URL: https://tumblrgallery.xyz/post/6124190.html
Submission Tags: falconsandbox
Submission: On April 18 via api from US — Scanned from DE

Summary

This website contacted 14 IPs in 5 countries across 11 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3034::6815:760, located in United States and belongs to CLOUDFLARENET, US. The main domain is tumblrgallery.xyz.
TLS certificate: Issued by GTS CA 1P5 on March 26th 2024. Valid for: 3 months.
This is the only time tumblrgallery.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 74.114.154.22 2635 (AUTOMATTIC)
2 192.0.77.3 2635 (AUTOMATTIC)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.18.16.106 13335 (CLOUDFLAR...)
3 212.117.190.201 7979 (SERVERS-COM)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.17.10.106 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 172.67.130.22 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.68 15169 (GOOGLE)
1 142.250.185.131 15169 (GOOGLE)
27 14
Apex Domain
Subdomains
Transfer
9 tumblrgallery.xyz
tumblrgallery.xyz
41 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
region1.google-analytics.com — Cisco Umbrella Rank: 2404
21 KB
3 xszpuvwr7.com
xszpuvwr7.com — Cisco Umbrella Rank: 50501
41 KB
3 tumblr.com
78.media.tumblr.com — Cisco Umbrella Rank: 203522
64.media.tumblr.com — Cisco Umbrella Rank: 14414
133 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
145 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 744
42 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7278
63 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
351 B
1 xlirdr.com
go.xlirdr.com — Cisco Umbrella Rank: 32960
5 KB
1 strpst.com
img.strpst.com — Cisco Umbrella Rank: 9267 Failed
7 KB
27 11
Domain Requested by
9 tumblrgallery.xyz tumblrgallery.xyz
3 xszpuvwr7.com tumblrgallery.xyz
xszpuvwr7.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com tumblrgallery.xyz
www.googletagmanager.com
2 unpkg.com tumblrgallery.xyz
2 64.media.tumblr.com tumblrgallery.xyz
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 go.xlirdr.com unpkg.com
1 78.media.tumblr.com 1 redirects
1 img.strpst.com tumblrgallery.xyz
27 13

This site contains links to these domains. Also see Links.

Domain
tumblrgallery.live
tumblrviewer.co
tumblrpics.com
go.xlrdr.com
78.media.tumblr.com
64.media.tumblr.com
Subject Issuer Validity Valid
tumblrgallery.xyz
GTS CA 1P5
2024-03-26 -
2024-06-24
3 months crt.sh
*.media.tumblr.com
Sectigo ECC Domain Validation Secure Server CA
2024-01-03 -
2025-02-02
a year crt.sh
unpkg.com
GTS CA 1P5
2024-04-01 -
2024-06-30
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
xlirdr.com
Cloudflare Inc ECC CA-3
2023-05-03 -
2024-05-01
a year crt.sh

Buypass Class 2 CA 5
2024-01-17 -
2024-07-14
6 months crt.sh
img.strpst.com
Cloudflare Inc ECC CA-3
2024-03-03 -
2024-12-31
10 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.google.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.google.de
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh

This page contains 1 frames:

Primary Page: https://tumblrgallery.xyz/post/6124190.html
Frame ID: D0D23E85C155A856BFFC19ED30D4B120
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

talesfromweirdland - Sea creatures spotted in the 18th century...

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

93 %
HTTPS

43 %
IPv6

11
Domains

13
Subdomains

14
IPs

5
Countries

435 kB
Transfer

1167 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://78.media.tumblr.com/d9a757335a9585feccb63cff23a48073/tumblr_pbx2g2fxi21w49lylo1_500.jpg HTTP 301
  • https://64.media.tumblr.com/d9a757335a9585feccb63cff23a48073/tumblr_pbx2g2fxi21w49lylo1_500.jpg

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 6124190.html
tumblrgallery.xyz/post/
18 KB
6 KB
Document
General
Full URL
https://tumblrgallery.xyz/post/6124190.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:760 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20a937a31e493cf06f9f3878e474603de90d2002a44f7ef2ad44ea2e1b8f2331

