c2f-dbca6aa65798%26boardid%3D8811bce5-05ea-4701-a8f0-9feffbde8618%26toplevelboardid%3D6ee96e95-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6ee96e95-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DFI%26city%3DHelsinki%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%252C45%2520days%252C60%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=1902184223&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c2b076e661edb3d7b7b6c6269df6681216a966654bfcbacc334f0ffd4739691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 22:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 271
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://klemen.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 543 B
296 B 121ms
121ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4165815614746838&correlator=2077500508516056&eid=31079659%2C31079666%2C31079745%2C31079525%2C31061690&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-spotify-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1700777969955&lmt=1700777969&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fklemen.lnk.to%2FUnderMyXmasTree&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=1181760097.1700777970&ga_sid=1700777970&ga_hid=1582691382&ga_fc=false&dlt=1700777969318&idt=573&cust_params=genre%3DPop%252CPop%26contextualgenre%3DHoliday%252CChristmas%26explicit%3Dno%26artist%3Dklemen%2520slakonja%26album%3DUnder%2520My%2520Xmas%2520Tree%2520EP%26linkid%3Da1721ab4-a789-475b-8c2f-dbca6aa65798%26boardid%3D8811bce5-05ea-4701-a8f0-9feffbde8618%26toplevelboardid%3D6ee96e95-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6ee96e95-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DFI%26city%3DHelsinki%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%252C45%2520days%252C60%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=4288002596&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94d143289f1359720d7ab5384ee4363f07b778173d618a648f91427007f0e362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 22:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 266
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://klemen.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 541 B
294 B 98ms
97ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4165815614746838&correlator=2077500508516056&eid=31079659%2C31079666%2C31079745%2C31079525%2C31061690&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-tidal-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1700777969957&lmt=1700777969&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fklemen.lnk.to%2FUnderMyXmasTree&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=1181760097.1700777970&ga_sid=1700777970&ga_hid=1582691382&ga_fc=false&dlt=1700777969318&idt=573&cust_params=genre%3DPop%252CPop%26contextualgenre%3DHoliday%252CChristmas%26explicit%3Dno%26artist%3Dklemen%2520slakonja%26album%3DUnder%2520My%2520Xmas%2520Tree%2520EP%26linkid%3Da1721ab4-a789-475b-8c2f-dbca6aa65798%26boardid%3D8811bce5-05ea-4701-a8f0-9feffbde8618%26toplevelboardid%3D6ee96e95-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6ee96e95-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DFI%26city%3DHelsinki%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%252C45%2520days%252C60%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=3635752911&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

