www.tumgir.com Open in urlscan Pro
2606:4700:20::681a:c2d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tumgir.com/
Submission: On August 21 via manual (August 21st 2022, 3:51:28 pm UTC) from US — Scanned from US

Summary HTTP 148 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 40 IPs in 2 countries across 35 domains to perform 148 HTTP transactions. The main IP is 2606:4700:20::681a:c2d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tumgir.com. The Cisco Umbrella rank of the primary domain is 315728.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2022. Valid for: a year.

This is the only time www.tumgir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:20:... 2606:4700:20::681a:c2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
5 6	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
14	192.0.77.3 192.0.77.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.139.38.60 108.139.38.60	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:216... 2600:9000:2162:fa00:6:2e3c:5fc0:21	16509 (AMAZON-02) (AMAZON-02)
1	18.67.65.103 18.67.65.103	16509 (AMAZON-02) (AMAZON-02)
8	23.208.216.126 23.208.216.126	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	107.22.28.167 107.22.28.167	14618 (AMAZON-AES) (AMAZON-AES)
8	2606:4700:303... 2606:4700:3030::6815:2dcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	18.67.65.105 18.67.65.105	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700:303... 2606:4700:3033::6815:5a6a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.41.169.149 23.41.169.149	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:81d::200d	15169 (GOOGLE) (GOOGLE)
2 14	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
7	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
12	18.219.101.159 18.219.101.159	16509 (AMAZON-02) (AMAZON-02)
3	142.250.80.2 142.250.80.2	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
3 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	68.67.160.186 68.67.160.186	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	23.3.125.24 23.3.125.24	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.1.200.83 23.1.200.83	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.41.168.202 23.41.168.202	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	207.198.113.88 207.198.113.88	13768 (COGECO-PEER1) (COGECO-PEER1)
1 2	3.223.247.87 3.223.247.87	14618 (AMAZON-AES) (AMAZON-AES)
2 2	69.12.8.74 69.12.8.74	11742 (SPOTX-IAD) (SPOTX-IAD)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:808::2006	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
6 10	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
4 6	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
2 3	52.95.115.255 52.95.115.255	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a07:b400:569d:ed48:e656	14618 (AMAZON-AES) (AMAZON-AES)
2 3	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1	2001:4998:14:... 2001:4998:14:800::1000	14777 (YAHOO) (YAHOO)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:806::2002	15169 (GOOGLE) (GOOGLE)
1	52.92.178.185 52.92.178.185	16509 (AMAZON-02) (AMAZON-02)
148	40

9 2606:4700:20::681a:c2d (United States)

ASN13335 (CLOUDFLARENET, US)

www.tumgir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2008 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.0.77.40 (San Francisco, United States) 5 redirects

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

api.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

64.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.139.38.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-38-60.jfk50.r.cloudfront.net

d18g6t7whf8ejf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2162:fa00:6:2e3c:5fc0:21 (United States)

ASN16509 (AMAZON-02, US)

dmmzkfd82wayn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.65.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-103.iad89.r.cloudfront.net

video-serve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.208.216.126 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-216-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.22.28.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-28-167.compute-1.amazonaws.com

mefagetobri.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fortdaukthw.hair	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3030::6815:2dcf (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.67.65.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-105.iad89.r.cloudfront.net

mentxviewsi.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3033::6815:5a6a (United States)

ASN13335 (CLOUDFLARENET, US)

yrecomemu.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.41.169.149 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-169-149.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::200d (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.194.137 (United States) 2 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cks.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ck.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.219.101.159 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-219-101-159.us-east-2.compute.amazonaws.com

capi-tier-1-us-east-2.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81f::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.186 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.3.125.24 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-125-24.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.1.200.83 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-200-83.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.41.168.202 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-202.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

i.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.88 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.223.247.87 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-247-87.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.12.8.74 (Ashburn, United States) 2 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2003 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::2006 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 8.43.72.98 (United States) 6 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.65.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.115.255 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:b400:569d:ed48:e656 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.182.161 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:806::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.178.185 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

webpick-cdn.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	connatix.com 2 redirects cd.connatix.com — Cisco Umbrella Rank: 3575 cds.connatix.com — Cisco Umbrella Rank: 3734 capi.connatix.com — Cisco Umbrella Rank: 3924 ins.connatix.com — Cisco Umbrella Rank: 5024 capi-tier-1-us-east-2.connatix.com — Cisco Umbrella Rank: 4270 vid.connatix.com — Cisco Umbrella Rank: 4401 cks.connatix.com — Cisco Umbrella Rank: 3755 img.connatix.com — Cisco Umbrella Rank: 4230 ck.connatix.com — Cisco Umbrella Rank: 5616	2 MB
20	tumblr.com 5 redirects api.tumblr.com — Cisco Umbrella Rank: 36914 64.media.tumblr.com — Cisco Umbrella Rank: 12286 assets.tumblr.com — Cisco Umbrella Rank: 20968	5 MB
14	rubiconproject.com 8 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1015 eus.rubiconproject.com — Cisco Umbrella Rank: 582 token.rubiconproject.com — Cisco Umbrella Rank: 711 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 959 pixel.rubiconproject.com — Cisco Umbrella Rank: 327	17 KB
13	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 cm.g.doubleclick.net — Cisco Umbrella Rank: 214 pubads.g.doubleclick.net — Cisco Umbrella Rank: 510	162 KB
11	mentxviewsi.one mentxviewsi.one	12 KB
9	tumgir.com www.tumgir.com — Cisco Umbrella Rank: 315728	55 KB
8	yrecomemu.one yrecomemu.one	3 KB
8	freychang.fun freychang.fun — Cisco Umbrella Rank: 27142	404 KB
7	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1532 m.addthis.com — Cisco Umbrella Rank: 1472 api-public.addthis.com — Cisco Umbrella Rank: 4423	219 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1260 s.amazon-adsystem.com — Cisco Umbrella Rank: 282	5 KB
6	google.com accounts.google.com — Cisco Umbrella Rank: 99 adservice.google.com — Cisco Umbrella Rank: 88	915 B
6	cloudfront.net d18g6t7whf8ejf.cloudfront.net dmmzkfd82wayn.cloudfront.net	177 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 imasdk.googleapis.com — Cisco Umbrella Rank: 440	743 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123	39 KB
3	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 492 image6.pubmatic.com — Cisco Umbrella Rank: 634	9 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 371	1 KB
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488 ads.yahoo.com — Cisco Umbrella Rank: 2295	1 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 521	1 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 728	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 602	1 KB
2	rlcdn.com 1 redirects id.rlcdn.com — Cisco Umbrella Rank: 592	532 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 463	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
1	amazonaws.com webpick-cdn.s3.amazonaws.com — Cisco Umbrella Rank: 309994 Failed	3 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	17 KB
1	ctnsnet.com 1 redirects i.ctnsnet.com — Cisco Umbrella Rank: 2884	453 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1726	680 B
1	fortdaukthw.hair fortdaukthw.hair	37 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 111
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 423	1 KB
1	mefagetobri.top mefagetobri.top — Cisco Umbrella Rank: 575080	23 KB
1	video-serve.com video-serve.com — Cisco Umbrella Rank: 197123	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	28 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	41 KB
148	35

	Domain	Requested by
14	64.media.tumblr.com	www.tumgir.com
12	capi-tier-1-us-east-2.connatix.com	cd.connatix.com
11	mentxviewsi.one	d18g6t7whf8ejf.cloudfront.net mefagetobri.top dmmzkfd82wayn.cloudfront.net
9	www.tumgir.com	www.tumgir.com
8	yrecomemu.one	www.tumgir.com d18g6t7whf8ejf.cloudfront.net
8	freychang.fun	d18g6t7whf8ejf.cloudfront.net dmmzkfd82wayn.cloudfront.net
6	cm.g.doubleclick.net	4 redirects eus.rubiconproject.com
6	vid.connatix.com	cd.connatix.com cds.connatix.com
5	pixel.rubiconproject.com	2 redirects eus.rubiconproject.com
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	api.tumblr.com	5 redirects
4	pubads.g.doubleclick.net	imasdk.googleapis.com
4	adservice.google.com	imasdk.googleapis.com
4	cks.connatix.com
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	cds.connatix.com	cd.connatix.com
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	pagead2.googlesyndication.com	srcdoc
3	match.adsrvr.org	3 redirects
3	securepubads.g.doubleclick.net	cd.connatix.com securepubads.g.doubleclick.net
3	capi.connatix.com	cd.connatix.com eus.rubiconproject.com
3	api-public.addthis.com	s7.addthis.com
3	s7.addthis.com	www.tumgir.com s7.addthis.com
3	dmmzkfd82wayn.cloudfront.net	www.tumgir.com mentxviewsi.one
3	d18g6t7whf8ejf.cloudfront.net	www.tumgir.com mentxviewsi.one
2	fonts.gstatic.com	fonts.googleapis.com
2	sync.search.spotxchange.com	2 redirects
2	sync.crwdcntrl.net	1 redirects
2	pixel-sync.sitescout.com	2 redirects
2	id.rlcdn.com	1 redirects
2	ads.pubmatic.com	cd.connatix.com ads.pubmatic.com
2	eus.rubiconproject.com	cd.connatix.com eus.rubiconproject.com
2	secure.adnxs.com	2 redirects
2	accounts.google.com	www.tumgir.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	webpick-cdn.s3.amazonaws.com
1	ads.yahoo.com	eus.rubiconproject.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	ck.connatix.com	1 redirects
1	pixel-us-east.rubiconproject.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	img.connatix.com
1	s0.2mdn.net	imasdk.googleapis.com
1	i.ctnsnet.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	ins.connatix.com	cd.connatix.com
1	cd.connatix.com	1 redirects
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	fortdaukthw.hair	mefagetobri.top
1	www.facebook.com	www.tumgir.com
1	z.moatads.com	s7.addthis.com
1	mefagetobri.top	www.tumgir.com
1	video-serve.com	www.tumgir.com
1	cdnjs.cloudflare.com	www.tumgir.com
1	assets.tumblr.com	www.tumgir.com
1	www.googletagmanager.com	www.tumgir.com
1	fonts.googleapis.com	www.tumgir.com
148	59

This site contains links to these domains. Also see Links.

Domain
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-09` - `2023-04-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.media.tumblr.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
video-serve.com Amazon	`2022-01-26` - `2023-02-24`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
mefagetobri.top R3	`2022-06-29` - `2022-09-27`	3 months	crt.sh
mentxviewsi.one Amazon	`2022-08-10` - `2023-09-08`	a year	crt.sh
*.yrecomemu.one E1	`2022-07-21` - `2022-10-19`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-31` - `2022-08-29`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
fortdaukthw.hair R3	`2022-07-21` - `2022-10-19`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.tumgir.com/
Frame ID: 543BB0704CF93F4A59A5AE92DDE363E8
Requests: 84 HTTP requests in this frame

Frame: https://mentxviewsi.one/dUtZMmsUKTpfVBR2OxQeBydkF1kzbmt0D0RzPgQfQjwxVFMQIT8cCBkkLFYNByQ3RkUbLi0XWTMOFHQpLSoOCz8lMTJiPjAabH9aJxMbZSEAEzVBPDoiCHUqIAktdwE4BgBaWhIcG0YvNA8uRiNEODF7Pk0pClg5BBwMXgg4HzJ9Ph0SaH06BRgYajJHDwgCJS8DHFYjRHNuUwMCCQ92Pg0KGHQ9OwMcUS8Se2B9KTgMAXYcRx8fA1kvEzVoOBIBPlQTQQwBWDpBAzFFPSwmOnosDR0waFodLRFfKQwcMAI9LCY6VykZfjRrWw0oOlw9GRwLUSwvA3QHJi0aGEohDSAdZDgWMhpFOS8BEXgJPhoPWDIwLzpwBSMnDmcPFwQafy40Mw9bLTAzPXMvAm5rcCoSJA9rBhYEGl4mQgQccCA0JhgCKid6P2I/PwYBajEdEWgDKTQDbFs8M38aVAYvEQFaPRwRIV0kIyEcXiowJBp0Bj8qDnBeHxIMCgoxHBwUAQYkN0JWMBE6YCZCei1BOx4PKVkaAw
Frame ID: FE66E0D2DA9B884061EFB852625695A8
Requests: 2 HTTP requests in this frame

Frame: https://mentxviewsi.one/SjFza0UrUxAGeisMEU0wOF1OTncMFEEtIXsJFF0xfUYbDX0vWxVFJiZeBg8jOF4dH2skVAdOdwx/ElgHAVBBBAwCSCIlExgJKScpEGIrAAtvAzE8dHN/NAEuD3MxHwsadTYICjB7RScXflIxWAxzcAQ9EhpZNiQTIXMAKTI5dzVYIQR1BD4RLgADJgYiYBw9KX9/MS8qD3AlMiMGYxQqBy1wGywUOVUlAX0BZwQyIwdwOiwHMncFPBYyVCsFNQVmNR8cGmA6LgEyCUosAHNrIigULGVCBwQvAAcuEntnRiAQc2siL3UJczVaACgAFAQRIXtFLnQyVyQ8aHNrJAwqC34UCBUCcyYEBAt8FT0dLUUrWi0CazUDJh5aOV0UPXQ3KQYpeSdaLjBTQgckCEkYAwEhCCk6Bnp+MDoELGhDXhwdST4CAhtkNC0Sc2s/LTULVxg9JBhkJVwSJlk1Oh06UCdaKQt+IgQICVY6AREmVgc5HSZSIS0tDVMxXh0dVlUBNiVfA1YzEEcjKXUMRQQcfRxYHQ
Frame ID: 647DCB755A113BE8E93AED3B95635028
Requests: 2 HTTP requests in this frame

Frame: https://mentxviewsi.one/WkJkY3E7IAcOTjt/BkUEKC5ZRkMcZ1YlFTcvHggXPnpWFBAjLEoAHTU3AAUDNSwQTR8/NkFRNysQCA8GDxUTDz8ydlc2CxM1IiQJDCYjCzcDczYEPC0PQVEzGyg+CDsLIQUuGzV7KjcjaAcMVzUbA1ESIQIhPTM1aww9Nh4rDSZXQw8VJVs5MAg2B0JiECoyRG0gMjodEgEPGiUJKQEoGBsRKjJBag4lD0IdEQAIOQ52My8LDyEpJh1qClQ1VGgEPCQ/KBMsCBMWOAc2ITIxVQU0EColCTtiEwklFT4sACIVHHohBTQQKiMaSWkQCTU7PhAQNShrNUFRMzhySTFFCRo2EzQJBwcoGy0KKiJFLg8lMUECJSYQIGgYJwcmYxQ9UgkvDwwEHRsRFFsgMgguBzYxISsiEjAkISkZGTspVTYgdyI6Qy4DKQQgagwMU0EJGjUFIA0EPQI2Nic+JUBpI1VWFgIKAFsgNwcCKQtiEC0UJzAjHjkaAnEiUCBoJi8uQwgAQgkCNSwUXiQMNBAAPD4aVCgfCC4sUDw
Frame ID: 985DDEBB739BB63C5D06071A593F875B
Requests: 2 HTTP requests in this frame

Frame: https://mentxviewsi.one/MUlpTGxQKwohU1B0C2oZQyVUaV53bFsKCFwkEycKVXFbOw1IJ0cvAF48DSoeXicdYgJUPUx+KkQELgIdZw4ZGChwGBAaOWACLSEAYgs/DglrDx4bL2MiXg4pcywuDiplCDgrW3wKWCM+Y30cCAsAHT0IC30RDh40Ui5QKS13LQUYKnQBKgsAVA8BFSBQGA0qK2AEXQ4Adw4+DiZXAQUCPGslBhUqcARfCAAJHC4UKmgIKHwJUh8ODTldOV8bBGcYIgQqaAgrHSh+JR4JPl0iPhgbex0sISZUDjwWNWsIHQ0pRhARBDpkCygYXFQPPwkfaB8CBDhnZAUlOEYDPR0GCQo7DVh2Kj8kFmMlAScuXSIgCF93ECgNPWEHHgoKYiJQITtdBCULKEIBPxk2aAwFPy1neTsnPnAfOhteawwoGiJTKj8rLXQIGjUvAQAiGF5oOisaLlUsBScrYxtQPDtGbwM/A185VD4pCHgCHQh2EQ
Frame ID: BBDA6BFDC4519081FC932581FEF37FE1
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 736F4EA3302D43C2344A8F0A443BB703
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 6B33C650D1DF7EC599E154A81058E4A9
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/176637/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Frame ID: DFD3C232A914035451024FAE3E258BC3
Requests: 30 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Frame ID: 0DC227ED53585A2711DB6049C6429E09
Requests: 12 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.525.0_en.html
Frame ID: CBAA03651A0CDFAAF176A933B9B9F99F
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.525.0_en.html
Frame ID: D49CB8B7EB7979A38FD337C8B75057B1
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.525.0_en.html
Frame ID: 7845831BF80A37898D5B648183721810
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-1-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D3b9f95f57f894860a638d4414d639185%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: 7E19D254DCDFDDD724236535ACE07DA8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 46EB5ABC494FC09F17DF99375C7DBB21
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A50DA348D6B1342F1C0A134282DC78E4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B79CC789C8E0F31996629A0D88B90422
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4B01FDF20D7E574B4A35B959BD85D240
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tumblr Online Web Viewer and Statistics | TumgirFacebookTwitterPrintEmailAddThisFacebookTwitterPrintEmailAddThis

Detected technologies

AddThis (Widgets) Expand

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

148
Requests

84 %
HTTPS

38 %
IPv6

35
Domains

59
Subdomains

40
IPs

2
Countries

9069 kB
Transfer

13085 kB
Size

36
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://api.tumblr.com/v2/blog/lyanhwa.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/51471293e4ab956f1aeb09ed6f92f004/0232a619cde907ad-b7/s128x128u_c1/1cca08ce44909c45ba63950d6967a64151f4776f.png