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8762d98f29b068e5-FRA
content-encoding
br
content-type
text/html
date
Thu, 18 Apr 2024 07:13:01 GMT
last-modified
Thu, 04 Apr 2024 16:41:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J1JDrG0aY3HJQm5L%2FwKiDn2aR61md5Jfcl57CkBihzfpy0JqEIJizFDBIfMOn0f%2FBnqZYWoaKIBIZrKgNssNqSBoM5GYYZ5B5tARD3Ny5yD8%2BcSbQ2bvAWspdpkdQEheeRsvydGoARSMUcHkiDdhmA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.css
tumblrgallery.xyz/css-js/
14 KB
3 KB
Stylesheet
General
Full URL
https://tumblrgallery.xyz/css-js/bootstrap.css
Requested by
Host: tumblrgallery.xyz
URL: https://tumblrgallery.xyz/post/6124190.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:760 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ddbc4b319ad49f3c4a7661a212fdbe0d49946a8e7d1ca82a48c79959212249a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/post/6124190.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2218
cf-polished
origSize=14081
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 30 Mar 2024 14:35:24 GMT
server
cloudflare
etag
W/"3701-614e1aaae2300-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xUdyq6m0AxD2IU4T1poMWnDfr4R3hYGs%2BKPVCOxZbQLqQuIRaL6xA9zL6kdLIk2rBAo3VaX%2FC9p%2BuKPQSbnCZyhEpABxAqAIKSumDpbh8DwPiLh7TnGKutHNHaTIbfzejvP8hEQa8inLCHeFevSSbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8762d9902a8b68e5-FRA
gallery-page.css
tumblrgallery.xyz/css-js/
12 KB
3 KB
Stylesheet
General
Full URL
https://tumblrgallery.xyz/css-js/gallery-page.css
Requested by
Host: tumblrgallery.xyz
URL: https://tumblrgallery.xyz/post/6124190.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:760 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9741a881bd5d2a0db28d8dc8287862f73d5027f525257ba402500421d146527e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/post/6124190.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2218
cf-polished
origSize=12795
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 30 Mar 2024 14:59:34 GMT
server
cloudflare
etag
W/"31fb-614e2011b6180-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6BGRdlE7ybT7BxsW4G0gL9ZNYowedJlwJfYeeB%2FpeBvJxiRTcW5vWJCftabJXKdIy3kG%2BEdX7K0qg2l1PcFg4qiTNDrBqn8M7d%2BnaflsyCzP5eH5hv0LhBlEaOI%2BQoXPsLEw1GuJt25pQtsXMldAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8762d9902a8c68e5-FRA
common.css
tumblrgallery.xyz/css-js/
5 KB
2 KB
Stylesheet
General
Full URL
https://tumblrgallery.xyz/css-js/common.css
Requested by
Host: tumblrgallery.xyz
URL: https://tumblrgallery.xyz/post/6124190.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:760 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a151b75755318b9660e8f8cc7a27c268c2408da30b851fd9b3146ab144dd7775

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/post/6124190.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4543
cf-polished
origSize=5524
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 30 Mar 2024 14:53:37 GMT
server
cloudflare
etag
W/"1594-614e1ebd3fe40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6X%2BeZSmaJFxdVHnMJX1oDpn7ateL6SuON0LvZJLPTneb7KHDafwuhtN8wmzeBFPsPgzz1ZosJqWIy3QlHZbuw1ONYwZzj%2FDLhdnaiP1Ua3B0PhFoTZrDoKTk3pcJeaTKQD1a3FL7r15oByJwj9Dxog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8762d9902a8d68e5-FRA
144796304_webp
img.strpst.com/thumbs/1712248230/
0
0

tumblr_pbx2g2fxi21w49lylo1_500.jpg
64.media.tumblr.com/d9a757335a9585feccb63cff23a48073/
Redirect Chain
  • https://78.media.tumblr.com/d9a757335a9585feccb63cff23a48073/tumblr_pbx2g2fxi21w49lylo1_500.jpg
  • https://64.media.tumblr.com/d9a757335a9585feccb63cff23a48073/tumblr_pbx2g2fxi21w49lylo1_500.jpg
132 KB
0
Image
General
Full URL
https://64.media.tumblr.com/d9a757335a9585feccb63cff23a48073/tumblr_pbx2g2fxi21w49lylo1_500.jpg
Requested by
Host: tumblrgallery.xyz
URL: https://tumblrgallery.xyz/post/6124190.html
Protocol
H2
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
35cb825f4e65ee4c922135b3b0b407348e76a886fbc2e62c7b717c0986080553