125757e7423815201acc427466eeff94c315e88dadeac0c8576e921cfb6be418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 22:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 264
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://klemen.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 547 B
297 B 120ms
119ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4165815614746838&correlator=2077500508516056&eid=31079659%2C31079666%2C31079745%2C31079525%2C31061690&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=22051246401%2C1.5-click-apple-music-client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=6&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1700777969960&lmt=1700777969&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fklemen.lnk.to%2FUnderMyXmasTree&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=1181760097.1700777970&ga_sid=1700777970&ga_hid=1582691382&ga_fc=false&dlt=1700777969318&idt=573&cust_params=genre%3DPop%252CPop%26contextualgenre%3DHoliday%252CChristmas%26explicit%3Dno%26artist%3Dklemen%2520slakonja%26album%3DUnder%2520My%2520Xmas%2520Tree%2520EP%26linkid%3Da1721ab4-a789-475b-8c2f-dbca6aa65798%26boardid%3D8811bce5-05ea-4701-a8f0-9feffbde8618%26toplevelboardid%3D6ee96e95-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6ee96e95-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DFI%26city%3DHelsinki%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%252C45%2520days%252C60%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=3334755453&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af81b4e6c47edb28e92e097b4810342a1f2a42f3b1015cf9450afaeff5b1cb05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 22:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 267
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://klemen.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 535 B
290 B 106ms
105ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4165815614746838&correlator=2077500508516056&eid=31079659%2C31079666%2C31079745%2C31079525%2C31061690&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=22051246401%2CFooter_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x100%7C300x250%7C320x50%7C320x100%7C320x120&ifi=7&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700777969962&lmt=1700777969&adxs=640&adys=855&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fklemen.lnk.to%2FUnderMyXmasTree&vis=1&psz=320x0&msz=320x0&fws=4&ohw=1600&ga_vid=1181760097.1700777970&ga_sid=1700777970&ga_hid=1582691382&ga_fc=false&dlt=1700777969318&idt=573&cust_params=genre%3DPop%252CPop%26contextualgenre%3DHoliday%252CChristmas%26explicit%3Dno%26artist%3Dklemen%2520slakonja%26album%3DUnder%2520My%2520Xmas%2520Tree%2520EP%26linkid%3Da1721ab4-a789-475b-8c2f-dbca6aa65798%26boardid%3D8811bce5-05ea-4701-a8f0-9feffbde8618%26toplevelboardid%3D6ee96e95-4c47-11e6-9fd0-066c3e7a8751%26organizationid%3D6ee96e95-4c47-11e6-9fd0-066c3e7a8751%26countrycode%3DFI%26city%3DHelsinki%26days%3D0%2520days%252C7%2520days%252C12%2520days%252C14%2520days%252C15%2520days%252C20%2520days%252C25%2520days%252C30%2520days%252C45%2520days%252C60%2520days%26planid%3D78790f93-d19f-4553-9a16-2d2660857811&adks=309253681&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2f444541cc4b861fd3487131e709933c19eaa5648a497664c272a6923df6b9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 22:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://klemen.lnk.to
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
465df146b3cf0eb0c78724d8df717a22.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0E2D 6 KB
3 KB 227ms
69ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://465df146b3cf0eb0c78724d8df717a22.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://klemen.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 22:19:30 GMT
expires: Fri, 22 Nov 2024 22:19:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 consent.css
static.assetlab.io/consent/1.11.4/ 26 KB
5 KB 67ms
67ms Stylesheet
text/css 108.138.36.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.11.4/consent.css
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.4/consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1132a5cc479c9e343ff008ea74229bcf3fdb2d3494d591819a71566c721b9790

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 4bBojVfCoDE4N1uE31wXkg0227ImqABr
content-encoding: gzip
via: 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
date: Thu, 23 Nov 2023 02:06:22 GMT
last-modified: Mon, 11 Sep 2023 15:03:40 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 72793
x-amz-server-side-encryption: AES256
etag: W/"55d1af0e3653af219c2e49295a1deb97"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: kxsVuHXrAKLOdj_n3ZWfvliYlsWfYGkDcVed7SWpuTxIhydpo-7r3Q==

GET
H2 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/ 3 KB
2 KB 120ms
43ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js?_=1700777970038

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/red3/611/legacy-scripts.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 22:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 73728
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1065
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwLqFSu787W1wlCjzQ2YnVlFkYn8O6ADf6k0y5M23c4IamEY8kr5gXLNsP2AbFsZD69UGI%2FyAUh6W2%2FKc0f%2B38F0UdTXK7v9nq3YxafQzqRKLS5kjcsKbPTbKGxisS8SslAV%2B5c2gdUUMhmRUkWo3uSW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82accb495cf44c8c-HEL
expires: Tue, 12 Nov 2024 22:19:30 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 264ms
131ms Fetch
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/red3/611/release-classic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 22:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52680
x-xss-protection: 0
server: cafe
etag: 17315708599996789674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 22:19:30 GMT

POST
H2 200 / Show response
klemen.lnk.to/~/tr/consent/ 70 B
186 B 139ms
138ms XHR
application/json 63.34.44.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://klemen.lnk.to/~/tr/consent/
Requested by: Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.44.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-44-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2b1c21bfacddde29f214a5a93c2f28011805aac91082f6b74fbaee6a01e92fcb

Request headers

Referer: https://klemen.lnk.to/UnderMyXmasTree
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Nov 2023 22:19:30 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1700777970186&ns_c=UTF-8&cs_ucfr=&comscorekw=umg&c7=https%3A%2F%2Fklemen.lnk.to%2FUnderMyXmasTree&c8=Under%20...
https://sb.scorecardresearch.com/b2?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1700777970186&ns_c=UTF-8&cs_ucfr=&comscorekw=umg&c7=https%3A%2F%2Fklemen.lnk.to%2FUnderMyXmasTree&c8=Under%2...