Request Chain 4

https://api.tumblr.com/v2/blog/saaaadbitchsposts.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/bc9b45ff940d543d3d514773fb2a86cf/dd0b39cbf0dcd1bb-b2/s128x128u_c1/70e441869d728d45ee4bea77871bc55a4d58c254.jpg

Request Chain 5

https://api.tumblr.com/v2/blog/judememories.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/05b5dcb45b50c3e0c73079375e25b9d8/1979f4555b3d5581-68/s128x128u_c1/0a12f725ff467fbdc6d7b4fdc985aa5767e18d92.png

Request Chain 6

https://api.tumblr.com/v2/blog/crustypotatosworld.tumblr.com/avatar/128 HTTP 302
https://assets.tumblr.com/images/default_avatar/pyramid_closed_128.png

Request Chain 7

https://api.tumblr.com/v2/blog/tudorstacks-blog.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_7dc236e7463f_128.png

Request Chain 68

https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 HTTP 302
https://cds.connatix.com/p/176637/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

Request Chain 87

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
https://cks.connatix.com/cks?pid=19&uid=746babed-4f73-4fa2-8341-ec7719d85087&ttl=1663689082

Request Chain 88

https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3d3b9f95f57f894860a638d4414d639185%26pname%3dAppNexus%26api-tier%3d1%26uid%3d%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcks.connatix.com%252fcks%253fpid%253d6%2526ev%253d3b9f95f57f894860a638d4414d639185%2526pname%253dAppNexus%2526api-tier%253d1%2526uid%253d%2524UID HTTP 302
https://cks.connatix.com/cks?pid=6&ev=3b9f95f57f894860a638d4414d639185&pname=AppNexus&api-tier=1&uid=1266831714425546473

Request Chain 89

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Request Chain 91

https://i.ctnsnet.com/int/cm?exc=24&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d28%26ev%3d3b9f95f57f894860a638d4414d639185%26pname%3dCrimtan%26api-tier%3d1%26uid%3d%5Buser_id%5D HTTP 302
https://cks.connatix.com/cks?pid=28&ev=3b9f95f57f894860a638d4414d639185&pname=Crimtan&api-tier=1&uid=0db6d3ac3669468f996bffb8d9e8029e

Request Chain 92

https://id.rlcdn.com/712202.gif?cparams=3b9f95f57f894860a638d4414d639185 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCPqoiZgGEgUI6AcQAEIASiAzYjlmOTVmNTdmODk0ODYwYTYzOGQ0NDE0ZDYzOTE4NQ

Request Chain 93

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3d3b9f95f57f894860a638d4414d639185%26pname%3dCentro%26api-tier%3d1%26uid%3d{userId} HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3d3b9f95f57f894860a638d4414d639185%26pname%3dCentro%26api-tier%3d1%26uid%3d{userId} HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D3b9f95f57f894860a638d4414d639185%2526pname%253DCentro%2526api-tier%253D1%2526uid%253D376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553 HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D3b9f95f57f894860a638d4414d639185%2526pname%253DCentro%2526api-tier%253D1%2526uid%253D376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553&ct=y

Request Chain 94

https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d3b9f95f57f894860a638d4414d639185%26pname%3dSpotX%26api-tier%3d1%26uid%3d%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d3b9f95f57f894860a638d4414d639185%26pname%3dSpotX%26api-tier%3d1%26uid%3d%24SPOTX_USER_ID&__user_check__=1&sync_id=1afa4a52-2169-11ed-a381-1d8d9dd30203 HTTP 302
https://cks.connatix.com/cks?pid=10&ev=3b9f95f57f894860a638d4414d639185&pname=SpotX&api-tier=1&uid=1afa49fa-2169-11ed-a381-1d8d9dd30203

Request Chain 117

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&khaos=L73IBC3Q-X-D21V HTTP 302
https://ck.connatix.com/cks?pid=11&uid=L73IBC3Q-X-D21V HTTP 302
https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L73IBC3Q-X-D21V&UserId=

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM9__4SiUUXlMTPUMc0SBwE&google_cver=1

Request Chain 123

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=X2d_wju4TVS5HJ3xa57svg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=X2d_wju4TVS5HJ3xa57svg

Request Chain 124

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/1QpFAsZ1sfZ-TgCh3WHumw?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6746711320875412105

Request Chain 125

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3fNhL6bhTKuWBCxIR0yB1g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3fNhL6bhTKuWBCxIR0yB1g

Request Chain 126

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDczSUJDM1EtWC1EMjFW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDczSUJDM1EtWC1EMjFW&google_tc=

Request Chain 127

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=746babed-4f73-4fa2-8341-ec7719d85087&gdpr=0&gdpr_consent=&expires=30

Request Chain 128

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWU5OGVmNTczODc1ZDVmY2YwYzllZTU4MDNjNmMyZWZhNDA3ZTY3Mw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWU5OGVmNTczODc1ZDVmY2YwYzllZTU4MDNjNmMyZWZhNDA3ZTY3Mw&google_tc=

Request Chain 129

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L73IBC3Q-X-D21V&sigv=1&esig=2~f7744ad473d1690d4c50c52b756750a477c5ce7f

148 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.tumgir.com/ 30 KB
6 KB 77ms
50ms Document
text/html 2606:4700:20::681a:c2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc8ee449069160240e169f2a5b8165a9cc932c99d7e01dabeff4ef7dc1092b59

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 73e487966c9017fd-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 21 Aug 2022 15:51:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2f%2Bx64ve1FwHdEdympDsjEHCv356jHDq3Q5PcPomFll%2BFyC30ZOsk0lGKbcQiYcl55Z3Y%2FclZvpUrfUIioSSeHbR8OGcdud4oJCvMFJLPM7LYP1Ag4mutPWHGA7q6DVEuyJqJ8OESSGFcRz"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 39ms
21ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 15:31:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 21 Aug 2022 15:51:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Aug 2022 15:51:21 GMT

GET
H2 200 styles.css
www.tumgir.com/static/css/ 32 KB
6 KB 23ms
23ms Stylesheet
text/css 2606:4700:20::681a:c2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/css/styles.css
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 671339f098fa4412aa95686ddf57a2514b1dcfd72464c535a1389ff967199358

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 19 Aug 2022 09:20:36 GMT
server: cloudflare
etag: W/"7f24-182b56782a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ANNKuHPT7GaTpebQfGGLHwmohY0IJG4kcXh0G9N9kQSOoVccmYqYgcZYmbgzAi%2Fgg0F0MgOu6kqkYrDR52v7E42xo8RgLzF67XmNxaoX5amuq7RGm3UkU27p%2Bn2GIYczmDSuKWPDUx5VUGK"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73e48796bd1217fd-EWR

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 49ms
18ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134279593-1

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1538798afde9cbed3e18255379476f9b8d9280ac571890e6452367ace3e90efe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41843
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Aug 2022 15:51:21 GMT

GET
H2

200

1cca08ce44909c45ba63950d6967a64151f4776f.png
64.media.tumblr.com/51471293e4ab956f1aeb09ed6f92f004/0232a619cde907ad-b7/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/lyanhwa.tumblr.com/avatar/128
https://64.media.tumblr.com/51471293e4ab956f1aeb09ed6f92f004/0232a619cde907ad-b7/s128x128u_c1/1cca08ce44909c45ba63950d6967a64151f4776f.png

27 KB
27 KB

28ms
26ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/51471293e4ab956f1aeb09ed6f92f004/0232a619cde907ad-b7/s128x128u_c1/1cca08ce44909c45ba63950d6967a64151f4776f.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0ceb9ace700dc6480dd5bc0ece2a069e9e6b43c4426ed0e637fe134023a8973c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_51471293e4ab956f1aeb09ed6f92f004_1cca08ce_128.png"
server-timing: dc;desc=ewr, cache;desc=MISS;dur=13.0
content-length: 27854
x-nc: MISS ewr 7
last-modified: Wed, 02 Mar 2022 05:05:11 GMT
server: nginx
etag: "b50627fdc19e93fb96eaf20514958a8f-1498089600-97598d7"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

Redirect headers

date: Sun, 21 Aug 2022 15:51:21 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/51471293e4ab956f1aeb09ed6f92f004/0232a619cde907ad-b7/s128x128u_c1/1cca08ce44909c45ba63950d6967a64151f4776f.png
x-rid: ebdc8d0f4ec5d2ed911b8a5ec4ed9ab4
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

70e441869d728d45ee4bea77871bc55a4d58c254.jpg
64.media.tumblr.com/bc9b45ff940d543d3d514773fb2a86cf/dd0b39cbf0dcd1bb-b2/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/saaaadbitchsposts.tumblr.com/avatar/128
https://64.media.tumblr.com/bc9b45ff940d543d3d514773fb2a86cf/dd0b39cbf0dcd1bb-b2/s128x128u_c1/70e441869d728d45ee4bea77871bc55a4d58c254.jpg

4 KB
4 KB

517ms
514ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/bc9b45ff940d543d3d514773fb2a86cf/dd0b39cbf0dcd1bb-b2/s128x128u_c1/70e441869d728d45ee4bea77871bc55a4d58c254.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c43c278ff9782c532f9fe4f81cc8c0defcdcdf799926fbc7b7ed3cb8f48a28a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_bc9b45ff940d543d3d514773fb2a86cf_70e44186_128.jpg"
server-timing: dc;desc=ewr, cache;desc=MISS;dur=509.0
content-length: 3817
x-nc: MISS ewr 7
last-modified: Wed, 09 Dec 2020 23:34:41 GMT
server: nginx
etag: "20084f2b34cb056f239fb5ce279c2a9b-1498089600-97598d7"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

Redirect headers

date: Sun, 21 Aug 2022 15:51:21 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/bc9b45ff940d543d3d514773fb2a86cf/dd0b39cbf0dcd1bb-b2/s128x128u_c1/70e441869d728d45ee4bea77871bc55a4d58c254.jpg
x-rid: 7ea1cf1761f2f5fdca609f4bed49112c
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

0a12f725ff467fbdc6d7b4fdc985aa5767e18d92.png
64.media.tumblr.com/05b5dcb45b50c3e0c73079375e25b9d8/1979f4555b3d5581-68/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/judememories.tumblr.com/avatar/128
https://64.media.tumblr.com/05b5dcb45b50c3e0c73079375e25b9d8/1979f4555b3d5581-68/s128x128u_c1/0a12f725ff467fbdc6d7b4fdc985aa5767e18d92.png

31 KB
31 KB

21ms
20ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/05b5dcb45b50c3e0c73079375e25b9d8/1979f4555b3d5581-68/s128x128u_c1/0a12f725ff467fbdc6d7b4fdc985aa5767e18d92.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

233077278b2d6fcf7015a94cb5d68de97beaa753c6892192d179cae9567eeb59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_05b5dcb45b50c3e0c73079375e25b9d8_0a12f725_128.png"
server-timing: dc;desc=ewr, cache;desc=MISS;dur=10.0
content-length: 31770
x-nc: MISS ewr 5
last-modified: Mon, 14 Dec 2020 19:31:17 GMT
server: nginx
etag: "52e7baa1b985dabdb55f419a6fa103c4-1498089600-97598d7"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

Redirect headers

date: Sun, 21 Aug 2022 15:51:21 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/05b5dcb45b50c3e0c73079375e25b9d8/1979f4555b3d5581-68/s128x128u_c1/0a12f725ff467fbdc6d7b4fdc985aa5767e18d92.png
x-rid: 8102339b5bc23e5924ab9a38762d1f20
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

pyramid_closed_128.png
assets.tumblr.com/images/default_avatar/
Redirect Chain

https://api.tumblr.com/v2/blog/crustypotatosworld.tumblr.com/avatar/128
https://assets.tumblr.com/images/default_avatar/pyramid_closed_128.png

4 KB
4 KB

23ms
14ms

Image
image/png

192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.tumblr.com/images/default_avatar/pyramid_closed_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

670922b4bbf933c23eee67592c6a55f7095fd14bcb5ae75d978ac6e845dca4f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT ewr 1
date: Sun, 21 Aug 2022 15:51:21 GMT
last-modified: Fri, 01 May 2020 05:25:04 GMT
server: nginx
etag: "5eabb2b0-f14"
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
timing-allow-origin: *
content-length: 3860
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Sun, 21 Aug 2022 15:51:21 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://assets.tumblr.com/images/default_avatar/pyramid_closed_128.png
x-rid: a8297b45de8747095ba3bd7ca15de6b3
content-type: application/json
content-length: 136
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

avatar_7dc236e7463f_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/tudorstacks-blog.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_7dc236e7463f_128.png

30 KB
31 KB

157ms
156ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_7dc236e7463f_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3987f4f75cb48c2850ba9b78c657788ac2c141db02e6bb6d51b24c68c8bd65b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="avatar_7dc236e7463f_128.png"
server-timing: dc;desc=ewr, cache;desc=MISS;dur=146.0
content-length: 31063
x-nc: MISS ewr 2
last-modified: Tue, 15 Dec 2020 00:57:29 GMT
server: nginx
etag: "15969b14b4418c345dfd952983bd8a72-1498089600-97598d7"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *

Redirect headers

date: Sun, 21 Aug 2022 15:51:21 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_7dc236e7463f_128.png
x-rid: 182026eb40e4af0c826bf821813ef7c6
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 a1556686be08b6a3f0cb86f3ad766e8de3d2e52d.pnj
64.media.tumblr.com/c62b39c0f26438f1cf8febd1a662c787/35cf3e0af374a1bc-f6/s540x810/ 77 KB
77 KB 34ms
4ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/c62b39c0f26438f1cf8febd1a662c787/35cf3e0af374a1bc-f6/s540x810/a1556686be08b6a3f0cb86f3ad766e8de3d2e52d.pnj

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

81e66d3c4f5f980da70c5871b343aeed388293a4f03a5a85559d06b9777ab59c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_c62b39c0f26438f1cf8febd1a662c787_a1556686_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 78516
x-nc: HIT ewr 3
last-modified: Wed, 20 Jul 2022 10:51:29 GMT
server: nginx
etag: "ed1f502ba094645dc174529fb9140eb7-1503417600-97598d7"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 43d595c0ab288f2681f2fe6287fac047bc3ac5b7.pnj
64.media.tumblr.com/dfc5ed2ecdf2dff681086ca2cb6c0edf/51eb49795963f679-6e/s540x810/ 30 KB
31 KB 35ms
5ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/dfc5ed2ecdf2dff681086ca2cb6c0edf/51eb49795963f679-6e/s540x810/43d595c0ab288f2681f2fe6287fac047bc3ac5b7.pnj

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

25fc1e63acc40860a0fdf38979514208af1c611d1087b82119682e5e4cb4ccac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_dfc5ed2ecdf2dff681086ca2cb6c0edf_43d595c0_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=0.0
content-length: 31014
x-nc: HIT ewr 6
last-modified: Tue, 26 Jul 2022 00:25:48 GMT
server: nginx
etag: "b0b933bec4d82c515b27d192a2cb0b78-1503417600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 01e4eab49f95e4c6c3432e30e2175c2df9c971b7.pnj
64.media.tumblr.com/97cde9c865349fe6ddcdf5aa49b71072/51eb49795963f679-1f/s540x810/ 41 KB
41 KB 29ms
11ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/97cde9c865349fe6ddcdf5aa49b71072/51eb49795963f679-1f/s540x810/01e4eab49f95e4c6c3432e30e2175c2df9c971b7.pnj

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

562fbe15070fb1aa2dfc85a80e712737a17f1256766545814bf4589dc9697683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_97cde9c865349fe6ddcdf5aa49b71072_01e4eab4_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 41555
x-nc: HIT ewr 2
last-modified: Tue, 26 Jul 2022 00:13:16 GMT
server: nginx
etag: "55794dd75f82737418122f9ebba14de9-1503417600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 61c46c0284bdb92de3d4e6fb333a0f778b1747da.pnj
64.media.tumblr.com/98435066ab78d5ec61134e4d3573adc6/51eb49795963f679-11/s540x810/ 37 KB
38 KB 13ms
10ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/98435066ab78d5ec61134e4d3573adc6/51eb49795963f679-11/s540x810/61c46c0284bdb92de3d4e6fb333a0f778b1747da.pnj

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cb71da8002219a1ad2e9ccf3bfd4a1ee148bc53de69b88b177e14f88dd4d0f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_98435066ab78d5ec61134e4d3573adc6_61c46c02_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 38259
x-nc: HIT ewr 5
last-modified: Tue, 26 Jul 2022 00:13:16 GMT
server: nginx
etag: "ec466f63d93bdd3b4e0d23b80bf4849d-1503417600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 ebfce8d842a965e0078f466a428e6226f476e387.gifv
64.media.tumblr.com/a07fc126128c47ff1b886c359130365b/7d3f88396fcc8fba-4e/s500x750/ 3 MB
3 MB 13ms
11ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/a07fc126128c47ff1b886c359130365b/7d3f88396fcc8fba-4e/s500x750/ebfce8d842a965e0078f466a428e6226f476e387.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1a21a60651bad6a46b617170d92c788273db7e69c5233359b2271362211e08c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
strict-transport-security: max-age=31536000; preload
vary: Accept
content-disposition: inline; filename="tumblr_a07fc126128c47ff1b886c359130365b_ebfce8d8_500.webp"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=2.0
content-length: 2694946
x-nc: HIT ewr 5
last-modified: Fri, 29 Jul 2022 19:15:51 GMT
server: nginx
etag: "d3ae82e87f3e7fd7607507ded0111ade-1523937600-d32ddc9"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 b4762738b36ad485cd9620d75c488fe5d454586c.gifv
64.media.tumblr.com/f83d96876d36898e3e1da48dc99e9728/e083cda6a71f4502-06/s500x750/ 2 MB
2 MB 14ms
12ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/f83d96876d36898e3e1da48dc99e9728/e083cda6a71f4502-06/s500x750/b4762738b36ad485cd9620d75c488fe5d454586c.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