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://tumblrgallery.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-nc
MISS ams 7
date
Thu, 18 Apr 2024 07:13:01 GMT
last-modified
Mon, 14 Dec 2020 16:57:37 GMT
server
nginx
x-frames
1
etag
"adb85426e36ca7d586b263434315df17-1498089600-98b6076"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
server-timing
dc;desc=ams, cache;desc=MISS;dur=231.0
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
135423

Redirect headers

location
https://64.media.tumblr.com/d9a757335a9585feccb63cff23a48073/tumblr_pbx2g2fxi21w49lylo1_500.jpg
date
Thu, 18 Apr 2024 07:13:01 GMT
server
openresty
content-length
166
content-type
text/html
tumblr_pbx2g2fxi21w49lylo1_500.jpg
64.media.tumblr.com/d9a757335a9585feccb63cff23a48073/
132 KB
133 KB
Image
General
Full URL
https://64.media.tumblr.com/d9a757335a9585feccb63cff23a48073/tumblr_pbx2g2fxi21w49lylo1_500.jpg
Requested by
Host: tumblrgallery.xyz
URL: https://tumblrgallery.xyz/post/6124190.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
35cb825f4e65ee4c922135b3b0b407348e76a886fbc2e62c7b717c0986080553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:01 GMT
strict-transport-security
max-age=31536000; preload
x-frames
1
server-timing
dc;desc=ams, cache;desc=MISS;dur=231.0
alt-svc
h3=":443"; ma=86400
content-length
135423
x-nc
MISS ams 7
last-modified
Mon, 14 Dec 2020 16:57:37 GMT
server
nginx
etag
"adb85426e36ca7d586b263434315df17-1498089600-98b6076"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
timing-allow-origin
*
email-decode.min.js
tumblrgallery.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://tumblrgallery.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tumblrgallery.xyz
URL: https://tumblrgallery.xyz/post/6124190.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:760 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/post/6124190.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Apr 2024 08:31:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"661ce5e6-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9gJZ5bhNBiI11E9jz8MImi7j7EclkPFtD7Fqf650yjauGs%2F6W88iXxcNJEVKR%2FPJvuZ8LJE9q7E3ercz2mzaKOiRwlw53HEZ5AbGMLNISnrjfDKJpBDsyQo%2FCqYangnmrO3vzbJU8eQM2oRGPTEBnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8762d9904a9b68e5-FRA
expires
Sat, 20 Apr 2024 07:13:01 GMT
jquery.min.js
unpkg.com/jquery@1.11.3/dist/
94 KB
34 KB
Script
General
Full URL
https://unpkg.com/jquery@1.11.3/dist/jquery.min.js
Requested by
Host: tumblrgallery.xyz
URL: https://tumblrgallery.xyz/post/6124190.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:01 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3080378
last-modified
Tue, 28 Apr 2015 16:20:21 GMT
fly-request-id
01HRW74QJPD0817QA2CQ5YQ7Y8-fra
server
cloudflare
etag
W/"176f8-N7HbiLV0OPEHKo68dVnJCcnTpoI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8762d9916a8530c4-FRA
masonry.pkgd.min.js
unpkg.com/masonry-layout@4.2.2/dist/
24 KB
8 KB
Script
General
Full URL
https://unpkg.com/masonry-layout@4.2.2/dist/masonry.pkgd.min.js
Requested by
Host: tumblrgallery.xyz
URL: https://tumblrgallery.xyz/post/6124190.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:01 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3076219
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWB3NN2F1CMBN449G7Q2D5A-fra
server
cloudflare
etag
W/"5e27-0gJSz3bDvorzeoQV0TrTaMditNg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8762d9916a8a30c4-FRA
model-live.js
tumblrgallery.xyz/
1 KB
1 KB
Script
General
Full URL
https://tumblrgallery.xyz/model-live.js?1712248865
Requested by
Host: tumblrgallery.xyz
URL: https://tumblrgallery.xyz/post/6124190.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:760 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454d39a92d8508f7d03ff3de1e5515cc422bdad4250fad0d2d9defbd8cac4ce7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/post/6124190.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 12 Jan 2024 13:20:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5ba-60ebf88cde040-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OaeRV7Vu1gp9LwLrgqpYc8W9MSTPLu%2FSSjqrWRFLtbBNXBSBc121iWDB0HOXnt8%2FPoXWtNJuZmfhUusztiyiMaxReeGPPG2SUXobweyH16AQZbkfn83neAo0qjl%2F5mTz8nPkF5jFplUvkeJ8z8m9Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
8762d9904a9d68e5-FRA
alt-svc
h3=":443"; ma=86400
anticode.js.php
tumblrgallery.xyz/css-js/
232 B
679 B
Script
General
Full URL
https://tumblrgallery.xyz/css-js/anticode.js.php
Requested by
Host: tumblrgallery.xyz
URL: https://tumblrgallery.xyz/post/6124190.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:760 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f3fb516f607fe502af97c046635c4a08fcc0ce24589c69eaa7672cd52966bc3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/post/6124190.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 07:13:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vm%2F7ynqwdxODgXcguJ9KE6nX%2BbRIdRYLHnHrsYoFQyES%2BYK3SBdmYPjUFMplFKjZW47I59GhKID%2BEvt4vuiFRVBBS8iZTPP%2FPIpGBzamkldVLPp60DFpdC9QZgsSAp6ITECVjVzXd%2BUDxLdA2uVOjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
8762d9904a9e68e5-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery.fancybox.min.js
tumblrgallery.xyz/static/
67 KB
22 KB
Script
General
Full URL
https://tumblrgallery.xyz/static/jquery.fancybox.min.js
Requested by
Host: tumblrgallery.xyz
URL: https://tumblrgallery.xyz/post/6124190.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:760 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c787a5704661491a0877721ca934b66aa26ac70f8a8eab8ccc48c86c86a41556