0
226 B

56ms
56ms

Image
text/plain

18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1700777970186&ns_c=UTF-8&cs_ucfr=&comscorekw=umg&c7=https%3A%2F%2Fklemen.lnk.to%2FUnderMyXmasTree&c8=Under%20My%20Xmas%20Tree%20(EP)&c9=
Requested by: Host: klemen.lnk.to
URL: https://klemen.lnk.to/UnderMyXmasTree
Protocol: H2
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 22:19:30 GMT
via: 1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-amz-cf-id: BuxWpBunfOXguzHc53yHZ6G9cgiIfAvQ7FD2QkmVbZIjnONR3RGjeA==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 23 Nov 2023 22:19:30 GMT
via: 1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=9923941&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1700777970186&ns_c=UTF-8&cs_ucfr=&comscorekw=umg&c7=https%3A%2F%2Fklemen.lnk.to%2FUnderMyXmasTree&c8=Under%20My%20Xmas%20Tree%20(EP)&c9=
content-length: 0
x-amz-cf-id: XRk0y40gvQz-LfegMp_-UvuRTEX-neaZ6Rd5NVbgmp7Mjd0enQD8rw==

GET
H2 200 ic-shield-blue.svg
static.assetlab.io/consent/1.11.4/assets/ 1 KB
1 KB 67ms
66ms Image
image/svg+xml 108.138.36.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/consent/1.11.4/assets/ic-shield-blue.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.4/consent.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://static.assetlab.io/consent/1.11.4/consent.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: pWZvTnA3egbODOBHt3YiW1LxOA9z3QN4
content-encoding: gzip
via: 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
date: Thu, 23 Nov 2023 09:18:33 GMT
last-modified: Mon, 11 Sep 2023 15:03:40 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 46858
x-amz-server-side-encryption: AES256
etag: W/"560dd3386ebf80f78c934aeff4a6a82c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: w9O6c5u3TQBwfgvR3PwoPakYn3bFcjeIZF6eAVRaQ8HhElmMZ2v7-A==

GET
H2 200 ic-close-s.svg
static.assetlab.io/consent/1.11.4/assets/ 351 B
758 B 67ms
67ms Image
image/svg+xml 108.138.36.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/consent/1.11.4/assets/ic-close-s.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.11.4/consent.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://static.assetlab.io/consent/1.11.4/consent.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: LrzdVbZgK6lD2zo6k1X64zN4gxf_tmH8
date: Thu, 23 Nov 2023 00:03:25 GMT
via: 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
last-modified: Mon, 11 Sep 2023 15:03:40 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 80190
x-amz-server-side-encryption: AES256
etag: "d303b6c7d844d91101e1e4c63156cfec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 351
x-amz-cf-id: TZRUkmjUcRsWicXPayaePn6yG8PiyokEenpozv3ZQDJEWp_b_r3nNg==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 61ms
60ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://klemen.lnk.to
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:50:19 GMT
x-content-type-options: nosniff
age: 523751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 20:50:19 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 112ms
112ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

587f3871a4d0a4e382d0f7e3db4feab0bae72784d1b7fb767639ab4ab8e75466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 22:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12499
x-xss-protection: 0

POST
H2 200 interact Show response
klemen.lnk.to/~/tr/ 70 B
186 B 136ms
136ms Fetch
application/json 63.34.44.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://klemen.lnk.to/~/tr/interact
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/red3/611/release-classic.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.44.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-44-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2b1c21bfacddde29f214a5a93c2f28011805aac91082f6b74fbaee6a01e92fcb