34fbc37d6b5ba773977108836af81174b542671b6e29d3f3072d1617e8edfbb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
strict-transport-security: max-age=31536000; preload
vary: Accept
content-disposition: inline; filename="tumblr_f83d96876d36898e3e1da48dc99e9728_b4762738_500.webp"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 2425872
x-nc: HIT ewr 5
last-modified: Thu, 28 Jul 2022 01:39:35 GMT
server: nginx
etag: "981e30aaf145969d722fc84395ff3cb3-1523937600-d32ddc9"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 64ab14911b862346589d1b6895c86ef2c1771122.jpg
64.media.tumblr.com/50c5676ebd3b4932b5fd2e7b2939f1c4/cb2228ee9414c63c-4b/s540x810/ 59 KB
59 KB 13ms
10ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/50c5676ebd3b4932b5fd2e7b2939f1c4/cb2228ee9414c63c-4b/s540x810/64ab14911b862346589d1b6895c86ef2c1771122.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bdeaa7246196a8dce2f456ae421e0915ec090b7ab8247c17dcf54ca995c3debb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_50c5676ebd3b4932b5fd2e7b2939f1c4_64ab1491_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 60113
x-nc: HIT ewr 8
last-modified: Wed, 27 Jul 2022 04:34:17 GMT
server: nginx
etag: "fdeb2a71fabf60888892b6bfaf1d7240-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 7c8e39c0549fb460c8340ee549a1b7aef7f0ad20.jpg
64.media.tumblr.com/fadba0067c02ab920b84e59a1e5f0955/d83b1397daa58445-58/s540x810/ 31 KB
31 KB 13ms
11ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/fadba0067c02ab920b84e59a1e5f0955/d83b1397daa58445-58/s540x810/7c8e39c0549fb460c8340ee549a1b7aef7f0ad20.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3d53716e64bc34c236d3a9d741f76976432cf358784e748e4e7dffae69e116a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_fadba0067c02ab920b84e59a1e5f0955_7c8e39c0_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 31925
x-nc: HIT ewr 5
last-modified: Wed, 03 Aug 2022 13:57:20 GMT
server: nginx
etag: "0f68064bed63f0f03311901776a620f6-1498089600-c55336b"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 bf27df842da150cbe10505e6dd1d0c771d46ad86.jpg
64.media.tumblr.com/3ac93215dbbb7a554526c8a29290e630/390e419889b0a01b-f8/s540x810/ 10 KB
10 KB 14ms
11ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/3ac93215dbbb7a554526c8a29290e630/390e419889b0a01b-f8/s540x810/bf27df842da150cbe10505e6dd1d0c771d46ad86.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d5f12dd3e62c66022ea58e3017b4bb49c045fa2b502d16b86ea3a91dad2bc40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_3ac93215dbbb7a554526c8a29290e630_bf27df84_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=0.0
content-length: 10450
x-nc: HIT ewr 6
last-modified: Sun, 14 Aug 2022 02:20:05 GMT
server: nginx
etag: "d145776564a41b5562d74b7e52ad9e51-1498089600-97598d7"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 b95211c3fe83b5c05c650dece29c73fda977cf3a.pnj
64.media.tumblr.com/db5f51d0d8c47cd42a8f5ec42c51e077/f73af015a8a746ae-65/s540x810/ 27 KB
27 KB 14ms
11ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/db5f51d0d8c47cd42a8f5ec42c51e077/f73af015a8a746ae-65/s540x810/b95211c3fe83b5c05c650dece29c73fda977cf3a.pnj

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a0ec5ccfc45de8835ef0dcf999a45b39ae78b615941aca04e1fc7997870ef69c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_db5f51d0d8c47cd42a8f5ec42c51e077_b95211c3_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=0.0
content-length: 27764
x-nc: HIT ewr 3
last-modified: Wed, 03 Aug 2022 12:20:56 GMT
server: nginx
etag: "b77294697bdb5eaf5f2534d91463bbe4-1503417600-c55336b"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 29ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1030862
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
timing-allow-origin: *
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNjd8fCXbGqOduddQL1DfCfNfvVBcVDSJnQmdn3lnls1ihP1ANoEH9rlrS%2FGGMS1w4oPlsZ2fOHGfQjTS%2BB6UGtYhND6zhiJvgQtoTioQ5tIYF8aKVS5Qfix2RasP3HdAwtYk0sVqRX6H0nrv8%2BfJRA0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73e48796fd9f8c7d-EWR
expires: Fri, 11 Aug 2023 15:51:21 GMT

GET
H2 200 navbar.js Show response
www.tumgir.com/static/js/ 469 B
526 B 26ms
26ms Script
application/javascript 2606:4700:20::681a:c2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/navbar.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae1b9abbb61470260e103684bbd81cc23d3e69a1e9db92ef899dd539e0c9da15

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 12 Apr 2022 21:42:27 GMT
server: cloudflare
etag: W/"1d5-1801fba58a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0l0nRUkU%2BCH6Lk%2FIMtavjvK7Li3Lsy7PBEKpYbyiksQn4r2NudxRdfVANEAhvLiRmG8mW1PaoIC2w04ltsmqs4avtLGWdTfeA3Iq8lkV1eoN3j8ZR1OCHQA%2BLp89VnqJt5R4Q6kRI0UcWoK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73e48796fd6217fd-EWR

GET
H2 200 sticky-sidebar.js Show response
www.tumgir.com/static/js/ 2 KB
1 KB 42ms
37ms Script
application/javascript 2606:4700:20::681a:c2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/sticky-sidebar.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2f27e3088285e1508b05742e4b0654f3f6c1bc0a987600245b207d70f9c74f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 17 Aug 2022 21:49:39 GMT
server: cloudflare
etag: W/"7e4-182adc89199"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RRyac9XrwHWd2dQiYWaWW7MjLoYmke7yKyoBCcTjP%2FD4PVrT4p%2B3PJyAXFTXeNQ3X%2FOIG7X14qFYhD00oy%2FblvKBGLwOt%2Bdr2GOm1UAq17WAcu%2BhMeWjMnUDeDOpwoGvijedeQrs%2B4wvVLl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73e487970d6917fd-EWR

GET
H2 200 home.js Show response
www.tumgir.com/static/js/ 1 KB
910 B 27ms
21ms Script
application/javascript 2606:4700:20::681a:c2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/home.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d6353c4c7c37bbf79ef323992174ee0612187524b578fe476dbadfb438d49d7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 17 Aug 2022 21:49:32 GMT
server: cloudflare
etag: W/"58d-182adc87650"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdLvpOpL1dGWhq3gnpbujZR1IYxlLaKjJ7DMGBNia28%2F1qEvfd4lp8KZpv4Pl09XBQ0KWO0Ub7O%2BWDuGICJHaOTzKTyX8JLclHDMcZfmvR2Kua6scKV5Qh9r4yu9P27QfTo4hVF7xYyve3u%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73e487970d6b17fd-EWR

GET
H2 200 notes.js Show response
www.tumgir.com/static/js/ 544 B
592 B 26ms
21ms Script
application/javascript 2606:4700:20::681a:c2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/notes.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79d0a037047a98fc9e0348e4bfa35789aa14d62cf80972bf3aac26f7a5b1a862

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 17 Aug 2022 21:49:49 GMT
server: cloudflare
etag: W/"220-182adc8ba79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qfn6cKQYPT0UtPrzhTKKrdVScnrC8T%2Fem6d%2BYZyfX7%2FWT8Xjk%2BF7t0JrpshdtxDfofOfiRfYVcxwb0mAH7LxZluwEPKPz5Cjtu9tK1jh4KUjIq7p5Q3UaE%2BbYGDayFM4IFo1ecUl%2F6TBvdQN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73e487970d6d17fd-EWR

GET
H2 200 visit-blog.js Show response
www.tumgir.com/static/js/ 207 B
441 B 39ms
34ms Script
application/javascript 2606:4700:20::681a:c2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/visit-blog.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9eef065474f7173f75be0baf23fb74738c983a43d2e2c33dad161037a4f099

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 17 Aug 2022 21:49:45 GMT
server: cloudflare
etag: W/"cf-182adc8ac83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FYjIU1w5CguSdkvdicAmx6%2BLZw1Ml9Ryh6nGvUrLkNkyLjV9vlIHaaC6UgkDrj295sTw26dWAPAzhv0wrMKneTcJ9rECBftVOTEMMBOhBdBb6kL1TRAT0wEame9wYXyRCGru6rI33812IFs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73e487970d6e17fd-EWR

GET
H2 200 explore-tagged-posts.js Show response
www.tumgir.com/static/js/ 214 B
448 B 137ms
133ms Script
application/javascript 2606:4700:20::681a:c2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/explore-tagged-posts.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ceae9996a5e9b27a6c8de06eb8c948f9c419593389c357ccdae06d0b52074e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 17 Aug 2022 21:49:32 GMT
server: cloudflare
etag: W/"d6-182adc87709"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8GlexNybb8mNwt23eOL6GkWaMcCvwJ1coeA8VTk77sQ%2BLWa66p381ArnE3dqPkf4L56cbb0l8FuvTyNEQKFpaxz0j1c2YQ%2B0eJZ%2BNHS3RGsJn8lB3hlNZzHVlUuVAhOiFdTTI1k7ggm2pJ5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73e487970d6f17fd-EWR

GET
H2 200 sw.js Show response
www.tumgir.com/ 100 KB
38 KB 17ms
15ms Script
application/javascript 2606:4700:20::681a:c2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/sw.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8c382d76b7f3c936b789e587ff26a8383cb504a1b7c7f6183f80a45d2a464c9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1691173
x-powered-by: Express
last-modified: Sun, 13 Mar 2022 22:02:35 GMT
server: cloudflare
etag: W/"190ed-17f854dffbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yR79Kd7gxCSPEkN2KpwxhiU1D04WyTrZ6Mum9r4sswCPAGhG27JOJlUAhxcNkbM%2FY5a13Of%2Fla3aucPfUBrPvwH5fYZdonbBpUiuU8v5AQfTskNUrxvlBen6CouhZhQHHUYOfXapBRJR8u9a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 73e487970d7117fd-EWR
expires: Sun, 09 Apr 2023 17:38:52 GMT

GET
H2 200 / Show response
d18g6t7whf8ejf.cloudfront.net/ 253 KB
78 KB 132ms
96ms Script
text/plain 108.139.38.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-60.jfk50.r.cloudfront.net
Software: /
Resource Hash: fc91bb29f73334c99c6c81ee0989995f1a3cc29c0a8075b96ea66372bd130abd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: gzip
x-amz-cf-pop: JFK50-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 79317
via: 1.1 f458ab1245bb4f257969c1da8e708f88.cloudfront.net (CloudFront)
x-amz-cf-id: C4pI0iIJHhhEmCUETmij1zAu35v1tdqvXi_B4Fgu2BnUlW1AtbyS3A==

GET
H2 200 / Show response
dmmzkfd82wayn.cloudfront.net/ 293 KB
96 KB 157ms
93ms Script
text/plain 2600:9000:2162:fa00:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:fa00:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 73045debb89dccf27a5cd33b7f0776015163eeb01e354f506904062d03a5177d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: gzip
x-amz-cf-pop: EWR52-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 97994
via: 1.1 13eb5c0e05c1c43ed344f7e14dcf0a00.cloudfront.net (CloudFront)
x-amz-cf-id: jfxU9cKKrRNcbjtAABF25_vgmMnrqVyCglLA7XhCdps4spcdoPkiaQ==

GET
H2 200 vidjs Show response
video-serve.com/ 1 KB
1 KB 76ms
23ms Script
application/json 18.67.65.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video-serve.com/vidjs?tid=947040
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-103.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: cc5b52f2199694e4c1785d9231fd52d4140118eb8133d9303cb7d1bdffb231f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-type: application/json
content-length: 694
via: 1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
x-amz-cf-id: 2-S5jLm26_Ui7T-2ziuR-MTsNQUoba-oqsQ8v-kUYSTRRVANDhKWwQ==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 92ms
14ms Script
application/javascript 23.208.216.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Sun, 21 Aug 2022 15:51:21 GMT
x-host: s7.addthis.com
content-length: 116423

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
5ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134279593-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5149
date: Sun, 21 Aug 2022 14:25:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 21 Aug 2022 16:25:32 GMT

GET
H2 200 b1RKRDcUdjkzaBomJmYNTTw%2BMEccbmVrQBgjZDBCAjMjNhkMOydrRBh6IDcVQ3Y5KVFNbntoFRw5PGYNTWBkdBVDdj4lUDA9LmYNTWx%2BcgBeZGhoFRwhKBteC2ZofhVfbC9xBF9lKGkPDmFyaQMLZHhpVVoxKWkBWjVycQNZMighVll2Nw Show response
mefagetobri.top/ 56 KB
23 KB 59ms
16ms Script
application/javascript 107.22.28.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mefagetobri.top/b1RKRDcUdjkzaBomJmYNTTw%2BMEccbmVrQBgjZDBCAjMjNhkMOydrRBh6IDcVQ3Y5KVFNbntoFRw5PGYNTWBkdBVDdj4lUDA9LmYNTWx%2BcgBeZGhoFRwhKBteC2ZofhVfbC9xBF9lKGkPDmFyaQMLZHhpVVoxKWkBWjVycQNZMighVll2Nw
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-28-167.compute-1.amazonaws.com
Software: / Express
Resource Hash: 004a501b2c481147de166973966a12083396e796820a3883dc207c2e4611b031

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"e0fc-RsllV3FSz6UxjxKek/v3GrvTi8E"
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 20ms
19ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1677587671&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumgir.com%2F&ul=en-us&de=UTF-8&dt=Tumblr%20Online%20Web%20Viewer%20and%20Statistics%20%7C%20Tumgir&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=768434761&gjid=2106140774&cid=1621838245.1661097082&tid=UA-134279593-1&_gid=1755708028.1661097082&_r=1&gtm=2ou8h0&z=1672031563

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumgir.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 56ms
22ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5627
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 21 Aug 2022 14:17:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kBQ8C0BgI4dXpCJpLo8DBr%2BhB78bJUZaSVGnC5PbbgQOe5L6Qu6Q276HiNjjpLje4rCNhrMXGtDonA%2F0TCXHxEZIeKpG61PVddQGKlpp5n9cm%2BWIOvj7w0%2FHsUVTZ5IBtByfypfFXl6ZjLd"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.tumgir.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 73e487989f5032d3-EWR
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
381 B 63ms
29ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 658edb1759d3b96a976317d308f7f02896f84ba91e60bc23e9a8daafbe58438a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKHI7SVKeZFxCX3ywb70K3Tl4pdXQnP4UaegU73r0gQw0u6DGJq%2FR23dY6jSJQNxUp1L6jOrTF0mRCV8rOJC1LtF1Uj6SzRzidlWd%2FhWe6atocgzqW10XqrTzE8TGEMSoFAVFo08wIPZAMxU"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 73e487989f5132d3-EWR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
mentxviewsi.one/ 0
488 B 58ms
19ms XHR
text/plain 18.67.65.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsi.one/utx?cb=Tmt6jBqXwJef&top=www.tumgir.com&tid=852974
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-105.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:21 GMT
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: atcG1-e890Zr7quR0W_m5oU5yosdi27a7D7Osh8YJavHqSRpnY1v8Q==

GET
H2 200 PwYBajEdEWgDKTQDbFs8M38aVAYvEQFaPRwRIV0kIyEcXiowJBp0Bj8qDnBeHxIMCgoxHBwUAQYkN0JWMBE6YCZCei1BOx4PKVkaAw Show response
mentxviewsi.one/dUtZMmsUKTpfVBR2OxQeBydkF1kzbmt0D0RzPgQfQjwxVFMQIT8cCBkkLFYNByQ3RkUbLi0XWTMOFHQpLSoOCz8lMTJiPjAabH9aJxMbZSEAEzVBPDoiCHUqIAktdwE4BgBaWhIcG0YvNA8uRiNEODF7Pk0pClg5BBwMXgg4HzJ9Ph0SaH06B... Frame FE66 3 KB
2 KB 45ms
21ms Document
text/html 18.67.65.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsi.one/dUtZMmsUKTpfVBR2OxQeBydkF1kzbmt0D0RzPgQfQjwxVFMQIT8cCBkkLFYNByQ3RkUbLi0XWTMOFHQpLSoOCz8lMTJiPjAabH9aJxMbZSEAEzVBPDoiCHUqIAktdwE4BgBaWhIcG0YvNA8uRiNEODF7Pk0pClg5BBwMXgg4HzJ9Ph0SaH06BRgYajJHDwgCJS8DHFYjRHNuUwMCCQ92Pg0KGHQ9OwMcUS8Se2B9KTgMAXYcRx8fA1kvEzVoOBIBPlQTQQwBWDpBAzFFPSwmOnosDR0waFodLRFfKQwcMAI9LCY6VykZfjRrWw0oOlw9GRwLUSwvA3QHJi0aGEohDSAdZDgWMhpFOS8BEXgJPhoPWDIwLzpwBSMnDmcPFwQafy40Mw9bLTAzPXMvAm5rcCoSJA9rBhYEGl4mQgQccCA0JhgCKid6P2I/PwYBajEdEWgDKTQDbFs8M38aVAYvEQFaPRwRIV0kIyEcXiowJBp0Bj8qDnBeHxIMCgoxHBwUAQYkN0JWMBE6YCZCei1BOx4PKVkaAw
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-105.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 2cbca6cb55b4f4b31205c1ae9031a65b84dad7ec1870b557a64a44f7c443b341