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/post/6124190.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Dec 2018 15:45:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2217
etag
W/"10a64-57d39ab2cc880-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qpvt2HM2FBNBYVoN2My%2BnAKJ9ce2b%2BDEVqjhkGvI90zIEgVsqf7vy7psAWX9Xno9111XRr0fBEW8aGTzkQQ%2Br0kuuQxUlAONtJSTKXMQweihyOkl%2F%2FhFhic5FB94t7RdmdyE54nzWk1%2F5%2FP2u4Tf6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
8762d9904a9f68e5-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
142 KB
54 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-105224068-14
Requested by
Host: tumblrgallery.xyz
URL: https://tumblrgallery.xyz/post/6124190.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1367cca384d4ab514f40da97d366cd2988f569b50c7260494f46a253b835338d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
55266
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 18 Apr 2024 07:13:01 GMT
models
go.xlirdr.com/api/
37 KB
5 KB
XHR
General
Full URL
https://go.xlirdr.com/api/models?sortBy=normalizedViewersRating&limit=25&sortOrder=desc&gender=female&status=public&tag=girls&streamOrientation=vertical&broadcastMobile=1
Requested by
Host: unpkg.com
URL: https://unpkg.com/jquery@1.11.3/dist/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44be49a62061cdc7b1c7cbb2fd4e8390f0b3ffcdd10e1aeeb677f34159010c18

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://tumblrgallery.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Apr 2024 07:12:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://tumblrgallery.xyz
access-control-allow-credentials
true
cf-ray
8762d9926f9a3560-WAW
alt-svc
h3=":443"; ma=86400
95cf4610.js
xszpuvwr7.com/t/9/fret/meow4/1810649/
102 KB
40 KB
Script
General
Full URL
https://xszpuvwr7.com/t/9/fret/meow4/1810649/95cf4610.js
Requested by
Host: tumblrgallery.xyz
URL: https://tumblrgallery.xyz/css-js/anticode.js.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
d2c9363aaf1ec9d0d2dea47341cc1c810815f560f23f8be98ddc801c22fe072e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:01 GMT
content-encoding
gzip
last-modified
Wed, 17 Apr 2024 15:58:05 GMT
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
etag
W/"661ff18d-19995"
vary
Accept-Encoding
content-type
application/javascript
x-js-ab2
current
timing-allow-origin
*
js
www.googletagmanager.com/gtag/
259 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T205113XSB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105224068-14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
440be9066e5c3f4175ab001573de30f754106d8da110ec43c2f9202f239fd2d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92424
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 18 Apr 2024 07:13:01 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105224068-14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 18 Apr 2024 05:39:22 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5619
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 18 Apr 2024 07:39:22 GMT
152050155_webp
img.strpst.com/thumbs/1713423990/
7 KB
7 KB
Image
General
Full URL
https://img.strpst.com/thumbs/1713423990/152050155_webp
Requested by
Host: tumblrgallery.xyz
URL: https://tumblrgallery.xyz/post/6124190.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.10.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00d0c4102185690ff1139a0886eef9ec15b7c6b6f188e6da53a4b828aadc0d12