Request headers

Referer: https://klemen.lnk.to/UnderMyXmasTree
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 23 Nov 2023 22:19:30 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 284ms
155ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 22:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 22:19:30 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E492 13 KB
5 KB 62ms
60ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://klemen.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 22:09:42 GMT
expires: Fri, 22 Nov 2024 22:09:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DEFD 829 B
1 KB 202ms
71ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c563bbb26bccfbbccb11087fbd64024b4f8fc54bbbef37a1a62d51d5497ee01e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2VuYFLaZqss1ErASGXMQKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://klemen.lnk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2VuYFLaZqss1ErASGXMQKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 22:19:30 GMT
expires: Thu, 23 Nov 2023 22:19:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame E492 39 KB
15 KB 181ms
60ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 169082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DEFD 0
0 94ms
93ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=4165815614746838&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E492 0
10 B 61ms
60ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1cdfZQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 22:19:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 artwork-440x440.jpg
linkstorage.linkfire.com/medialinks/images/dafc3a8a-b0e4-4a6a-8b08-9d5b7f1ce895/ 108 KB
108 KB 62ms
62ms Image
image/jpg 13.32.99.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linkstorage.linkfire.com/medialinks/images/dafc3a8a-b0e4-4a6a-8b08-9d5b7f1ce895/artwork-440x440.jpg

Requested by

Host: static.assetlab.io
URL: https://static.assetlab.io/red3/611/legacy-scripts.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-14.fra60.r.cloudfront.net

Software

The Great Gig In The Sky / Master of Puppets

Resource Hash

a2a37fe49e26a2c4889612640f0efef0d4f624aa3e1b5de10f6dec16d93ca3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding
x-content-type-options: nosniff
strict-transport-security: max-age=10368000; includeSubdomains; preload
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
date: Thu, 23 Nov 2023 22:19:30 GMT
x-amz-cf-pop: FRA60-P3
age: 2
x-powered-by: Master of Puppets
x-cache: Hit from cloudfront
content-length: 110105
x-xss-protection: 1; mode=block
x-linkfire-security: security@linkfire.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 20 Nov 2020 09:09:24 GMT
server: The Great Gig In The Sky
etag: "e8291fc78fd5a7e5433594e8f415f6fb"
expect-ct: max-age=0
x-frame-options: DENY
content-type: image/jpg
accept-ranges: bytes
x-amz-cf-id: L2g8KO08ovHgUxOTCO4Dm4ewzaTFKDvUFor-0kw-zrHkSPyP9Ietcw==

GET
H2 200 controls_next.svg
static.assetlab.io/music-player/1.1.4/img/legacy/ 917 B
1 KB 68ms
67ms Image
image/svg+xml 108.138.36.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/music-player/1.1.4/img/legacy/controls_next.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/red3/611/release-classic.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29c520b53a7983370926d7e16e8419c0eeba246862d22c97189423bed701f9e8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://static.assetlab.io/red3/611/release-classic.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: W93aE4wcDBrRTp2Kf7Lh.UtOZjU336ju
date: Thu, 23 Nov 2023 09:25:01 GMT
via: 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2019 13:16:50 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 46505
x-amz-server-side-encryption: AES256
etag: "2c7b4a187812eaeb08322a96a5055374"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 917
x-amz-cf-id: 0cUbE1A6j3dDcsJ0EbX-X7qLycUKRuPpqzQTicVS1Ktrf0vP3-jyXg==