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1242
content-type: text/html
date: Sun, 21 Aug 2022 15:51:21 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
x-amz-cf-id: PJlZDwexSsZeZdrXYSAACATZk2g5wD9x1GrMF2N0L83BPIeFqkkmwg==
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
101 KB 31ms
16ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5627
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 21 Aug 2022 14:17:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqPvIdOW9mAcN2xS%2FV3r6o23qZ0TT4pXWUTzHqOg26JF7t9AlsKrP2xwhZlPgQdfsGcFnsjCnLXoXkZhhKEW16g2BBDT%2F9Bp6z6pMwC5sa6hGRGgFOhG73oUrfxL4anpjyH7yiOf8ulk7%2BIQ"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.tumgir.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 73e487989f5232d3-EWR
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 26 B
363 B 45ms
31ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d32ffc5ec670efa920e096c1ea4ab37e6f77925211760c33db0d3f13e8ce6c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DsbCIx9vOYDcu4Dg0qWn%2FTIfB5e6SAgLaf%2BuNhQac6ZBLPpslSqO4W5k5Ye7cO71DSB01eovdy9HdvDxA4gGhK1leXolOdZN3xNZuqD7twqsVj3j7anmourr9h0PgfHb%2BQ4Curci%2FlS44zVh"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 73e487989f5332d3-EWR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
mentxviewsi.one/ 0
490 B 40ms
20ms XHR
text/plain 18.67.65.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsi.one/utx?cb=iZ49tHtMnm13&top=www.tumgir.com&tid=853405
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-105.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:21 GMT
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: nGbzRry-WA_lGxHk3dxTGmfXCfY0ao80Fc0khdbY--pwP0SUBs9z6A==

GET
H2 200 LTULVxg9JBhkJVwSJlk1Oh06UCdaKQt+IgQICVY6AREmVgc5HSZSIS0tDVMxXh0dVlUBNiVfA1YzEEcjKXUMRQQcfRxYHQ Show response
mentxviewsi.one/SjFza0UrUxAGeisMEU0wOF1OTncMFEEtIXsJFF0xfUYbDX0vWxVFJiZeBg8jOF4dH2skVAdOdwx/ElgHAVBBBAwCSCIlExgJKScpEGIrAAtvAzE8dHN/NAEuD3MxHwsadTYICjB7RScXflIxWAxzcAQ9EhpZNiQTIXMAKTI5dzVYIQR1BD4RL... Frame 647D 3 KB
2 KB 40ms
30ms Document
text/html 18.67.65.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsi.one/SjFza0UrUxAGeisMEU0wOF1OTncMFEEtIXsJFF0xfUYbDX0vWxVFJiZeBg8jOF4dH2skVAdOdwx/ElgHAVBBBAwCSCIlExgJKScpEGIrAAtvAzE8dHN/NAEuD3MxHwsadTYICjB7RScXflIxWAxzcAQ9EhpZNiQTIXMAKTI5dzVYIQR1BD4RLgADJgYiYBw9KX9/MS8qD3AlMiMGYxQqBy1wGywUOVUlAX0BZwQyIwdwOiwHMncFPBYyVCsFNQVmNR8cGmA6LgEyCUosAHNrIigULGVCBwQvAAcuEntnRiAQc2siL3UJczVaACgAFAQRIXtFLnQyVyQ8aHNrJAwqC34UCBUCcyYEBAt8FT0dLUUrWi0CazUDJh5aOV0UPXQ3KQYpeSdaLjBTQgckCEkYAwEhCCk6Bnp+MDoELGhDXhwdST4CAhtkNC0Sc2s/LTULVxg9JBhkJVwSJlk1Oh06UCdaKQt+IgQICVY6AREmVgc5HSZSIS0tDVMxXh0dVlUBNiVfA1YzEEcjKXUMRQQcfRxYHQ
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-105.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 14b23ab6f44a91126107b69d17ad3f7fa721f0643941e0541f2d214f5f2e20be

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1242
content-type: text/html
date: Sun, 21 Aug 2022 15:51:21 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
x-amz-cf-id: M-xbk0K-719F5QJYvJs5a_qFfOCFgA85GhKh4wKNhT5q4zsR93CP9A==
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront

GET
H2 204 Z0FEQUFIficyfCkGcTUMISoFFy0QCyYADz4WMwcxJRcwGAIgBGI1KAN8fHRzXnZwZzEOJXlyc0EyMCA1EjJ5cGcOLyIufEE3eXFvX299b3FBNHlwZxMxJSZ8Vmc0NTULfHV3d1ZxfXZxX3BydHc
yrecomemu.one/ 0
489 B 61ms
29ms Image
text/plain 2606:4700:3033::6815:5a6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yrecomemu.one/Z0FEQUFIficyfCkGcTUMISoFFy0QCyYADz4WMwcxJRcwGAIgBGI1KAN8fHRzXnZwZzEOJXlyc0EyMCA1EjJ5cGcOLyIufEE3eXFvX299b3FBNHlwZxMxJSZ8Vmc0NTULfHV3d1ZxfXZxX3BydHc
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5a6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5koE7m8cxZd2pSeT0vbSuartNYehtXBA3b0jRWJ%2BioR1LPgpVrf9yytZDiCbzhfJjR3qfycCoN73PbRVGnwOEhaK8iWHAArPQ8ErHQgxR1afi814k4f%2Bc01R%2FRDjjc8D3qge%2Fs2FrhoZV%2Bem"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 73e48798ca3678e1-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 U2ZLVGh8WSgnVQJWJzk9FCh4Nz43Fh06OnZUDQEvFTIoOhAHBw0nTicPL2lQZlRyY1x1FiIwVWBUbSccMhI+J1VhVntjTjoILTtVYUA9aVh9XmVtRmNAPmlZdRI7NQ9uV20kHCcKdmVeZVd7bV9jXnpiXWs
yrecomemu.one/ 0
253 B 62ms
30ms Image
text/plain 2606:4700:3033::6815:5a6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yrecomemu.one/U2ZLVGh8WSgnVQJWJzk9FCh4Nz43Fh06OnZUDQEvFTIoOhAHBw0nTicPL2lQZlRyY1x1FiIwVWBUbSccMhI+J1VhVntjTjoILTtVYUA9aVh9XmVtRmNAPmlZdRI7NQ9uV20kHCcKdmVeZVd7bV9jXnpiXWs
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5a6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cynXPj9puvN49sfiAEXoBpKZ6OuCUL0McTLr0Liuctt53gvf8wVsQnlavAMkVPwxdk0q3mkFBNvPShNpj%2FFNGFFZa0UY%2FzU09afAEucybJL301BuCrMUkmxA8HTHBVTntHJsiUzRQwmU1JHr"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 73e48798ca3778e1-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 ICgzFCY9JQZ0GQ8EFgMzGw1iKjMlP3ExGCpbb3BCelZiYwEnAmp3SGgVIyQFOxVqdFcnCDEqTGgQanRffkhifF9+QCJ4QGgSJyQWc1dxNQU6Cmp0R3hXZ3xGfl5mc0Z7
yrecomemu.one/TmZXRXFhWTQ2TC8IPx8/ 0
256 B 65ms
34ms Image
text/plain 2606:4700:3033::6815:5a6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yrecomemu.one/TmZXRXFhWTQ2TC8IPx8/ICgzFCY9JQZ0GQ8EFgMzGw1iKjMlP3ExGCpbb3BCelZiYwEnAmp3SGgVIyQFOxVqdFcnCDEqTGgQanRffkhifF9+QCJ4QGgSJyQWc1dxNQU6Cmp0R3hXZ3xGfl5mc0Z7
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5a6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BP9PsOhkkYkzY5Hm30KWxawJVz4RsfDbYl3YEfnPZPQKlSCAE6sFnb7Z93139yawqtXboV8yq4asyc3dmO%2B22GAQML%2F1pYkcwk3OEnK%2Bbo1efKhsCogrbm09hyFlJX9oub29kW%2BcHue%2Baau"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 73e48798ca3978e1-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 37ms
6ms Script
application/x-javascript 23.41.169.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.169.149 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-169-149.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 2A893CE59965E517
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=30493
accept-ranges: bytes
content-length: 948
x-amz-id-2: MDxW/qEV6z5RXLMbBziYLLh8guBo4Yjf1tN+vNqKUxkjObsXEY4QkclXxjc7om0HRuMRhFgtKm4=

GET
H2 200 EMFBXaW9TPzkPUEQ5M1RXBWJuXlsWOiQGAUBtEjMMYh1gWBtDADwtH1shIU8bSjRqWUlcMTkOUhY1OQpSAXY2DQ0NZHEdH187ahwBVDUxAAFVNHEcDg09OBMGXDw2TF12ZXlZSgJgfx4GXjQ4HhwVYmcHGxViZ1hfHmByWi0VYmceBl5mY0xccnVlWRcGZH-5MXQA... Show response
d18g6t7whf8ejf.cloudfront.net/ Frame FE66 424 B
616 B 78ms
77ms Script
text/plain 108.139.38.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/EMFBXaW9TPzkPUEQ5M1RXBWJuXlsWOiQGAUBtEjMMYh1gWBtDADwtH1shIU8bSjRqWUlcMTkOUhY1OQpSAXY2DQ0NZHEdH187ahwBVDUxAAFVNHEcDg09OBMGXDw2TF12ZXlZSgJgfx4GXjQ4HhwVYmcHGxViZ1hfHmByWi0VYmceBl5mY0xccnVlWRcGZH-5MXQAxJxkDVScyCwRZJHJbKQVjYEdcBnVlWUdbOCMEAxViFExdADw+AgoVYmcOClM7OEBKAmA0AR1fPTJMXXZhZ11BAH5iWF4CfmZZXhViZxoOVjElAEoCFmJaWB5jYU8aDWE
Requested by: Host: mentxviewsi.one
URL: https://mentxviewsi.one/dUtZMmsUKTpfVBR2OxQeBydkF1kzbmt0D0RzPgQfQjwxVFMQIT8cCBkkLFYNByQ3RkUbLi0XWTMOFHQpLSoOCz8lMTJiPjAabH9aJxMbZSEAEzVBPDoiCHUqIAktdwE4BgBaWhIcG0YvNA8uRiNEODF7Pk0pClg5BBwMXgg4HzJ9Ph0SaH06BRgYajJHDwgCJS8DHFYjRHNuUwMCCQ92Pg0KGHQ9OwMcUS8Se2B9KTgMAXYcRx8fA1kvEzVoOBIBPlQTQQwBWDpBAzFFPSwmOnosDR0waFodLRFfKQwcMAI9LCY6VykZfjRrWw0oOlw9GRwLUSwvA3QHJi0aGEohDSAdZDgWMhpFOS8BEXgJPhoPWDIwLzpwBSMnDmcPFwQafy40Mw9bLTAzPXMvAm5rcCoSJA9rBhYEGl4mQgQccCA0JhgCKid6P2I/PwYBajEdEWgDKTQDbFs8M38aVAYvEQFaPRwRIV0kIyEcXiowJBp0Bj8qDnBeHxIMCgoxHBwUAQYkN0JWMBE6YCZCei1BOx4PKVkaAw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-60.jfk50.r.cloudfront.net
Software: /
Resource Hash: be7af15300e093583eb1140ed83f2a19100dc11d1dd8d9484e103d8f859ec1ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mentxviewsi.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: gzip
x-amz-cf-pop: JFK50-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 340
via: 1.1 f458ab1245bb4f257969c1da8e708f88.cloudfront.net (CloudFront)
x-amz-cf-id: ssqiJCmnKrgovlwbmHJ50r_PsGtcAX-f2mi8YjMbx6ITktcK0TfHvg==

GET
H2 204 utx Show response
mentxviewsi.one/ 0
491 B 14ms
14ms XHR
text/plain 18.67.65.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsi.one/utx?tid=846710&top=www.tumgir.com&cb=uwMZVRYtFYNt
Requested by: Host: mefagetobri.top
URL: https://mefagetobri.top/b1RKRDcUdjkzaBomJmYNTTw%2BMEccbmVrQBgjZDBCAjMjNhkMOydrRBh6IDcVQ3Y5KVFNbntoFRw5PGYNTWBkdBVDdj4lUDA9LmYNTWx%2BcgBeZGhoFRwhKBteC2ZofhVfbC9xBF9lKGkPDmFyaQMLZHhpVVoxKWkBWjVycQNZMighVll2Nw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-105.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:21 GMT
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: TYW3ULN2cvkpgE3CspjYao_rN3ikLhuQT9eZB6X4yXM78TCWzQahHw==

GET
H2 200 Na3BKa2oIHyQNVR8ZLlZSXkN+W19NGjkEBBtNPDEcOzJ6LR4cB3I9AwVWPhEOVkBsBwsFF3dNDwUTd1pMChQoVl5NBDoEAVYfLRgABgAhGQsdVj8KVwYfMAIGBxFvWSxeXnpOWFtYPQIEDx89GE9ZQCQfT1lAe1tEW1V5KU9ZQD0CBF1Eb1goTkJ6E1xfWW-9ZWgo... Show response
d18g6t7whf8ejf.cloudfront.net/ Frame 647D 594 B
736 B 79ms
78ms Script
text/plain 108.139.38.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/Na3BKa2oIHyQNVR8ZLlZSXkN+W19NGjkEBBtNPDEcOzJ6LR4cB3I9AwVWPhEOVkBsBwsFF3dNDwUTd1pMChQoVl5NBDoEAVYfLRgABgAhGQsdVj8KVwYfMAIGBxFvWSxeXnpOWFtYPQIEDx89GE9ZQCQfT1lAe1tEW1V5KU9ZQD0CBF1Eb1goTkJ6E1xfWW-9ZWgoAOgcPHBUoAAMfVXgtX1hHZFhcTkJ6QwEDBCcHT1kzb1laBxkhDk9ZQC0OCQAfY05YWxMiGQUGFW9ZLFpAfkVaRUV7WlhFQXpaT1lAOQoMCgIjTlgtRXlcRFhGbB5XWg
Requested by: Host: mentxviewsi.one
URL: https://mentxviewsi.one/SjFza0UrUxAGeisMEU0wOF1OTncMFEEtIXsJFF0xfUYbDX0vWxVFJiZeBg8jOF4dH2skVAdOdwx/ElgHAVBBBAwCSCIlExgJKScpEGIrAAtvAzE8dHN/NAEuD3MxHwsadTYICjB7RScXflIxWAxzcAQ9EhpZNiQTIXMAKTI5dzVYIQR1BD4RLgADJgYiYBw9KX9/MS8qD3AlMiMGYxQqBy1wGywUOVUlAX0BZwQyIwdwOiwHMncFPBYyVCsFNQVmNR8cGmA6LgEyCUosAHNrIigULGVCBwQvAAcuEntnRiAQc2siL3UJczVaACgAFAQRIXtFLnQyVyQ8aHNrJAwqC34UCBUCcyYEBAt8FT0dLUUrWi0CazUDJh5aOV0UPXQ3KQYpeSdaLjBTQgckCEkYAwEhCCk6Bnp+MDoELGhDXhwdST4CAhtkNC0Sc2s/LTULVxg9JBhkJVwSJlk1Oh06UCdaKQt+IgQICVY6AREmVgc5HSZSIS0tDVMxXh0dVlUBNiVfA1YzEEcjKXUMRQQcfRxYHQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-60.jfk50.r.cloudfront.net
Software: /
Resource Hash: 3838b0bf215c9265d5f7c322fa4a89d7bd5814e8f75127d4bfc1290b85e3dd26

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mentxviewsi.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: gzip
x-amz-cf-pop: JFK50-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 459
via: 1.1 f458ab1245bb4f257969c1da8e708f88.cloudfront.net (CloudFront)
x-amz-cf-id: 2AEQRfw2ArL5YSTsHuDI3Q4MQiY6obzbFF3LZ-jWQIg0gK4u9GY1EA==

GET
H3 200 asd100.bin Show response
freychang.fun/ 100 KB
101 KB 38ms
29ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5627
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 21 Aug 2022 14:17:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grmK9%2FBj%2FZH%2FZ6UfN85ezzLCdD87EKqK8Qk81zwJAblu%2FX7EoDugtYrCg0%2BtGZRkxc%2BFxuFGcyPAR9dMpA%2Fpc08Z0%2BuCV0cmtXHQb9rxKYeg0bebGpKYEE1Ve8N%2FJtIb2vQUdhRalWDAJ6Th"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.tumgir.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 73e487993cf71a40-EWR
access-control-allow-headers: X-Requested-With, content-type

GET
H3 200 / Show response
freychang.fun/ 26 B
615 B 59ms
50ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d32ffc5ec670efa920e096c1ea4ab37e6f77925211760c33db0d3f13e8ce6c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKYIgxOY%2BhtcCqLmGgSd910LjKFYt4lqRI3FyEIoSZsoGY2DMMF1aabevqyV0aMrfLYbvVecZr4tCKDLT0NwgplToRfCx7xOxJYaUnaM%2BrznSOYMkHSV4q1rJkMtVH4AJZCZi1lOF4O4YPR6"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 73e487994cf91a40-EWR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
mentxviewsi.one/ 0
491 B 16ms
15ms XHR
text/plain 18.67.65.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsi.one/utx?cb=GddbA7mBxSjL&top=www.tumgir.com&tid=921528
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-105.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:21 GMT
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: m_9a9lh3NZtMUX7QqAhFGl8UydpT9YQgoppxMqEUAJVFZG59r7-3fQ==