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:01 GMT
cf-cache-status
HIT
last-modified
Thu, 18 Apr 2024 07:05:35 GMT
server
cloudflare
age
393
etag
"d5c39abef5354a3db41807f55e256a83"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1800, s-maxage=1800
accept-ranges
bytes
cf-ray
8762d99308ab772a-WAW
alt-svc
h3=":443"; ma=86400
content-length
7406
collect
region1.google-analytics.com/g/
0
256 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-T205113XSB&gtm=45je44f0v878108817za200&_p=1713424381726&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1026887063.1713424382&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1713424381&sct=1&seg=0&dl=https%3A%2F%2Ftumblrgallery.xyz%2Fpost%2F6124190.html&dt=talesfromweirdland%20-%20Sea%20creatures%20spotted%20in%20the%2018th%20century...&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=879
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T205113XSB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 07:13:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tumblrgallery.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
209 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=613203326&t=pageview&_s=1&dl=https%3A%2F%2Ftumblrgallery.xyz%2Fpost%2F6124190.html&ul=de-de&de=UTF-8&dt=talesfromweirdland%20-%20Sea%20creatures%20spotted%20in%20the%2018th%20century...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2140747498&gjid=379553179&cid=1026887063.1713424382&tid=UA-105224068-14&_gid=787753177.1713424382&_r=1&gtm=457e44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=879776551
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://tumblrgallery.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 07:13:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tumblrgallery.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
solid.gif
xszpuvwr7.com/
43 B
639 B
Ping
General
Full URL
https://xszpuvwr7.com/solid.gif?z=1810649&nojs=0&abvar=0&febuild=1.0.223&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=393765957068288&eclog=0&im=1&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22124%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22124%22&chf=%22Chromium%22;v=%22124.0.6367.60%22,%20%22Google%20Chrome%22;v=%22124.0.6367.60%22,%20%22Not-A.Brand%22;v=%2299.0.0.0%22&chm=false&chmd=&chp=Win32&chv=10.0.0
Requested by
Host: xszpuvwr7.com
URL: https://xszpuvwr7.com/t/9/fret/meow4/1810649/95cf4610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:02 GMT
x-route-id
stats.tag.loaded
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin
*
content-length
43
content-type
image/gif
1810649
xszpuvwr7.com/get/
37 B
681 B
Script
General
Full URL
https://xszpuvwr7.com/get/1810649?zoneid=1810649&jp=_clw6zdbvltntemowyqkqjc&nojs=0&abvar=0&febuild=1.0.223&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=393765957068288&eclog=0&im=1&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22124%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22124%22&chf=%22Chromium%22;v=%22124.0.6367.60%22,%20%22Google%20Chrome%22;v=%22124.0.6367.60%22,%20%22Not-A.Brand%22;v=%2299.0.0.0%22&chm=false&chmd=&chp=Win32&chv=10.0.0&uf=0
Requested by
Host: xszpuvwr7.com
URL: https://xszpuvwr7.com/t/9/fret/meow4/1810649/95cf4610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:02 GMT
content-encoding
gzip
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
vary
Accept-Encoding
content-type
text/javascript
x-route-id
config
timing-allow-origin
*
favicon.ico
tumblrgallery.xyz/
66 KB
1 KB
Other
General
Full URL
https://tumblrgallery.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3f9ce397e98939c577da44552e0615abe8d603da9b1f07c9ab0ee4d7327505c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/post/6124190.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 07:13:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Mar 2022 06:48:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4933
etag
W/"1083e-5d94aca931f40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kc48Tag2LX9N8aVb%2FPQ9JSDb8IZAwNRGLyI78F%2B0o%2BxDiAY3nub84BSNIYtIpFGznx3e3SuY7NSKkhcLCI5GPij63gaCwCTMXiqMY5m61vUlzSTv0iwhH56%2Btx0YW4wjok4XMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
8762d993ee3d4dbe-FRA
alt-svc
h3=":443"; ma=86400
collect
stats.g.doubleclick.net/j/
4 B
351 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-105224068-14&cid=1026887063.1713424382&jid=2140747498&gjid=379553179&_gid=787753177.1713424382&npa=1&_u=YADAAUAAAAAAACAAI~&z=2028876323
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://tumblrgallery.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 18 Apr 2024 07:13:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tumblrgallery.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-105224068-14&cid=1026887063.1713424382&jid=2140747498&npa=1&_u=YADAAUAAAAAAACAAI~&z=1652307735
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 07:13:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-105224068-14&cid=1026887063.1713424382&jid=2140747498&npa=1&_u=YADAAUAAAAAAACAAI~&z=1652307735
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tumblrgallery.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 07:13:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.strpst.com
URL
https://img.strpst.com/thumbs/1712248230/144796304_webp