GET
H2 200 controls_prev.svg
static.assetlab.io/music-player/1.1.4/img/legacy/ 924 B
1 KB 68ms
68ms Image
image/svg+xml 108.138.36.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/music-player/1.1.4/img/legacy/controls_prev.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/red3/611/release-classic.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0997a6852d87f90f58588dbde0ce54b32c6fa5dc8d14b3cd45a5e7ba5ee7c4a0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://static.assetlab.io/red3/611/release-classic.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: z2wtWgx5DYDcp2ei.4Q5hSGMZBXVeIVd
date: Thu, 23 Nov 2023 12:31:19 GMT
via: 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2019 13:16:50 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 35302
x-amz-server-side-encryption: AES256
etag: "0b05adf0895bad9a30a42dd9f42b6197"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 924
x-amz-cf-id: DyFLETyq_f94L-HiJMVehVgMBZ1oFVOuTZKxjKcgHEfjb7Bhh6F9yg==

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 60ms
60ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://klemen.lnk.to
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:27:48 GMT
x-content-type-options: nosniff
age: 597103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 00:27:48 GMT

GET
H/1.1 206
Partial Content 7288a69bc3e801205f46776f77f5dec6b0a425a8
p.scdn.co/mp3-preview/ 111 KB
0 189ms
61ms Media
audio/mpeg 2a04:4e42:8e::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.scdn.co/mp3-preview/7288a69bc3e801205f46776f77f5dec6b0a425a8?cid=18fc7b00a64d447393f6ee0dd98a70be
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:8e::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://klemen.lnk.to/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 23 Nov 2023 22:19:31 GMT
Age: 1187955
X-Cache: HIT, HIT
Content-Range: bytes 0-363884/363885
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 363885
X-Served-By: cache-chi-klot8100046-CHI, cache-fra-etou8220118-FRA
Last-Modified: Wed, 11 Nov 2020 08:12:58 GMT
ETag: "a14562c2f67d85e0a17719e09a4217bd"
x-goog-generation: 1605082378902068
Content-Type: audio/mpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, no-transform
x-goog-stored-content-length: 363885
x-amz-checksum-crc32c: xLRY3Q==
Accept-Ranges: bytes
X-Cache-Hits: 2, 0

GET
H/1.1 200
OK 7288a69bc3e801205f46776f77f5dec6b0a425a8 Show response
p.scdn.co/mp3-preview/ 355 KB
356 KB 186ms
60ms XHR
audio/mpeg 2a04:4e42:8e::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.scdn.co/mp3-preview/7288a69bc3e801205f46776f77f5dec6b0a425a8?cid=18fc7b00a64d447393f6ee0dd98a70be
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/red3/611/legacy-scripts.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:8e::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b3cb4e492e67e19387a7d60ab7b105bfd83f3577d8b1c196de77442af5954bc0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 22:19:31 GMT
Age: 1187955
X-Cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 363885
X-Served-By: cache-chi-klot8100046-CHI, cache-fra-etou8220095-FRA
Last-Modified: Wed, 11 Nov 2020 08:12:58 GMT
ETag: "a14562c2f67d85e0a17719e09a4217bd"
x-goog-generation: 1605082378902068
Content-Type: audio/mpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, no-transform
x-goog-stored-content-length: 363885
x-amz-checksum-crc32c: xLRY3Q==
Accept-Ranges: bytes
X-Cache-Hits: 2, 1

GET
H2 200 play_button.svg
static.assetlab.io/music-player/1.1.4/img/legacy/ 1 KB
1 KB 67ms
67ms Image
image/svg+xml 108.138.36.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.assetlab.io/music-player/1.1.4/img/legacy/play_button.svg
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/red3/611/release-classic.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20bd71ce70b805d3a0334a73f948c2d7408836ade43694aa7ff7187906243487