GET
H2 200 KBMsCBMWOAc2ITIxVQU0EColCTtiEwklFT4sACIVHHohBTQQKiMaSWkQCTU7PhAQNShrNUFRMzhySTFFCRo2EzQJBwcoGy0KKiJFLg8lMUECJSYQIGgYJwcmYxQ9UgkvDwwEHRsRFFsgMgguBzYxISsiEjAkISkZGTspVTYgdyI6Qy4DKQQgagwMU0EJGjUFIA0EP... Show response
mentxviewsi.one/WkJkY3E7IAcOTjt/BkUEKC5ZRkMcZ1YlFTcvHggXPnpWFBAjLEoAHTU3AAUDNSwQTR8/NkFRNysQCA8GDxUTDz8ydlc2CxM1IiQJDCYjCzcDczYEPC0PQVEzGyg+CDsLIQUuGzV7KjcjaAcMVzUbA1ESIQIhPTM1aww9Nh4rDSZXQw8VJVs5M... Frame 985D 3 KB
2 KB 20ms
19ms Document
text/html 18.67.65.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsi.one/WkJkY3E7IAcOTjt/BkUEKC5ZRkMcZ1YlFTcvHggXPnpWFBAjLEoAHTU3AAUDNSwQTR8/NkFRNysQCA8GDxUTDz8ydlc2CxM1IiQJDCYjCzcDczYEPC0PQVEzGyg+CDsLIQUuGzV7KjcjaAcMVzUbA1ESIQIhPTM1aww9Nh4rDSZXQw8VJVs5MAg2B0JiECoyRG0gMjodEgEPGiUJKQEoGBsRKjJBag4lD0IdEQAIOQ52My8LDyEpJh1qClQ1VGgEPCQ/KBMsCBMWOAc2ITIxVQU0EColCTtiEwklFT4sACIVHHohBTQQKiMaSWkQCTU7PhAQNShrNUFRMzhySTFFCRo2EzQJBwcoGy0KKiJFLg8lMUECJSYQIGgYJwcmYxQ9UgkvDwwEHRsRFFsgMgguBzYxISsiEjAkISkZGTspVTYgdyI6Qy4DKQQgagwMU0EJGjUFIA0EPQI2Nic+JUBpI1VWFgIKAFsgNwcCKQtiEC0UJzAjHjkaAnEiUCBoJi8uQwgAQgkCNSwUXiQMNBAAPD4aVCgfCC4sUDw
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-105.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: d898b33a44c46b69466fa27a71b589261bd49bebbab34a7339d3753853cc56b7

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1245
content-type: text/html
date: Sun, 21 Aug 2022 15:51:21 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
x-amz-cf-id: U4uoi6lY0AyY6VNrypyrRtJbXj4v93cEgLK73EmBF1CjxP_pIlkvug==
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront

GET
H2 200 A185VD4pCHgCHQh2EQ Show response
mentxviewsi.one/MUlpTGxQKwohU1B0C2oZQyVUaV53bFsKCFwkEycKVXFbOw1IJ0cvAF48DSoeXicdYgJUPUx+KkQELgIdZw4ZGChwGBAaOWACLSEAYgs/DglrDx4bL2MiXg4pcywuDiplCDgrW3wKWCM+Y30cCAsAHT0IC30RDh40Ui5QKS13LQUYKnQBKgsAV... Frame BBDA 3 KB
2 KB 19ms
19ms Document
text/html 18.67.65.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsi.one/MUlpTGxQKwohU1B0C2oZQyVUaV53bFsKCFwkEycKVXFbOw1IJ0cvAF48DSoeXicdYgJUPUx+KkQELgIdZw4ZGChwGBAaOWACLSEAYgs/DglrDx4bL2MiXg4pcywuDiplCDgrW3wKWCM+Y30cCAsAHT0IC30RDh40Ui5QKS13LQUYKnQBKgsAVA8BFSBQGA0qK2AEXQ4Adw4+DiZXAQUCPGslBhUqcARfCAAJHC4UKmgIKHwJUh8ODTldOV8bBGcYIgQqaAgrHSh+JR4JPl0iPhgbex0sISZUDjwWNWsIHQ0pRhARBDpkCygYXFQPPwkfaB8CBDhnZAUlOEYDPR0GCQo7DVh2Kj8kFmMlAScuXSIgCF93ECgNPWEHHgoKYiJQITtdBCULKEIBPxk2aAwFPy1neTsnPnAfOhteawwoGiJTKj8rLXQIGjUvAQAiGF5oOisaLlUsBScrYxtQPDtGbwM/A185VD4pCHgCHQh2EQ
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-105.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 22df077cd777b61b115b940e49d92812f63c87cd10cc0015feeb8aa569ca57ce

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1210
content-type: text/html
date: Sun, 21 Aug 2022 15:51:21 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
x-amz-cf-id: E1ueYDlJK1gUBSkbAzjpJstvkqH1cVW3G-ZVY5kA4oZE_LRcXvgElw==
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront

GET
H3 200 asd100.bin Show response
freychang.fun/ 100 KB
101 KB 19ms
19ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5627
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 21 Aug 2022 14:17:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuEURC%2FSozDkJEMsQNGZJb4rBW9tqFpIxbXSzMOQKRoI2s1FuT1%2FV14XW5KP9wMTfWOvIYvbrmhEMctNyjktkDdzFDWnUdq6EMpavkpY1Jt4Z%2BOJXLTIkr8h7a4bjTpewKhqTpcjtKFMeDuE"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.tumgir.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 73e487996d461a40-EWR
access-control-allow-headers: X-Requested-With, content-type

GET
H3 200 / Show response
freychang.fun/ 26 B
616 B 25ms
25ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d32ffc5ec670efa920e096c1ea4ab37e6f77925211760c33db0d3f13e8ce6c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7150dQadsjHvKnvXwfKzPx1%2FnJ22A%2FD2QkFXCPRFER2hdxb6x2RaTcq2nwE%2FS8fPsGjDGlcUdWz%2BCNcaE5KtZEdjlW05xBxqqjOROF1kg6W8cIWshJaPlB5cwKsDwmBeukSnIiYNtpYSp9Ki"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 73e487996d4a1a40-EWR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
mentxviewsi.one/ 0
491 B 15ms
15ms XHR
text/plain 18.67.65.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsi.one/utx?cb=VUC47weFx7C9&top=www.tumgir.com&tid=853405
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-105.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:21 GMT
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: 810VcQJ_QdW85xmP_CjtRSuvGOxw1U2_EuOVivODyhZt8LmFMxWXUA==

GET
H3 204 QnFvZlRtTgwVaRA5CxcZCidfNAIlOzsuEg0pCCwSIRolPBUHIEkSPSZMVlRld0NXQCQrFVJXcjEFDhIhMUxeQD0sFwBbcjRMXkhndl9dXnpyVxpbZWQFHwczf0BJFiA2HVJXYnRAX19jckleUWxx
yrecomemu.one/ 0
466 B 67ms
22ms Image
text/plain 2606:4700:3033::6815:5a6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yrecomemu.one/QnFvZlRtTgwVaRA5CxcZCidfNAIlOzsuEg0pCCwSIRolPBUHIEkSPSZMVlRld0NXQCQrFVJXcjEFDhIhMUxeQD0sFwBbcjRMXkhndl9dXnpyVxpbZWQFHwczf0BJFiA2HVJXYnRAX19jckleUWxx
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5a6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkIDqQsRbopJgERJpMp6hSAqkaf%2F60ObEeLf22B0%2Fs637cdPNxityWTJK7Ton9A3qFhI70IU2WnLG7u2KUvv13mwO3aJ3O%2FUI2W6GmiIUrgyeNN9Yy4g8QBEaEbN1QlytqPkNSp1GkLZkswo"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 73e48799bb401875-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 102ms
63ms Image
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 98ms
69ms Image
text/html 2607:f8b0:4006:81d::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::200d Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 100ms
72ms Image
text/html 2607:f8b0:4006:81d::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::200d Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 204 RzlVRHFoBjY3TBVVOTcmLWNkJjdySBcMPzNvAgk+I34lIRMgeHMwGCMEbXFCcwljYgEuXWh1SWFKISUFMkpodVcuVzMrTGFPaHVfdxdkakNhTGh1VzNJNCNMdh8lMAUrBGRyR3YJbHNBfwhtdEg
yrecomemu.one/ 0
503 B 64ms
21ms Image
text/plain 2606:4700:3033::6815:5a6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yrecomemu.one/RzlVRHFoBjY3TBVVOTcmLWNkJjdySBcMPzNvAgk+I34lIRMgeHMwGCMEbXFCcwljYgEuXWh1SWFKISUFMkpodVcuVzMrTGFPaHVfdxdkakNhTGh1VzNJNCNMdh8lMAUrBGRyR3YJbHNBfwhtdEg
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5a6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhYjns3lFQReNbPN6q9R3LfWsZSTpUp1LKdMbrZ48%2FXoUCKzvIn4a6gVu1FBo2BT5wmuOseaKXYtpeGBjMvzx4yhdvXgOhdFooUxab2r%2FQlSg6IdbjVxht9GI5WdlDBQgXLtwKb8OVqCo4FR"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 73e48799bb3f1875-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 XGNrQHkbLzcUPhs1fEJhAjJ8QmFddndAdF8EfEJhGy83RmVJdRtVY1w+b0-R4SXRpESEcKjwHNA4tMAR0XgBsQ2ZCdW9VY1xuMhglASp8QhJJdGkcOAcjfEJhCyM6Gz5FY2tAMgQ0Nh00SXQfQWFYaGleZF13a15gXHd8QmEfJz8RIwVjazZkX3F3Q2dKM2RB Show response
dmmzkfd82wayn.cloudfront.net/qRllwUWwlNh43UzIwFGxVdGhFY1RgMwM+AjZkJQcaMjo9NTR2Eh4DAA5qPXcYPD1NYUoqOB42UWA8HjJRd38RNQ57bVYlHCkyTSkeKiASNQ00LAl3GSdkHT4WLzUcMEl0H0V/ Frame 985D 964 B
944 B 75ms
75ms Script
text/plain 2600:9000:2162:fa00:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/qRllwUWwlNh43UzIwFGxVdGhFY1RgMwM+AjZkJQcaMjo9NTR2Eh4DAA5qPXcYPD1NYUoqOB42UWA8HjJRd38RNQ57bVYlHCkyTSkeKiASNQ00LAl3GSdkHT4WLzUcMEl0H0V/XGNrQHkbLzcUPhs1fEJhAjJ8QmFddndAdF8EfEJhGy83RmVJdRtVY1w+b0-R4SXRpESEcKjwHNA4tMAR0XgBsQ2ZCdW9VY1xuMhglASp8QhJJdGkcOAcjfEJhCyM6Gz5FY2tAMgQ0Nh00SXQfQWFYaGleZF13a15gXHd8QmEfJz8RIwVjazZkX3F3Q2dKM2RB
Requested by: Host: mentxviewsi.one
URL: https://mentxviewsi.one/WkJkY3E7IAcOTjt/BkUEKC5ZRkMcZ1YlFTcvHggXPnpWFBAjLEoAHTU3AAUDNSwQTR8/NkFRNysQCA8GDxUTDz8ydlc2CxM1IiQJDCYjCzcDczYEPC0PQVEzGyg+CDsLIQUuGzV7KjcjaAcMVzUbA1ESIQIhPTM1aww9Nh4rDSZXQw8VJVs5MAg2B0JiECoyRG0gMjodEgEPGiUJKQEoGBsRKjJBag4lD0IdEQAIOQ52My8LDyEpJh1qClQ1VGgEPCQ/KBMsCBMWOAc2ITIxVQU0EColCTtiEwklFT4sACIVHHohBTQQKiMaSWkQCTU7PhAQNShrNUFRMzhySTFFCRo2EzQJBwcoGy0KKiJFLg8lMUECJSYQIGgYJwcmYxQ9UgkvDwwEHRsRFFsgMgguBzYxISsiEjAkISkZGTspVTYgdyI6Qy4DKQQgagwMU0EJGjUFIA0EPQI2Nic+JUBpI1VWFgIKAFsgNwcCKQtiEC0UJzAjHjkaAnEiUCBoJi8uQwgAQgkCNSwUXiQMNBAAPD4aVCgfCC4sUDw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:fa00:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 74c51ea6927b2e8faa1344b333813100429b6a67b7a78b8b0fef669998312ee5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mentxviewsi.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: gzip
x-amz-cf-pop: EWR52-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 668
via: 1.1 13eb5c0e05c1c43ed344f7e14dcf0a00.cloudfront.net (CloudFront)
x-amz-cf-id: ZmTdx3txvr7AffQhqebNHgYyUUorj_KtWCyi6n_sUDDBBEyADTxWig==

GET
H2 200 uMGNqVGpTDAQyVUQKDmlSBVBeZFwWCRk7BEBeGBFTAQg7MC1oRR4uDg1TTDgLXgRXcg9eAFdlTFEHCGleFhYLaQdfGQM4BlFGWBJfHlNPZloYFAM6Dl8UGXFYAA0ecVgAUlp6WhVQKHFYABQDOlwERlkWTwJTEmJeGUZYZAtAEwYxHVUBAT0eFVEsYVkHTV-liTwJ... Show response
dmmzkfd82wayn.cloudfront.net/ Frame BBDA 189 B
457 B 76ms
76ms Script
text/plain 2600:9000:2162:fa00:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/uMGNqVGpTDAQyVUQKDmlSBVBeZFwWCRk7BEBeGBFTAQg7MC1oRR4uDg1TTDgLXgRXcg9eAFdlTFEHCGleFhYLaQdfGQM4BlFGWBJfHlNPZloYFAM6Dl8UGXFYAA0ecVgAUlp6WhVQKHFYABQDOlwERlkWTwJTEmJeGUZYZAtAEwYxHVUBAT0eFVEsYVkHTV-liTwJTQj8CRA4GcVhzRlhkBlkID3FYAAQPNwFfSk9mWlMLGDsHVUZYElsAV0RkRAVSW2ZEAVNbcVgAEAsyC0IKT2YsBVBdelkGRR9pWw
Requested by: Host: mentxviewsi.one
URL: https://mentxviewsi.one/MUlpTGxQKwohU1B0C2oZQyVUaV53bFsKCFwkEycKVXFbOw1IJ0cvAF48DSoeXicdYgJUPUx+KkQELgIdZw4ZGChwGBAaOWACLSEAYgs/DglrDx4bL2MiXg4pcywuDiplCDgrW3wKWCM+Y30cCAsAHT0IC30RDh40Ui5QKS13LQUYKnQBKgsAVA8BFSBQGA0qK2AEXQ4Adw4+DiZXAQUCPGslBhUqcARfCAAJHC4UKmgIKHwJUh8ODTldOV8bBGcYIgQqaAgrHSh+JR4JPl0iPhgbex0sISZUDjwWNWsIHQ0pRhARBDpkCygYXFQPPwkfaB8CBDhnZAUlOEYDPR0GCQo7DVh2Kj8kFmMlAScuXSIgCF93ECgNPWEHHgoKYiJQITtdBCULKEIBPxk2aAwFPy1neTsnPnAfOhteawwoGiJTKj8rLXQIGjUvAQAiGF5oOisaLlUsBScrYxtQPDtGbwM/A185VD4pCHgCHQh2EQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:fa00:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2da0990f652b1a9d1d05bf82bbeac7260b913727c05f463bbf644221bef87704

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mentxviewsi.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: gzip
x-amz-cf-pop: EWR52-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 182
via: 1.1 13eb5c0e05c1c43ed344f7e14dcf0a00.cloudfront.net (CloudFront)
x-amz-cf-id: TKTGoSd8Oko0sH4kuq4nj3Nu1p_07fnbrjlbPTcd9_Xb53wNp95RpA==

POST
H2 200 / Show response
fortdaukthw.hair/ 0
37 B 54ms
18ms XHR
text/plain 107.22.28.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fortdaukthw.hair/
Requested by: Host: mefagetobri.top
URL: https://mefagetobri.top/b1RKRDcUdjkzaBomJmYNTTw%2BMEccbmVrQBgjZDBCAjMjNhkMOydrRBh6IDcVQ3Y5KVFNbntoFRw5PGYNTWBkdBVDdj4lUDA9LmYNTWx%2BcgBeZGhoFRwhKBteC2ZofhVfbC9xBF9lKGkPDmFyaQMLZHhpVVoxKWkBWjVycQNZMighVll2Nw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-28-167.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
content-length: 0

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-6103d59079bcdcec/ 1 KB
680 B 23ms
14ms Script
application/javascript 23.208.216.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-6103d59079bcdcec/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-208-216-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e552184493eea74a53b11e52b6e6eec9c35d90cece6592d9bdf6cf1090ad8c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
etag: 706338575--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=29, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 504

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 146 B
2 KB 181ms
152ms Script
application/javascript 23.208.216.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=630254796e867746&bkl=0&bl=1&pdt=85&sid=630254796e867746&pub=ra-6103d59079bcdcec&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tumgir.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1661097082027&jsl=1&uvs=630254796335971c000&skipb=1&callback=addthis.cbs.jsonp__268114898922982240
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-208-216-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5bb2ca68bf5d0ae16920c5a6a4c44fd41d3603ca272f620171c8abc3b24c32e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:22 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
p3p: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
content-length: 146
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 736F 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 6B33 71 KB
26 KB 32ms
31ms Document
text/html 23.208.216.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Sun, 21 Aug 2022 15:51:22 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-check-cacheable: YES
x-host: s7.addthis.com

GET
H2

200

connatix.player.js Show response
cds.connatix.com/p/176637/ Frame DFD3
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
https://cds.connatix.com/p/176637/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

994 KB
226 KB

23ms
15ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/176637/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c1a03dcb34894a8067ae472eb63877683bbff30cdb910709520ff6f85f4ec47a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: br
last-modified: Thu, 18 Aug 2022 12:36:34 GMT
age: 269202
etag: "e8fc1a45fc8b9aa5d410f2eeec67e5b4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 231028

Redirect headers

location: https://cds.connatix.com/p/176637/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
date: Sun, 21 Aug 2022 15:51:22 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 14ms
14ms Script
application/javascript 23.208.216.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 21 Aug 2022 15:51:22 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77651

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
255 B 186ms
159ms XHR
application/json 23.208.216.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tumgir.com%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.tumgir.com/
last-modified: Sun, 21 Aug 2022 15:00:00 GMT
server: nginx/1.15.8
date: Sun, 21 Aug 2022 15:51:22 GMT
content-type: application/json
access-control-allow-origin: https://www.tumgir.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
285 B 199ms
173ms Script
application/json 23.208.216.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tumgir.com%2F&callback=_ate.cbs.rcb_g6dv0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