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry string| json_url string| html_str string| link_url object| head object| script string| current_host number| c_tt function| lazyload function| LazyLoad function| gtag object| dataLayer object| jQuery111308609701287666767 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal function| handleException function| Y9xx boolean| zfgloadedcode function| _clw6zdbvltntemowyqkqjc object| gaplugins object| gaData boolean| zfgloadedpopup

8 Cookies

Domain/Path Name / Value
tumblrgallery.xyz/ Name: PHPSESSID
Value: hphaee3a228iiu9k742kvi81c0
img.strpst.com/ Name: __cflb
Value: 0H28uujnzUyg2bnU8oL9XtaMMX3reDJjisDeKhAvBSU
.tumblrgallery.xyz/ Name: _ga_T205113XSB
Value: GS1.1.1713424381.1.0.1713424381.0.0.0
.tumblrgallery.xyz/ Name: _ga
Value: GA1.2.1026887063.1713424382
.tumblrgallery.xyz/ Name: _gid
Value: GA1.2.787753177.1713424382
.tumblrgallery.xyz/ Name: _gat_gtag_UA_105224068_14
Value: 1
xszpuvwr7.com/ Name: CHCK
Value: 1
xszpuvwr7.com/ Name: UID
Value: 240418021355fdd016ba824b399854aaae4a

6 Console Messages

Source Level URL
Text
other warning URL: https://tumblrgallery.xyz/post/6124190.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tumblrgallery.xyz/post/6124190.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tumblrgallery.xyz/post/6124190.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tumblrgallery.xyz/post/6124190.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tumblrgallery.xyz/post/6124190.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tumblrgallery.xyz/post/6124190.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64.media.tumblr.com
78.media.tumblr.com
go.xlirdr.com
img.strpst.com
region1.google-analytics.com
stats.g.doubleclick.net
tumblrgallery.xyz
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
xszpuvwr7.com
img.strpst.com
104.17.10.106
104.18.16.106
142.250.185.131
142.250.186.68
172.67.130.22
192.0.77.3
2001:4860:4802:32::36
212.117.190.201
2606:4700:3034::6815:760
2606:4700::6811:f8cb
2a00:1450:4001:813::2008
2a00:1450:4001:81c::200e
2a00:1450:400c:c0a::9b
74.114.154.22
00d0c4102185690ff1139a0886eef9ec15b7c6b6f188e6da53a4b828aadc0d12
1367cca384d4ab514f40da97d366cd2988f569b50c7260494f46a253b835338d
20a937a31e493cf06f9f3878e474603de90d2002a44f7ef2ad44ea2e1b8f2331
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
35cb825f4e65ee4c922135b3b0b407348e76a886fbc2e62c7b717c0986080553
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
440be9066e5c3f4175ab001573de30f754106d8da110ec43c2f9202f239fd2d8
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
44be49a62061cdc7b1c7cbb2fd4e8390f0b3ffcdd10e1aeeb677f34159010c18
454d39a92d8508f7d03ff3de1e5515cc422bdad4250fad0d2d9defbd8cac4ce7
7ddbc4b319ad49f3c4a7661a212fdbe0d49946a8e7d1ca82a48c79959212249a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8f3fb516f607fe502af97c046635c4a08fcc0ce24589c69eaa7672cd52966bc3
9741a881bd5d2a0db28d8dc8287862f73d5027f525257ba402500421d146527e
a151b75755318b9660e8f8cc7a27c268c2408da30b851fd9b3146ab144dd7775
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
c787a5704661491a0877721ca934b66aa26ac70f8a8eab8ccc48c86c86a41556
c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165
d2c9363aaf1ec9d0d2dea47341cc1c810815f560f23f8be98ddc801c22fe072e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3f9ce397e98939c577da44552e0615abe8d603da9b1f07c9ab0ee4d7327505c