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://static.assetlab.io/red3/611/release-classic.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 07:58:27 GMT
x-amz-version-id: g7s8YAjeHLgYxgu.klhph8R4dKtakakp
content-encoding: gzip
last-modified: Fri, 08 Mar 2019 13:16:50 GMT
server: AmazonS3
via: 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
etag: W/"be29ed2716c4d4489b70ffe7c538ab42"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 51665
x-amz-cf-id: K-ILJgeSr4S-7CZFtaKS7lpVe8dfLle-io11LsWR8-76GfD411AFKw==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 96ms
95ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=4165815614746838&bg=!r6ylrOPNAAZxrfrxUa07ADQBe5WfODeJVYZ6AKV7IIPzFXt7u6fQkwG5rxjknUj2n1msthnjVlRmD3cr0GDK9pCnw8_kAgAAAElSAAAABGgBB5kCv4iT7qrd3RlGz0CJE5CNcdueugI4a4NRBKmSAAbqtVyTyhPk1EOEDSEH0gHHkTxlYqq1akI-s1-XMy4ia8xwhd7WuJ-jOz3_PYfB0mOAlH8BXLL9FCf5VgBMhKqDzYFNeyVf0VDf5cEtE4rPdQFtjt-cojXvWnuV4Op3cS8ZzhYvU9GdoTyQvObEpiGnpHDEh_AT9UqobLDIgO0f1JT8DNXs_ItUSlOopo0T_XbUa_mTuwe8PQFQGKCZiGZw43q_qrv7--W-lsQLl9lR5ZPEWUAQVKUIXit_AAuMLWF-CYd5PBuB0FO0CQzXzXmFQlFw9r10AUm5z13XsBCaOQl5SeZ3Kf02Z6bWRM8nlPgpfbOyDjgt3zRAlZaytoqpa81cYPDLovIeGx0LO6OR-7RM7MJMkRp65f7YGiT29DVJASJb3SRKIpnf5YVxQ7PpbrBn9sX3sApiM5JQj7QDisHvLJWPxCmAvK-LRPM5aByJ0oATlDoY_Cnb4ArU6yorE2hYH_Jw7nei2JzC_hkZkYEwpImWr5QOAvv5ANbFFunlc9boFEE2qipIc_ZflY-nv8x667V4KEkhNcji71FfmDfLa3LCmdHSv6wcDg8VnepJrMfoc3FZgLgyOYhrk9Fl6y4811NSGCG_P70sHMLFCzBfReWI8MNQi04D-bU--F3jLpvy-bnc4zAUn6u_hiAD6A58nJTBzL7vpF7rNBgDiXDGJejz5mFlR3kpro8A-v2M8Ss2tYSCCmZVkNGuFlylL0zURkflJXbYsepNljnLitn0bROg9d-9G-7M29EM6KQp44-Qep_qEtoI7G4BTl5YArzbronRuZEK6F4pnmhZbV4HhopRLuEMV1aDl_kqKxhP4aAjvpVab_cGsgCEhp4RXAvZ5YlU9_b674xCwnrejiujILEQR05GmEboR4xPzlLUK94
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://klemen.lnk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lnk.to/	1970-01-20 16:26:18	Name: LF_session_056982e13a12ce38bff4d4d762aaf5c5 Value: 1
.doubleclick.net/	1970-01-20 16:26:18	Name: test_cookie Value: CheckForPermission
.lnk.to/	1970-01-21 01:47:53	Name: __gads Value: ID=42313f5c354ff351:T=1700777970:RT=1700777970:S=ALNI_MYPrhaiymNORC9c9CQR0OiLux0Q-g
.lnk.to/	1970-01-21 01:47:53	Name: __gpi Value: UID=00000cdae30293eb:T=1700777970:RT=1700777970:S=ALNI_Mby_56UKnTbSqFaW5qbRkZYVuW1lw
.scorecardresearch.com/	1970-01-21 02:02:17	Name: UID Value: 18B1b8064043a785fe46d981700777970

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://static.assetlab.io/red3/611/legacy-scripts.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