309e5f6a300239d1c4b41c4bf72f031b423dbda65b672bc6d9df1bb8d9d5c5f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.tumgir.com/
last-modified: Sun, 21 Aug 2022 15:51:22 GMT
server: nginx/1.15.8
date: Sun, 21 Aug 2022 15:51:22 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
285 B 184ms
158ms Script
application/json 23.208.216.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tumgir.com%2F&callback=_ate.cbs.rcb_e8wn0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

18ef911a16c0c3a1b155f64aeb54bb024179cd9e9f89a02189fcc22b01f9df8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.tumgir.com/
last-modified: Sun, 21 Aug 2022 15:51:22 GMT
server: nginx/1.15.8
date: Sun, 21 Aug 2022 15:51:22 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 si
capi.connatix.com/tr/ 0
67 B 44ms
36ms Image
application/json 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=4774eef9-309c-40d8-8dc1-bf70e43e9987&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400
content-type: application/json

GET
H2 200 hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/176637/ Frame DFD3 0
47 KB 6ms
5ms Other
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/176637/hls.5b3b785f487abbe00eee.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: br
last-modified: Thu, 18 Aug 2022 12:36:34 GMT
age: 269202
etag: "182f65d040bfb9544bd8f71472475672"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48258

GET
H2 200 player.css
cds.connatix.com/p/176637/ 58 KB
9 KB 7ms
5ms Stylesheet
text/css 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/176637/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cc0005c5883dbcdc7475381bb02e9c093db0976016214a100c51580b2a5b2f5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: br
last-modified: Thu, 18 Aug 2022 12:36:34 GMT
age: 269202
etag: "aa9caf299ffcc907e55aa066f9bbdd88"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 9011

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame DFD3 45 KB
22 KB 105ms
105ms XHR
application/x-protobuf 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=176637&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a93845026a8b911fa3fd0a42066cc2ede91af9e668185ea5df7256d7093c3dd1

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-max-age: 86400
access-control-allow-credentials: true
accept-ranges: bytes

GET
H3 200 popunder.gif
yrecomemu.one/ 35 B
592 B 22ms
22ms Image
image/gif 2606:4700:3033::6815:5a6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yrecomemu.one/popunder.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5a6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: public
date: Sun, 21 Aug 2022 15:51:22 GMT
cf-cache-status: HIT
last-modified: Sat, 20 Aug 2022 01:16:20 GMT
server: cloudflare
age: 138902
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPgMrtci9ydt%2BUls93oKZB7YiDcdDnSXJhzPvhjlmJz8q4Fon%2F%2BlHsQxipcB14Dy8UsbnXeBezclXJWBWZpUY7G9RLxwTLc40rz3fUMqK1Bi7DF1%2BQNHtw4VGauQqFfDmTOvAI2nO9%2BQTb%2Bz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73e4879c9f981875-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 multi Show response
mentxviewsi.one/ 3 KB
2 KB 21ms
20ms XHR
text/plain 18.67.65.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsi.one/multi?cs=bFBYaWtbaWpdW15obV5ZVGZpWV4&abt=0&red=1&sm=76&k=tumblr%20tumgir&v=1.0.59.0&sts=2&prn=0&emb=0&tid=853405&u=140449844586706&agec=1661097081&fs=1&mbkb=684.9315068493152&ref=https%3A%2F%2Fwww.tumgir.com%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F104.0.5112.101%20safari%2F537.36&tzd=0&uloc=&if=0&_fOEA=1661097082356&crc=1
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-105.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 3279b7b9a9795ea12f9fafade372facbad64e5edd92b44535f51f46a28533147

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: text/plain
content-length: 1441
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
x-amz-cf-id: 6V2joo_8b9CyLIcuObxNR4pbPo9j5UOt9478_q_fkoCn6STNovChzg==

POST
H3 204 UFl7RHZYVX9Ed1lbfEB0Rxk7ESVcXG0ANhUBdkF0V1x7SXVRVXlDd1Y
yrecomemu.one/cEJhbUtffQIedj8KLykfNzEsPng6czkKcjYmOVwpMxc7Xy82D0cZIhR/WVh5SXVVSzsZJlxeeVYxFQw/BTFcX3tAdUcEJRYtXF9tBn9RQ3Nee09dbQV/ 0
468 B 30ms
29ms Ping
text/plain 2606:4700:3033::6815:5a6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yrecomemu.one/cEJhbUtffQIedj8KLykfNzEsPng6czkKcjYmOVwpMxc7Xy82D0cZIhR/WVh5SXVVSzsZJlxeeVYxFQw/BTFcX3tAdUcEJRYtXF9tBn9RQ3Nee09dbQV/UFl7RHZYVX9Ed1lbfEB0Rxk7ESVcXG0ANhUBdkF0V1x7SXVRVXlDd1Y
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5a6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vg0%2F9dpGbL7TXEUsvniFnMfKjCvzZPntRBSjVaN2r07JEurGlmxYPkOYK7Qms2MvJBb4blHBpFMPfraM%2F7GMJSCwTOPYYodwzvZNkZgON8XaqcOpMLIQK4sepaZxKvZahHyzz7iYfRtr9sih"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 73e4879ccfd51875-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 floater Show response
mentxviewsi.one/ 2 KB
2 KB 157ms
157ms XHR
text/plain 18.67.65.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsi.one/floater?cs=YlFHc3JWaXZKR1VncUJCU2RyS0o&abt=0&red=1&sm=83&k=tumblr%20tumgir&v=0.8.9.0&sts=0&prn=0&emb=0&tid=852974&u=140449844586706&agec=1661097081&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=684.9315068493152&ref=https%3A%2F%2Fwww.tumgir.com%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F104.0.5112.101%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td1_oi1_&_jEe7=1661097082357&crc=1
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-105.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: a24a9e05b2f5966aa60b190d95a60fb79ff3511d0d3272e76e75ed4c47b164b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: text/plain
content-length: 1072
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
x-amz-cf-id: QKBCPhwFIFys1eJdcDqtQ2R_jHhX8tz1c3HQtc7421Oqm5z4aOd5qQ==

GET
H2 200 insights.bin Show response
ins.connatix.com/c5112af1abfe0587ddf93309349ef99a/ Frame DFD3 36 B
292 B 25ms
5ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/c5112af1abfe0587ddf93309349ef99a/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b92cb6b44cf533b7e5ffc29b4e542b12a3f6c12c106dac6a8884a574214c947f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
last-modified: Mon, 28 Mar 2022 15:32:44 GMT
age: 1931721
etag: "bb779e99d9ab70cbc408a7c2616a8eb3"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 56

POST
H/1.1 200
OK sr Show response
capi-tier-1-us-east-2.connatix.com/tr/ Frame DFD3 0
315 B 101ms
22ms XHR
application/x-protobuf 18.219.101.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/tr/sr?v=176637&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.101.159 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-101-159.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 59ms
26ms Script
text/javascript 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

sffe /

Resource Hash

20519e8498a0507083087292e936e266c09e9aac9d841e0fce4fbed2005a450c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28553
x-xss-protection: 0
server: sffe
etag: "1309 / 161 of 1000 / last-modified: 1660946906"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 21 Aug 2022 15:51:22 GMT

GET
H2 200 2_media.bin Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/bc7a5287-df16-4d04-a671-a6f4d15c6d8d/ Frame DFD3 291 B
345 B 39ms
30ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/bc7a5287-df16-4d04-a671-a6f4d15c6d8d/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cd92bcc42aaf695a0b9039f42d742cace6c0c22950f65435f8fec807064cfa68

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 01:47:31 GMT
age: 87892
etag: "bc38b396c13c372e1c7957a01fd2562e"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 255

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame DFD3 375 KB
125 KB 69ms
29ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f9de60a4a40041bcdd773e2c469628982e863dceb6fafa771a72cb6b8ad2d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127726
x-xss-protection: 0
expires: Sun, 21 Aug 2022 15:51:22 GMT

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1
https://cks.connatix.com/cks?pid=19&uid=746babed-4f73-4fa2-8341-ec7719d85087&ttl=1663689082

146 B
180 B

7ms
6ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=19&uid=746babed-4f73-4fa2-8341-ec7719d85087&ttl=1663689082
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4c3b6b73bfbc57ac0c2cfdc7f46555b6fb3414ebbec255ea903ab340140f3dcc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 146
retry-after: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cks.connatix.com/cks?pid=19&uid=746babed-4f73-4fa2-8341-ec7719d85087&ttl=1663689082
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 213

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3d3b9f95f57f894860a638d4414d639185%26pname%3dAppNexus%26api-tier%3d1%26uid%3d%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcks.connatix.com%252fcks%253fpid%253d6%2526ev%253d3b9f95f57f894860a638d4414d639185%2526pname%253dAppNexus%2526api-tier%253d1%2526uid%...
https://cks.connatix.com/cks?pid=6&ev=3b9f95f57f894860a638d4414d639185&pname=AppNexus&api-tier=1&uid=1266831714425546473

128 B
162 B

5ms
5ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=6&ev=3b9f95f57f894860a638d4414d639185&pname=AppNexus&api-tier=1&uid=1266831714425546473
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8a9b940884069f6cc41dfe1b2434049577e18f3efe30b2fa5bb6cfa47bacc6ca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 128
retry-after: 0

Redirect headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 15:51:22 GMT
X-Proxy-Origin: 5.181.234.134; 5.181.234.134; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 68aa7577-7257-44a6-a40e-3faa68343fda
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cks.connatix.com/cks?pid=6&ev=3b9f95f57f894860a638d4414d639185&pname=AppNexus&api-tier=1&uid=1266831714425546473
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0DC2
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

281 B
573 B

45ms
5ms

Document
text/html

23.1.200.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-1-200-83.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Aug 2022 15:51:22 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 21 Aug 2022 15:51:22 GMT
location: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
server: AkamaiGHost

GET
H2 200 userSync.js Show response
ads.pubmatic.com/AdServer/js/ Frame DFD3 7 KB
3 KB 44ms
6ms Script
text/javascript 23.41.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-168-202.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:14 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300709-1af3-5c4c7cca9e573"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=81676
accept-ranges: bytes
content-type: text/javascript
content-length: 2267
expires: Mon, 22 Aug 2022 14:32:38 GMT

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://i.ctnsnet.com/int/cm?exc=24&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d28%26ev%3d3b9f95f57f894860a638d4414d639185%26pname%3dCrimtan%26api-tier%3d1%26uid%3d%5Buser_id%5D
https://cks.connatix.com/cks?pid=28&ev=3b9f95f57f894860a638d4414d639185&pname=Crimtan&api-tier=1&uid=0db6d3ac3669468f996bffb8d9e8029e

142 B
203 B

19ms
5ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=28&ev=3b9f95f57f894860a638d4414d639185&pname=Crimtan&api-tier=1&uid=0db6d3ac3669468f996bffb8d9e8029e
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6403aadb91a7f37f16e4e3d0c46180d0e651620b96c468009c2de771e777b790

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 142
retry-after: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:22 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cks.connatix.com/cks?pid=28&ev=3b9f95f57f894860a638d4414d639185&pname=Crimtan&api-tier=1&uid=0db6d3ac3669468f996bffb8d9e8029e
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

1000.gif Show response
id.rlcdn.com/
Redirect Chain

https://id.rlcdn.com/712202.gif?cparams=3b9f95f57f894860a638d4414d639185
https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCPqoiZgGEgUI6AcQAEIASiAzYjlmOTVmNTdmODk0ODYwYTYzOGQ0NDE0ZDYzOTE4NQ

42 B
60 B

46ms
33ms

Script
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCPqoiZgGEgUI6AcQAEIASiAzYjlmOTVmNTdmODk0ODYwYTYzOGQ0NDE0ZDYzOTE4NQ
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 15:51:22 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Sun, 21 Aug 2022 15:51:22 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCPqoiZgGEgUI6AcQAEIASiAzYjlmOTVmNTdmODk0ODYwYTYzOGQ0NDE0ZDYzOTE4NQ
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

qmap Show response
sync.crwdcntrl.net/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3d3b9f95f57f894860a638d4414d639185%26pname%3dCentro%26api-tier%3d1%26uid%3d{userId}
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3d3b9f95f57f894860a638d4414d639185%26pname%3dCentro%26api-tier%3d1%26uid%3...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2...

49 B
740 B

55ms
54ms

Script
image/gif

3.223.247.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D3b9f95f57f894860a638d4414d639185%2526pname%253DCentro%2526api-tier%253D1%2526uid%253D376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553&ct=y
Protocol: H2
Server: 3.223.247.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-247-87.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2e977bdccc768f21f5e6e93aa077f55edb9a01c32429d8ac18752fd59fe30f1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.10.91
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D3b9f95f57f894860a638d4414d639185%2526pname%253DCentro%2526api-tier%253D1%2526uid%253D376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553&ct=y
cache-control: no-cache
x-server: 10.40.40.18
content-length: 0
expires: 0

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d3b9f95f57f894860a638d4414d639185%26pname%3dSpotX%26api-tier%3d1%26uid%3d%24SPOTX...
https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d3b9f95f57f894860a638d4414d639185%26pname%3dSpotX%26api-tier%3d1%26uid%3d%24SPOTX...
https://cks.connatix.com/cks?pid=10&ev=3b9f95f57f894860a638d4414d639185&pname=SpotX&api-tier=1&uid=1afa49fa-2169-11ed-a381-1d8d9dd30203

146 B
180 B

5ms
5ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=10&ev=3b9f95f57f894860a638d4414d639185&pname=SpotX&api-tier=1&uid=1afa49fa-2169-11ed-a381-1d8d9dd30203
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c2b9c8ee26aa829768c7f4b9120599222fd6a5a4035e809f8b112f7a9dbf0a4d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 146
retry-after: 0

Redirect headers

date: Sun, 21 Aug 2022 15:51:22 GMT
location: https://cks.connatix.com/cks?pid=10&ev=3b9f95f57f894860a638d4414d639185&pname=SpotX&api-tier=1&uid=1afa49fa-2169-11ed-a381-1d8d9dd30203
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: false
x-fe: 192
content-length: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 27ms
7ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumgir.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 192404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 10:24:38 GMT

GET
H2 200 hls.5b3b785f487abbe00eee.js Show response
cds.connatix.com/p/176637/ Frame DFD3 162 KB
47 KB 10ms
6ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/176637/hls.5b3b785f487abbe00eee.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: br
last-modified: Thu, 18 Aug 2022 12:36:34 GMT
age: 269203
etag: "182f65d040bfb9544bd8f71472475672"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48258

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 21ms
5ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumgir.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 19:32:04 GMT
x-content-type-options: nosniff
age: 332358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 19:32:04 GMT

GET
H3 200 pubads_impl_2022081801.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
131 KB 18ms
6ms Script
text/javascript 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

sffe /

Resource Hash

c921b4351a1ae90dcc7a30a01fbc1e169d57e9f4451d55a840438fb13e7c1cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 11:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133681
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 08:36:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 18 Aug 2023 11:31:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 232 B
158 B 31ms
19ms XHR
application/json 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.tumgir.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

cafe /

Resource Hash

a28530fa36dd40eff2e8c7ac146a26b181eb38a5604119ffb6acfedba1ca12f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
expires: Sun, 21 Aug 2022 15:51:22 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0DC2 31 KB
10 KB 6ms
5ms Script
text/html 23.1.200.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-1-200-83.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: cc10095e0db77f6b464cc575b7a0479b45d6c7f1c7a93d856173356b2acae02b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 15:51:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Aug 2022 13:55:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=10121
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9443
Expires: Sun, 21 Aug 2022 18:40:03 GMT

GET
H3 200 bridge3.525.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame CBAA 635 KB
205 KB 19ms
6ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.525.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d47d16bf34e4c557ae13192bf351083ee15c9bed72a139fb1e14272d7b391230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 304694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210284
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 03:13:08 GMT
expires: Fri, 18 Aug 2023 03:13:08 GMT
last-modified: Mon, 15 Aug 2022 15:50:27 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame DFD3 44 KB
17 KB 87ms
37ms Script
text/javascript 2607:f8b0:4006:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Aug 2022 15:51:22 GMT

GET
H3 200 bridge3.525.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D49C 635 KB
205 KB 9ms
6ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.525.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d47d16bf34e4c557ae13192bf351083ee15c9bed72a139fb1e14272d7b391230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 304694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210284
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 03:13:08 GMT
expires: Fri, 18 Aug 2023 03:13:08 GMT
last-modified: Mon, 15 Aug 2022 15:50:27 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.525.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7845 635 KB
205 KB 7ms
5ms Document
text/html 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.525.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d47d16bf34e4c557ae13192bf351083ee15c9bed72a139fb1e14272d7b391230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 304694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210284
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 03:13:08 GMT
expires: Fri, 18 Aug 2023 03:13:08 GMT
last-modified: Mon, 15 Aug 2022 15:50:27 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7E19 15 KB
6 KB 12ms
8ms Document
text/html 23.41.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-1-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D3b9f95f57f894860a638d4414d639185%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=75329
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 21 Aug 2022 15:51:22 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Mon, 22 Aug 2022 12:46:51 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

POST
H/1.1 200
OK us Show response
capi-tier-1-us-east-2.connatix.com/core/ Frame DFD3 0
315 B 94ms
23ms XHR
application/x-protobuf 18.219.101.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/core/us?v=176637
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.101.159 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-101-159.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 46EB 37 KB
13 KB 37ms
5ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b625b3191eea0929d0f20fffd7ea8199fd3f80407b0738dabeab289f49a4522c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12926
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 21:40:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 21 Aug 2022 16:00:03 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A50D 37 KB
13 KB 27ms
7ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b625b3191eea0929d0f20fffd7ea8199fd3f80407b0738dabeab289f49a4522c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12926
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 21:40:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 21 Aug 2022 16:00:03 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B79C 37 KB
13 KB 11ms
9ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b625b3191eea0929d0f20fffd7ea8199fd3f80407b0738dabeab289f49a4522c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12926
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 21:40:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 21 Aug 2022 16:00:03 GMT