465df146b3cf0eb0c78724d8df717a22.safeframe.googlesyndication.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
klemen.lnk.to
linkstorage.linkfire.com
p.scdn.co
pagead2.googlesyndication.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
services.linkfire.com
static.assetlab.io
tpc.googlesyndication.com
www.google.com
108.138.36.69
13.32.99.14
18.245.60.107
2600:9000:223f:600:14:38a4:2ec0:93a1
2606:4700::6811:190e
2a00:1450:4001:80b::2004
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a04:4e42:8e::760
63.34.44.168
0997a6852d87f90f58588dbde0ce54b32c6fa5dc8d14b3cd45a5e7ba5ee7c4a0
1132a5cc479c9e343ff008ea74229bcf3fdb2d3494d591819a71566c721b9790
125757e7423815201acc427466eeff94c315e88dadeac0c8576e921cfb6be418
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe
20bd71ce70b805d3a0334a73f948c2d7408836ade43694aa7ff7187906243487
23408c3b27f6477b4e1e380234395e34fe616a477da25018e967ba41170e576e
29c520b53a7983370926d7e16e8419c0eeba246862d22c97189423bed701f9e8
2b1c21bfacddde29f214a5a93c2f28011805aac91082f6b74fbaee6a01e92fcb
3973c80583de9bcf5f2240148fb9ed0a9501625dc04bed7830970bd873d73589
3ce9c869d01258f4e024478cbb35d9c6d905e247fe95a11984e5277a96dde0fd
4314d3c8ab57f8b5244b06cdc38e015e0d29a1a645898b43530540c4c261bf50
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
587f3871a4d0a4e382d0f7e3db4feab0bae72784d1b7fb767639ab4ab8e75466
5fa2916552b7c847586b1150413a4626cb87e310dd751544091125f86fa46fdd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623e0d059d8e723918874a0da54577a3b94b0eb9042d52d9f31960441dd97c63
763c09aa56110b05ed4d4d716ba81736b6fe696c57d66cbef6d850d9bfe35782
7c2b076e661edb3d7b7b6c6269df6681216a966654bfcbacc334f0ffd4739691
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
94d143289f1359720d7ab5384ee4363f07b778173d618a648f91427007f0e362
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
a2a37fe49e26a2c4889612640f0efef0d4f624aa3e1b5de10f6dec16d93ca3a5
add9fd7db536525d1ca4bc512c4c4fc4398bd403f1762fea3810fe2621dc04fe
ae7715040a30c06e81e2ded63d6b89a7ac43a4a824220fd44efcb54c9bd56b6d
af81b4e6c47edb28e92e097b4810342a1f2a42f3b1015cf9450afaeff5b1cb05
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b031bbe02f52117d2cfaa6c28b9172587675f6bd8d35cb6c1b4a0c18ad3f3f68
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b3cb4e492e67e19387a7d60ab7b105bfd83f3577d8b1c196de77442af5954bc0
b519838cac72317c4cb0b940205f97db23201ff26048391aa097ae143ef8e126
c563bbb26bccfbbccb11087fbd64024b4f8fc54bbbef37a1a62d51d5497ee01e
ced632b1a96fa5f7e14aa9c5f4f50a5d0f267458fb24bd5511843a74182f9bff
d2f444541cc4b861fd3487131e709933c19eaa5648a497664c272a6923df6b9e
d46395e04493be869f02b037407116e73a2023fcdce6185085bce05f55de7532
da0c5870836a5450370f318edf8fd417c62ae42447d6c86c422017f2a3f56ee7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef17fd02e9f074657b637aeb3db41dd53b820d831344308aa5e11e561251dd51
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8a9b6a12cd203128f1fbde87d4fb396511cec3492ae458f654e44a97afb9d90
fc03a8faa5dee1758e895b3341a21a1f174ed1091c65e98eed12691edd983560

klemen.lnk.to Open in urlscan Pro 63.34.44.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

96 %HTTPS

71 %IPv6

11 Domains

14 Subdomains

14 IPs

3 Countries

1378 kBTransfer

2881 kBSize

5 Cookies

6 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

klemen.lnk.to Open in urlscan Pro
63.34.44.168 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

96 %
HTTPS

71 %
IPv6

11
Domains

14
Subdomains

14
IPs

3
Countries

1378 kB
Transfer

2881 kB
Size

5
Cookies

52 HTTP transactions
0 data transactions