POST
H/1.1 200
OK g Show response
capi-tier-1-us-east-2.connatix.com/rtb/ Frame DFD3 3 KB
2 KB 1243ms
1220ms XHR
application/x-protobuf 18.219.101.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=176637&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.101.159 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-101-159.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: ce2d42c5d207c3c441832873dd3d6fae23b443a79c9851038f8ec5d800bc2e2d

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2164

GET
H2 200 1_th.jpg
img.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/bc7a5287-df16-4d04-a671-a6f4d15c6d8d/ 10 KB
10 KB 15ms
6ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/bc7a5287-df16-4d04-a671-a6f4d15c6d8d/1_th.jpg?crop=522:293,smart&width=522&height=293&format=jpeg&quality=60&fit=crop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e1f74cf83593e7f4d466e1f98e819502ff983b2a3dbaf6a0954ff7944f760735

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: br
age: 156203
etag: "85hjnMCnpKduB8iSXhpPXJpcZn9+kFWr1jad7KKC+XI"
access-control-max-age: 86400
fastly-io-info: ifsz=72821 idim=2560x1440 ifmt=jpeg ofsz=10644 odim=522x293 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 10197

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0DC2 284 B
921 B 100ms
12ms Image
image/jpg 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
Content-Type: image/jpg

POST
H/1.1 200
OK us Show response
capi-tier-1-us-east-2.connatix.com/core/ Frame DFD3 0
315 B 25ms
24ms XHR
application/x-protobuf 18.219.101.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/core/us?v=176637
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.101.159 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-101-159.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 21 Aug 2022 15:51:21 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK us Show response
capi-tier-1-us-east-2.connatix.com/core/ Frame DFD3 0
315 B 47ms
23ms XHR
application/x-protobuf 18.219.101.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/core/us?v=176637
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.101.159 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-101-159.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7E19 0
42 B 65ms
11ms Script
text/plain 8.28.7.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89264147&p=156592&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-1-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D3b9f95f57f894860a638d4414d639185%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-length: 0

GET
H2 200 playlist.m3u8 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/bc7a5287-df16-4d04-a671-a6f4d15c6d8d/ Frame DFD3 309 B
271 B 6ms
5ms XHR
application/x-mpegurl 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/bc7a5287-df16-4d04-a671-a6f4d15c6d8d/playlist.m3u8
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/176637/hls.5b3b785f487abbe00eee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:23 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 01:47:31 GMT
age: 100104
etag: "8a966507b13615ecdc1330a4bc9dcfe1"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 164

GET
H2

200

us
capi.connatix.com/core/ Frame 0DC2
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&khaos=L73IBC3Q-X-D21V
https://ck.connatix.com/cks?pid=11&uid=L73IBC3Q-X-D21V
https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L73IBC3Q-X-D21V&UserId=

0
28 B

41ms
39ms

Image
application/json

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L73IBC3Q-X-D21V&UserId=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:23 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400
content-type: application/json

Redirect headers

date: Sun, 21 Aug 2022 15:51:23 GMT
location: https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L73IBC3Q-X-D21V&UserId=
access-control-max-age: 86400
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
retry-after: 0

POST
H/1.1 200
OK us Show response
capi-tier-1-us-east-2.connatix.com/core/ Frame DFD3 0
315 B 23ms
23ms XHR
application/x-protobuf 18.219.101.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/core/us?v=176637
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.101.159 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-101-159.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 0.m3u8 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/bc7a5287-df16-4d04-a671-a6f4d15c6d8d/ Frame DFD3 663 B
353 B 16ms
15ms XHR
application/x-mpegurl 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/bc7a5287-df16-4d04-a671-a6f4d15c6d8d/0.m3u8
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/176637/hls.5b3b785f487abbe00eee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a0d6fedd28ad3612294a289c7eea843c6b3ed2e8ef9419120d9f1207545c3a6c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:23 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 01:47:30 GMT
age: 100103
etag: "509ef00cca8ba3b7f15f70294abb4826"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 263

GET
H2 206 0.mp4 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/bc7a5287-df16-4d04-a671-a6f4d15c6d8d/ Frame DFD3 1 KB
1 KB 12ms
12ms XHR
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/bc7a5287-df16-4d04-a671-a6f4d15c6d8d/0.mp4
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/176637/hls.5b3b785f487abbe00eee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2fc148459e9f9e487fe5b7b0fe302e7b34b5e2f90e54dba751e2baef278d67a2

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=0-1361

Response headers

date: Sun, 21 Aug 2022 15:51:23 GMT
last-modified: Wed, 28 Jul 2021 01:47:30 GMT
age: 100033
etag: "b761f9d83070c435431fe4834b4ed7f8"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1361/4939809
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1362

GET
H2 206 0.mp4 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/bc7a5287-df16-4d04-a671-a6f4d15c6d8d/ Frame DFD3 629 KB
630 KB 14ms
13ms XHR
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/bc7a5287-df16-4d04-a671-a6f4d15c6d8d/0.mp4
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/176637/hls.5b3b785f487abbe00eee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4831f49a191bbb178bc111146c904e52dc48848a668c5bd2f170a983fe1c0384

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=1362-645896

Response headers

date: Sun, 21 Aug 2022 15:51:23 GMT
last-modified: Wed, 28 Jul 2021 01:47:30 GMT
age: 100033
etag: "b761f9d83070c435431fe4834b4ed7f8"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 1362-645896/4939809
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 644535

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0DC2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM9__4SiUUXlMTPUMc0SBwE&google_cver=1

42 B
678 B

13ms
13ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM9__4SiUUXlMTPUMc0SBwE&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 5c765cf7d1bd0738e8bf9e7ecb99ef6d
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM9__4SiUUXlMTPUMc0SBwE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0DC2
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=X2d_wju4TVS5HJ3xa57svg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=X2d_wju4TVS5HJ3xa57svg

43 B
556 B

93ms
92ms

Image
image/gif

52.95.115.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=X2d_wju4TVS5HJ3xa57svg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Protocol

HTTP/1.1

Server

52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 15:51:23 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HDECSFH9RSB00EG6RKJQ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=X2d_wju4TVS5HJ3xa57svg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5c765cf7d1bd0738e8bf9e7ecb99ef6d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0DC2
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/1QpFAsZ1sfZ-TgCh3WHumw?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6746711320875412105

42 B
678 B

13ms
12ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6746711320875412105
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 5c765cf7d1bd0738e8bf9e7ecb99ef6d
Content-Type: image/gif

Redirect headers

date: Sun, 21 Aug 2022 15:51:23 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6746711320875412105
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0DC2
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3fNhL6bhTKuWBCxIR0yB1g&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3fNhL6bhTKuWBCxIR0yB1g

43 B
556 B

18ms
17ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3fNhL6bhTKuWBCxIR0yB1g

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 15:51:23 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QRE4WZRCSKMK7DHSK6GP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3fNhL6bhTKuWBCxIR0yB1g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5c765cf7d1bd0738e8bf9e7ecb99ef6d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DC2
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDczSUJDM1EtWC1EMjFW
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDczSUJDM1EtWC1EMjFW&google_tc=

170 B
188 B

40ms
23ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDczSUJDM1EtWC1EMjFW&google_tc=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Protocol

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDczSUJDM1EtWC1EMjFW&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0DC2
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=746babed-4f73-4fa2-8341-ec7719d85087&gdpr=0&gdpr_consent=&expires=30

42 B
678 B

73ms
15ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=746babed-4f73-4fa2-8341-ec7719d85087&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 5c765cf7d1bd0738e8bf9e7ecb99ef6d
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:23 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=746babed-4f73-4fa2-8341-ec7719d85087&gdpr=0&gdpr_consent=&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DC2
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWU5OGVmNTczODc1ZDVmY2YwYzllZTU4MDNjNmMyZWZhNDA3ZTY3Mw
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWU5OGVmNTczODc1ZDVmY2YwYzllZTU4MDNjNmMyZWZhNDA3ZTY3Mw&google_tc=

170 B
188 B

38ms
21ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWU5OGVmNTczODc1ZDVmY2YwYzllZTU4MDNjNmMyZWZhNDA3ZTY3Mw&google_tc=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Protocol

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:51:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWU5OGVmNTczODc1ZDVmY2YwYzllZTU4MDNjNmMyZWZhNDA3ZTY3Mw&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 0DC2
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L73IBC3Q-X-D21V&sigv=1&esig=2~f7744ad473d1690d4c50c52b756750a477c5ce7f

0
194 B

78ms
21ms

Image
text/plain

2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L73IBC3Q-X-D21V&sigv=1&esig=2~f7744ad473d1690d4c50c52b756750a477c5ce7f

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Protocol

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:23 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L73IBC3Q-X-D21V&sigv=1&esig=2~f7744ad473d1690d4c50c52b756750a477c5ce7f
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 206 0.mp4 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/bc7a5287-df16-4d04-a671-a6f4d15c6d8d/ Frame DFD3 645 KB
646 KB 7ms
5ms XHR
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/bc7a5287-df16-4d04-a671-a6f4d15c6d8d/0.mp4
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/176637/hls.5b3b785f487abbe00eee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c9611cabe1c77a7c478ca84ace7258e003f682f6ef66a548af64a6a92457c0ea

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=645897-1306727

Response headers

date: Sun, 21 Aug 2022 15:51:23 GMT
last-modified: Wed, 28 Jul 2021 01:47:30 GMT
age: 100033
etag: "b761f9d83070c435431fe4834b4ed7f8"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 645897-1306727/4939809
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 660831

POST
H/1.1 200
OK mq Show response
capi-tier-1-us-east-2.connatix.com/tr/ Frame DFD3 0
315 B 22ms
22ms XHR
application/x-protobuf 18.219.101.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/tr/mq?v=176637&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.101.159 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-101-159.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK ps Show response
capi-tier-1-us-east-2.connatix.com/tr/ Frame DFD3 0
315 B 44ms
22ms XHR
application/x-protobuf 18.219.101.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/tr/ps?v=176637&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.101.159 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-101-159.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 21 Aug 2022 15:51:22 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame DFD3 107 B
549 B 65ms
38ms Script
application/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 15:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7845 156 B
748 B 483ms
447ms XHR
text/xml 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597229605%2FSMG_Connatix%2Fpreroll%2Fsyndication_14&description_url=www.tumgir.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1699374897567146&sdkv=h.3.525.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&ptt=20&adk=3939672518&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.525.0&sid=FA7C8B20-6F5F-4FD4-9CF5-F6BCB93947A5&nel=0&eid=31061774%2C44725356%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&top=https%3A%2F%2Fwww.tumgir.com%2F&url=https%3A%2F%2Fwww.tumgir.com%2F&loc=about%3Ablank&dlt=1661097082019&idt=1032&dt=1661097083368&cookie_enabled=1&scor=3806709189910118&ged=ve4_td1_tt0_pd1_la1000_er189.647.345.953_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.525.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK g Show response
capi-tier-1-us-east-2.connatix.com/rtb/ Frame DFD3 560 B
670 B 46ms
44ms XHR
application/x-protobuf 18.219.101.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=176637&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.101.159 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-101-159.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 899d11fe4562f22210826bcbad54f6410dbf029f87ab98dfcc36614c9d5f03d4

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 21 Aug 2022 15:51:23 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 374

POST
H/1.1 200
OK ao Show response
capi-tier-1-us-east-2.connatix.com/tr/ Frame DFD3 0
315 B 31ms
30ms XHR
application/x-protobuf 18.219.101.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/tr/ao?v=176637&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.101.159 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-101-159.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 21 Aug 2022 15:51:24 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame DFD3 107 B
122 B 46ms
33ms Script
application/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 15:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame CBAA 156 B
142 B 382ms
369ms XHR
text/xml 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597229605%2FSMG_Connatix%2Fpreroll%2Fsyndication_10&description_url=www.tumgir.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3039173695604836&sdkv=h.3.525.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&ptt=20&adk=563705280&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.525.0&sid=2B4224B1-3AB1-4FA0-81DB-546D394D511F&nel=0&eid=44725355%2C44752052%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&top=https%3A%2F%2Fwww.tumgir.com%2F&url=https%3A%2F%2Fwww.tumgir.com%2F&loc=about%3Ablank&dlt=1661097082019&idt=1004&dt=1661097084378&cookie_enabled=1&scor=2808664596252241&ged=ve4_td2_tt1_pd2_la2000_er189.647.345.953_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.525.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 Jm0FXXAxJFcbIzFtBF9md3ZfATAtbQRfZnRgBl9mdHUBLD42JEYcc3ERE10QZ2JwGDMgIF8MPW8zUgF4MWMYDjsjKlkBNzUjGAw5L3UEKSUsMUYKNSM4QkEmLDcTWBUsJVoDc3UTA1hhe2kBVmB0Yw9ZY3dkAVhuenZAUmZsaBhWeHJ2Q1JndmACW296ZAJabnRnB...
yrecomemu.one/VkJQNm95fTNFUjUaMwIKAy4WYhg6AzZzNRQGO15aBwcZeD4OB3ZCBjJ/aANdb3VkEB8/ 0
470 B 28ms
28ms Ping
text/plain 2606:4700:3033::6815:5a6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yrecomemu.one/VkJQNm95fTNFUjUaMwIKAy4WYhg6AzZzNRQGO15aBwcZeD4OB3ZCBjJ/aANdb3VkEB8/Jm0FXXAxJFcbIzFtBF9md3ZfATAtbQRfZnRgBl9mdHUBLD42JEYcc3ERE10QZ2JwGDMgIF8MPW8zUgF4MWMYDjsjKlkBNzUjGAw5L3UEKSUsMUYKNSM4QkEmLDcTWBUsJVoDc3UTA1hhe2kBVmB0Yw9ZY3dkAVhuenZAUmZsaBhWeHJ2Q1JndmACW296ZAJabnRnBllwNiBXCGtzdkYbIi5tB1lgc2APWGZ6ZANaZA
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5a6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSS3NAwJYDD6jFdCqVqiMojCEC3kb9Nf3JGF0iTxrGaFaHZxyFHyur6S4hEMG%2BYmjNXQm8NruFavl0Q46P6TCSdwQ9C0KR8v9Q7V3qBSRCcp0N4PHNETae9GNpvcjK%2BZryJ%2BWB5NTRb4QINY"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 73e487aa787a1875-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET snapecaht.png
webpick-cdn.s3.amazonaws.com/ 0
0

GET
DATA 200
OK truncated
/ Frame 4B01 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4B01 814 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK snapecaht.png
webpick-cdn.s3.amazonaws.com/ Frame 4B01 3 KB
3 KB 262ms
101ms Image
image/png 52.92.178.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webpick-cdn.s3.amazonaws.com/snapecaht.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.178.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5af1e32d6499ad2c5e9249164daa9a39860fb4e6f64b223b04fe0afa0c0b6ee2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 15:51:25 GMT
Last-Modified: Tue, 25 Dec 2018 13:48:43 GMT
Server: AmazonS3
x-amz-request-id: ZM0NJYBPSA91S6MH
ETag: "84cde431b32705bc6e18c3d7ccc2dd29"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2888
x-amz-id-2: xO+aOc870vt8WtmQfZHu6L0GYQ+wfiB6g4R/W4fKEX1baotS80bXaODRLr5YCEhbZX32mRfEjsQ=
x-amz-meta-s3b-last-modified: 20181225T134720Z

POST
H/1.1 200
OK sv Show response
capi-tier-1-us-east-2.connatix.com/tr/ Frame DFD3 0
315 B 22ms
22ms XHR
application/x-protobuf 18.219.101.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/tr/sv?v=176637&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.101.159 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-101-159.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 21 Aug 2022 15:51:24 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame DFD3 107 B
122 B 40ms
40ms Script
application/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 15:51:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D49C 156 B
142 B 486ms
485ms XHR
text/xml 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597229605%2FSMG_Connatix%2Fpreroll%2Fsyndication_7&description_url=www.tumgir.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3904599274683221&sdkv=h.3.525.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&ptt=20&adk=1521907010&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.525.0&sid=BF48B067-F1E5-4DC8-90EB-DADF500AAFDE&nel=0&eid=44729309%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&top=https%3A%2F%2Fwww.tumgir.com%2F&url=https%3A%2F%2Fwww.tumgir.com%2F&loc=about%3Ablank&dlt=1661097082019&idt=1018&dt=1661097085285&cookie_enabled=1&scor=3412816613241851&ged=ve4_td3_tt2_pd3_la3000_er189.647.345.953_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.525.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame DFD3 107 B
122 B 24ms
24ms Script
application/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 15:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7845 156 B
142 B 443ms
443ms XHR
text/xml 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597229605%2FSMG_Connatix%2Fpreroll%2Fsyndication_4&description_url=www.tumgir.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3892910678665836&sdkv=h.3.525.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&ptt=20&adk=3939672518&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.525.0&sid=FA7C8B20-6F5F-4FD4-9CF5-F6BCB93947A5&nel=0&eid=31061774%2C44725356%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&top=https%3A%2F%2Fwww.tumgir.com%2F&url=https%3A%2F%2Fwww.tumgir.com%2F&loc=about%3Ablank&dlt=1661097082019&idt=1032&dt=1661097086287&cookie_enabled=1&scor=2459739415135692&ged=ve4_td4_tt3_pd4_la4000_er189.647.345.953_vi0.0.1200.1600_vp100_ts3_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.525.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:51:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK abt Show response
capi-tier-1-us-east-2.connatix.com/tr/ Frame DFD3 0
315 B 23ms
22ms XHR
application/x-protobuf 18.219.101.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/tr/abt?v=176637&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.101.159 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-101-159.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 21 Aug 2022 15:51:27 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: webpick-cdn.s3.amazonaws.com
URL: https://webpick-cdn.s3.amazonaws.com/snapecaht.png

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tumgir.com/	1970-01-20 15:00:57	Name: _ga Value: GA1.2.1621838245.1661097082
.tumgir.com/	1970-01-20 05:26:23	Name: _gid Value: GA1.2.1755708028.1661097082
.tumgir.com/	1970-01-20 05:24:57	Name: _gat_gtag_UA_134279593_1 Value: 1
freychang.fun/	1970-01-20 14:03:21	Name: csu Value: 140449844586706@2@1661097081
www.tumgir.com/	1970-01-20 14:55:11	Name: __atuvc Value: 1%7C34
www.tumgir.com/	1970-01-20 05:24:58	Name: __atuvs Value: 630254796335971c000
.addthis.com/	1970-01-20 14:55:11	Name: uvc Value: 1%7C34
.addthis.com/	1970-01-20 14:46:33	Name: ouid Value: 6302547a000181020585075626541675af1085a241beb30f4a58
.addthis.com/	1970-01-20 14:46:33	Name: di2 Value: aVSxq#&0x#&g#%Os#%Or#%Km#%Kf#%IX#%IQ#%HV#%F\|#%FS#%FR#%FQ#%E~#%/p#%/o#%/n#%$~#$Mr#$M`#$Ll#$L^#$LZ#$Gr#$CT#$7r#$1~#$0\|#$+U#$)\|#$){#$(w#$(T#$(S#$(R#$(Q#$$c#$$b#$!}##NW##Mz##Md##LU##Iz##Ix##Gr##Ed##Eb##EZ##Bq##Bp##@q##>W##>U##'V###l#!0}#!/p#!$s#!!xPNePNdPNcPNbPDtPC]PC[P<nP8UP7sP7rP7qP7mP7lP7kP2SO1iO1hO1gO(rO(qO(pO(cO(bO'vO'uN+gN+QN'yN#xMLcM?gM?fM>VM>UM>TM>SM>RM>QM7oM7nM7mM7lM7]M7XM-{M-rM-qM+}M+zMfM'fM'bM&oM&nM&mM&^M&]M&[LFTLEsLErLEqLEpLDkL.wJEXJ&ZJ&YJ&XJ&WJ&VJ&UJ#\|J#{J#sJ#rIIYIIXIHcIHbIH[IFcIFbICiI?VI?UI6rI5fI5TI5SI3\|I3{I3yI3rI2bI1oI/}I/\|I/jI+l$+S83}7>Z7:m77h77g7.k7.b7-~7-}7o7k7)\|7)m7'h7'g7#t6L]6L[6Kh6Kg6Hu6Hq6Hp6Ho6Hn6Hm6FW6FV6C{6@t6@s5)z5)y5)`5)_5)^5(n5(b5'~4JX4?Z4=a4=^0%w0%v0%q)1i)1b#08^#08W#/}#/{#/R#.~#&]#&Z#)N}#)N{#)Gc#)Ga#)-i#)-g#)-e#)V#)T#))~#))\|#(8k#(5i#(5Q#(4~#(/]#'FX#'E{#'8f#'&U#'&T#&He#&GQ#&@r#&@q#&@p#&<]
.addthis.com/	1970-01-20 11:33:35	Name: bt2 Value: 6302547a001Fs0002001zs0002001us0001
.addthis.com/	1970-01-20 14:46:33	Name: um Value: j.'2022082115512212500776708594'
.addthis.com/	1970-01-20 14:46:33	Name: uid Value: 6302547a2a3a0efa
.addthis.com/	1970-01-20 14:46:33	Name: na_id Value: 2022082115512212500776708594
.addthis.com/	1970-01-20 14:46:33	Name: vc Value: 2
.addthis.com/	1970-01-20 14:55:11	Name: loc Value: NDgzMjlOQVVTTUkyMjI3MDk2NjUwNTAwMDBDSA==
capi.connatix.com/	1970-01-20 06:08:09	Name: cnx_userId Value: 3b9f95f57f894860a638d4414d639185
www.tumgir.com/	1970-01-20 06:08:09	Name: cnx_userId Value: 3b9f95f57f894860a638d4414d639185
.adnxs.com/	1970-01-20 07:34:33	Name: uuid2 Value: 1266831714425546473
.adsrvr.org/	1970-01-20 14:10:33	Name: TDID Value: 746babed-4f73-4fa2-8341-ec7719d85087
.rlcdn.com/	1970-01-20 14:10:33	Name: rlas3 Value: NGcipxLSCkJ2F6Ip5Y4IjwBnkxYrC5MwXR22zcEaDYA=
.ctnsnet.com/	1970-01-20 14:10:33	Name: cid_0db6d3ac3669468f996bffb8d9e8029e Value: 1
.sitescout.com/	1970-01-20 14:10:33	Name: ssi Value: 376a32bf-35c4-4d34-8676-633633dceb2b#1661097082542
.sitescout.com/	1970-01-20 06:08:09	Name: _ssuma Value: eyIzOSI6MTY2MTA5NzA4MjU2OSwiNyI6MTY2MTA5NzA4MjU2OX0
.rlcdn.com/	1970-01-20 06:51:21	Name: pxrc Value: CPqoiZgGEgUI6AcQAA==
.spotxchange.com/	1970-01-20 06:05:16	Name: audience Value: 1afa49fa-2169-11ed-a381-1d8d9dd30203
.crwdcntrl.net/	1970-01-20 11:53:42	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 11:53:42	Name: _cc_id Value: f055c1af91819d437592ff057033aac1
.crwdcntrl.net/	1970-01-20 11:53:45	Name: _cc_cc Value: "ACZ4XmNQSDMwNU02TEyzNLQwtEwxMTY3tTRKAwqaGxgbJyYmGzIAQTJTSBWIhgIAP5YJsQ%3D%3D"
.crwdcntrl.net/	1970-01-20 11:53:45	Name: _cc_aud Value: "ABR4XmNgYGBIZgqpAlJQAAAOxAE0"
.rubiconproject.com/	1970-01-20 14:10:33	Name: khaos Value: L73IBC3Q-X-D21V
.adsrvr.org/	1970-01-20 14:10:33	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCIadg_3g5YE7EAUYBSACKAIyCwjM3LKj9-WBOxAFOAE.
.amazon-adsystem.com/	1970-01-20 15:00:57	Name: ad-privacy Value: 0
.doubleclick.net/	1970-01-20 15:00:57	Name: IDE Value: AHWqTUkm3AJenw-MgNjHgkz6rszFz-2--1zRAy7sTKZ9_W7XIHoR2UUriZPsoxjwDY4
.yahoo.com/	1970-01-20 14:10:54	Name: A3 Value: d=AQABBHtUAmMCEKMLE0Fe1_eEwFN2b0bRbxIFEgEBAQGlA2MMYwAAAAAA_eMAAA&S=AQAAAm_1VHlkW-314YzYu91w4mM
.amazon-adsystem.com/	1970-01-20 10:46:04	Name: ad-id Value: A0Zcvo-yzUxYjv9x7j0O3xg
.rubiconproject.com/	1970-01-20 14:10:33	Name: audit Value: 1\|SmiQFg1MQpaaA3mmzZGN+jGAUuw2vGIudYysHOKRJHlGXlzst0zOc+sPE5k4rlpHVaI/tUDS3B32P6YB1bf/YKrK6aORrv6f

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.tumgir.com/ Message: Refused to execute script from 'https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCPqoiZgGEgUI6AcQAEIASiAzYjlmOTVmNTdmODk0ODYwYTYzOGQ0NDE0ZDYzOTE4NQ' because its MIME type ('image/gif') is not executable.
security	error	URL: https://www.tumgir.com/ Message: Refused to execute script from 'https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D3b9f95f57f894860a638d4414d639185%2526pname%253DCentro%2526api-tier%253D1%2526uid%253D376a32bf-35c4-4d34-8676-633633dceb2b-6302547a-5553&ct=y' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64.media.tumblr.com
aax-eu.amazon-adsystem.com
accounts.google.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
api-public.addthis.com
api.tumblr.com
assets.tumblr.com
capi-tier-1-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdnjs.cloudflare.com
cds.connatix.com
ck.connatix.com
cks.connatix.com
cm.g.doubleclick.net
d18g6t7whf8ejf.cloudfront.net
dmmzkfd82wayn.cloudfront.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fortdaukthw.hair
freychang.fun
i.ctnsnet.com
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
m.addthis.com
match.adsrvr.org
mefagetobri.top
mentxviewsi.one
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
s.amazon-adsystem.com
s0.2mdn.net
s7.addthis.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
sync.crwdcntrl.net
sync.search.spotxchange.com
token.rubiconproject.com
v1.addthisedge.com
vid.connatix.com
video-serve.com
webpick-cdn.s3.amazonaws.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.tumgir.com
yrecomemu.one
z.moatads.com
s7.addthis.com
webpick-cdn.s3.amazonaws.com
107.22.28.167
108.139.38.60
142.250.65.162
142.250.80.2
151.101.194.137
151.101.66.137
18.219.101.159
18.67.65.103
18.67.65.105
192.0.77.3
192.0.77.40
2001:4860:4802:38::178
2001:4998:14:800::1000
207.198.113.88
209.54.182.161
23.1.200.83
23.208.216.126
23.3.125.24
23.41.168.202
23.41.169.149
2600:1f18:4e9:5a07:b400:569d:ed48:e656
2600:9000:2162:fa00:6:2e3c:5fc0:21
2606:4700:20::681a:c2d
2606:4700:3030::6815:2dcf
2606:4700:3033::6815:5a6a
2606:4700::6811:190e
2607:f8b0:4006:806::2002
2607:f8b0:4006:808::2006
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2003
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::200d
2607:f8b0:4006:81f::200a
2607:f8b0:4006:821::2002
2607:f8b0:4006:823::2008
2a03:2880:f112:182:face:b00c:0:25de
3.223.247.87
3.33.220.150
35.186.193.173
35.190.60.146
52.92.178.185
52.95.115.255
68.67.160.186
69.12.8.74
69.173.151.100
8.28.7.81
8.43.72.98
004a501b2c481147de166973966a12083396e796820a3883dc207c2e4611b031
01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9eef065474f7173f75be0baf23fb74738c983a43d2e2c33dad161037a4f099
0ceb9ace700dc6480dd5bc0ece2a069e9e6b43c4426ed0e637fe134023a8973c
14b23ab6f44a91126107b69d17ad3f7fa721f0643941e0541f2d214f5f2e20be
1538798afde9cbed3e18255379476f9b8d9280ac571890e6452367ace3e90efe
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ef911a16c0c3a1b155f64aeb54bb024179cd9e9f89a02189fcc22b01f9df8b
1a21a60651bad6a46b617170d92c788273db7e69c5233359b2271362211e08c8
1e552184493eea74a53b11e52b6e6eec9c35d90cece6592d9bdf6cf1090ad8c0
20519e8498a0507083087292e936e266c09e9aac9d841e0fce4fbed2005a450c
22df077cd777b61b115b940e49d92812f63c87cd10cc0015feeb8aa569ca57ce
233077278b2d6fcf7015a94cb5d68de97beaa753c6892192d179cae9567eeb59
25d32ffc5ec670efa920e096c1ea4ab37e6f77925211760c33db0d3f13e8ce6c
25fc1e63acc40860a0fdf38979514208af1c611d1087b82119682e5e4cb4ccac
2cbca6cb55b4f4b31205c1ae9031a65b84dad7ec1870b557a64a44f7c443b341
2da0990f652b1a9d1d05bf82bbeac7260b913727c05f463bbf644221bef87704
2e977bdccc768f21f5e6e93aa077f55edb9a01c32429d8ac18752fd59fe30f1c
2fc148459e9f9e487fe5b7b0fe302e7b34b5e2f90e54dba751e2baef278d67a2
309e5f6a300239d1c4b41c4bf72f031b423dbda65b672bc6d9df1bb8d9d5c5f1
3279b7b9a9795ea12f9fafade372facbad64e5edd92b44535f51f46a28533147
34fbc37d6b5ba773977108836af81174b542671b6e29d3f3072d1617e8edfbb7
3838b0bf215c9265d5f7c322fa4a89d7bd5814e8f75127d4bfc1290b85e3dd26
3987f4f75cb48c2850ba9b78c657788ac2c141db02e6bb6d51b24c68c8bd65b1
3d53716e64bc34c236d3a9d741f76976432cf358784e748e4e7dffae69e116a2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4831f49a191bbb178bc111146c904e52dc48848a668c5bd2f170a983fe1c0384
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c3b6b73bfbc57ac0c2cfdc7f46555b6fb3414ebbec255ea903ab340140f3dcc
4ceae9996a5e9b27a6c8de06eb8c948f9c419593389c357ccdae06d0b52074e9
562fbe15070fb1aa2dfc85a80e712737a17f1256766545814bf4589dc9697683
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a
5af1e32d6499ad2c5e9249164daa9a39860fb4e6f64b223b04fe0afa0c0b6ee2
5bb2ca68bf5d0ae16920c5a6a4c44fd41d3603ca272f620171c8abc3b24c32e2
5f9de60a4a40041bcdd773e2c469628982e863dceb6fafa771a72cb6b8ad2d84
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0
6403aadb91a7f37f16e4e3d0c46180d0e651620b96c468009c2de771e777b790
658edb1759d3b96a976317d308f7f02896f84ba91e60bc23e9a8daafbe58438a
670922b4bbf933c23eee67592c6a55f7095fd14bcb5ae75d978ac6e845dca4f0
671339f098fa4412aa95686ddf57a2514b1dcfd72464c535a1389ff967199358
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73045debb89dccf27a5cd33b7f0776015163eeb01e354f506904062d03a5177d
74c51ea6927b2e8faa1344b333813100429b6a67b7a78b8b0fef669998312ee5
79d0a037047a98fc9e0348e4bfa35789aa14d62cf80972bf3aac26f7a5b1a862
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
81e66d3c4f5f980da70c5871b343aeed388293a4f03a5a85559d06b9777ab59c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
899d11fe4562f22210826bcbad54f6410dbf029f87ab98dfcc36614c9d5f03d4
8a9b940884069f6cc41dfe1b2434049577e18f3efe30b2fa5bb6cfa47bacc6ca
8c382d76b7f3c936b789e587ff26a8383cb504a1b7c7f6183f80a45d2a464c9d
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d6353c4c7c37bbf79ef323992174ee0612187524b578fe476dbadfb438d49d7
a0d6fedd28ad3612294a289c7eea843c6b3ed2e8ef9419120d9f1207545c3a6c
a0ec5ccfc45de8835ef0dcf999a45b39ae78b615941aca04e1fc7997870ef69c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a24a9e05b2f5966aa60b190d95a60fb79ff3511d0d3272e76e75ed4c47b164b7
a28530fa36dd40eff2e8c7ac146a26b181eb38a5604119ffb6acfedba1ca12f9
a2f27e3088285e1508b05742e4b0654f3f6c1bc0a987600245b207d70f9c74f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a93845026a8b911fa3fd0a42066cc2ede91af9e668185ea5df7256d7093c3dd1
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae1b9abbb61470260e103684bbd81cc23d3e69a1e9db92ef899dd539e0c9da15
b625b3191eea0929d0f20fffd7ea8199fd3f80407b0738dabeab289f49a4522c
b92cb6b44cf533b7e5ffc29b4e542b12a3f6c12c106dac6a8884a574214c947f
bdeaa7246196a8dce2f456ae421e0915ec090b7ab8247c17dcf54ca995c3debb
be7af15300e093583eb1140ed83f2a19100dc11d1dd8d9484e103d8f859ec1ce
c1a03dcb34894a8067ae472eb63877683bbff30cdb910709520ff6f85f4ec47a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2b9c8ee26aa829768c7f4b9120599222fd6a5a4035e809f8b112f7a9dbf0a4d
c43c278ff9782c532f9fe4f81cc8c0defcdcdf799926fbc7b7ed3cb8f48a28a0
c921b4351a1ae90dcc7a30a01fbc1e169d57e9f4451d55a840438fb13e7c1cc6
c9611cabe1c77a7c478ca84ace7258e003f682f6ef66a548af64a6a92457c0ea
cb71da8002219a1ad2e9ccf3bfd4a1ee148bc53de69b88b177e14f88dd4d0f14
cc0005c5883dbcdc7475381bb02e9c093db0976016214a100c51580b2a5b2f5e
cc10095e0db77f6b464cc575b7a0479b45d6c7f1c7a93d856173356b2acae02b
cc5b52f2199694e4c1785d9231fd52d4140118eb8133d9303cb7d1bdffb231f3
cc8ee449069160240e169f2a5b8165a9cc932c99d7e01dabeff4ef7dc1092b59
cd92bcc42aaf695a0b9039f42d742cace6c0c22950f65435f8fec807064cfa68
ce2d42c5d207c3c441832873dd3d6fae23b443a79c9851038f8ec5d800bc2e2d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d47d16bf34e4c557ae13192bf351083ee15c9bed72a139fb1e14272d7b391230
d5f12dd3e62c66022ea58e3017b4bb49c045fa2b502d16b86ea3a91dad2bc40b
d898b33a44c46b69466fa27a71b589261bd49bebbab34a7339d3753853cc56b7
e1f74cf83593e7f4d466e1f98e819502ff983b2a3dbaf6a0954ff7944f760735
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc91bb29f73334c99c6c81ee0989995f1a3cc29c0a8075b96ea66372bd130abd
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.tumgir.com Open in urlscan Pro 2606:4700:20::681a:c2d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

148 Requests

84 %HTTPS

38 %IPv6

35 Domains

59 Subdomains

40 IPs

2 Countries

9069 kBTransfer

13085 kBSize

36 Cookies

1 Outgoing links

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tumgir.com Open in urlscan Pro
2606:4700:20::681a:c2d Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

84 %
HTTPS

38 %
IPv6

35
Domains

59
Subdomains

40
IPs

2
Countries

9069 kB
Transfer

13085 kB
Size

36
Cookies

148 HTTP transactions
3 data transactions