www.tumgir.com Open in urlscan Pro
167.71.185.16  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113

• https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D42%26key%3D HTTP 302
• https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D42%26key%3D&s=190719&C=1

Request Chain 114

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
• https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east

Request Chain 126

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ybi03TOoHBTV4Tc1Q6MomgAA HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Ybi03TOoHBTV4Tc1Q6MomgAA&google_tc= HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHFFQ5hFUhIoBSr8-70Q67g&google_cver=1&gdpr=1

Request Chain 127

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ybi03TOoHBTV4Tc1Q6MomgAABHYAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Ybi03TOoHBTV4Tc1Q6MomgAABHYAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOJl9_9N7rFWuQNlSf3TMvk&google_cver=1

Request Chain 129

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybi03TOoHBTV4Tc1Q6MomgAABHYAAAIB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybi03TOoHBTV4Tc1Q6MomgAABHYAAAIB&dcc=t

Request Chain 130

• https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f5a56d62-497d-4f62-bf51-be27a538f948&expiration=1671030877

Request Chain 132

• https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
• https://um.simpli.fi/no_match_opted_out

Request Chain 133

• https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
• https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6927812771750264273&uid=Q6927812771750264273&ref=%2Feucm%2Fp%2Fcc HTTP 302
• https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 153

• https://api.tumblr.com/v2/blog/renekita.tumblr.com/avatar/128 HTTP 302
• https://64.media.tumblr.com/e9a582c782829dfc55b740adfad8363a/26f7f34a3e7d664a-f6/s128x128u_c1/60bfc3b94f7d20d55753febfa58ed9fe7463f259.jpg

Request Chain 154

• https://api.tumblr.com/v2/blog/indolentjellyfish.tumblr.com/avatar/128 HTTP 302
• https://64.media.tumblr.com/avatar_0698ff3812bd_128.png

Request Chain 155

• https://api.tumblr.com/v2/blog/camilicy.tumblr.com/avatar/128 HTTP 302
• https://64.media.tumblr.com/b5d7b03951b49c78d5b1d2af63f9d907/d3a841ea3d05b55d-ba/s128x128u_c1/5cdbfdb5843e112e810778c92d95c599c56c4786.png

Request Chain 156

• https://api.tumblr.com/v2/blog/walking-geema.tumblr.com/avatar/128 HTTP 302
• https://64.media.tumblr.com/avatar_239966e78ef2_128.png

Request Chain 157

• https://api.tumblr.com/v2/blog/macrolit.tumblr.com/avatar/128 HTTP 302
• https://64.media.tumblr.com/avatar_2248ceddef8b_128.png

Request Chain 184

• https://rr1---sn-5hneknee.googlevideo.com/videoplayback?expire=1639523679&ei=37S4Ye_MGeC9x_AP3bGziA8&ip=185.213.155.177&id=83929857dc6e7355&itag=22&source=youtube&requiressl=yes&mh=qQ&mm=31&mn=sn-5hneknee&ms=au&mv=m&mvi=1&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1638272290657383&mt=1639494549&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgLnm1coR1WpehrmMItLPqv4BBhdMbDg-I4iPvy-oQkCcCID4e2oTaByq-ow62qLcYXesIJHlS2JUXOqnq0AJPwJ7D&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAOgH_L0Kkki0rHXcuUwlFmNcn1AdtHr94IM4pLnyydQ_AiEA78elzfeqAyKCoyM4hqmgh4Wq5LhPmm3rxdmycz066pc=&cpn=XNZRbxVXaOVwJ_im HTTP 302
• https://rr1---sn-5hneknee.googlevideo.com/videoplayback?expire=1639523679&ei=37S4Ye_MGeC9x_AP3bGziA8&ip=185.213.155.177&id=83929857dc6e7355&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1638272290657383&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgLnm1coR1WpehrmMItLPqv4BBhdMbDg-I4iPvy-oQkCcCID4e2oTaByq-ow62qLcYXesIJHlS2JUXOqnq0AJPwJ7D&cpn=XNZRbxVXaOVwJ_im&redirect_counter=1&rm=sn-5hnesl7e&req_id=33f5db5b561836e2&cms_redirect=yes&ipbypass=yes&mh=qQ&mip=2a03:1b20:6:f011::7e&mm=31&mn=sn-5hneknee&ms=au&mt=1639494801&mv=m&mvi=1&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPYKX4N3vsNtlDeowsmrNF8T1c77-J7LcaU-C1_THkEpAiEA2z_e59a4dsFYsTYSBWG13lX4v_RYmme4hMZL03Y52j4%3D

Request Chain 225

• https://googleads.g.doubleclick.net/aclk?sa=l&ai=C2bkq37S4YaXrCNHy3wOsrrPQCOHWk4pn2JnJzdsOsJAfEAEguY2OKGCV4pCCoAegAbyrqu4CyAEFqQIe34noCP2yPuACAKgDAZgEAKoElgJP0D-DpRetLCq44ye-lIEAV5bFGHElmIfmWA6JojswRGFfm74hsjnDdXNd6H_Ut4UWaBqm8OFDBr4kuqeXw681hxsnkYPlOJtAVaI8Kw0hM6fT1ZXv3xOeOfFw0Lhwcry5u3sCUpoODISaHsLsER_Sl7AFBzBonSukOhQd1wUK1UwHCluutG9GXDkvgE-8yIz2XjQTuo72wgKDCPx9nJWoYa-5MZ5EeuBLmTv6voBjpjMpwmZ3HgGcsB7gHyKCZOrBtnZH8M_97xy3dbAgL3PfYAoj5e19N3HmDtR4GCukilSoRWivVNob9erfE--19a_wwiBPuSFgj1tLGzmxG2Je4B4mHxHia_JWizedRtPcWLMc9fQHFMAE6YC-l6AD4AQBiAX8kprwKpIFBggDEAMYAaAGVIAHrNTVkQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2ObEJffAOVqnAJK6ACgOYCwHICwHQCw64DAHYEw3QFQHiFgIIAYAXAQ&num=1&sig=AOD64_2ptvC4mPM9QbTLXyTxiPe6xu0p3A&client=ca-pub-9848746867798493&adurl=http://refurbed.de/l/products%3Fcq_src%3Dyoutube%26cq_cmp%3D11509598588%26cq_con%3D111718400105&ctype=110&label=video_10s_engaged_view&ad_mt=10194&acvw=sv%3D914%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26p0%3D152,534,451,1065%26p1%3D152,534,451,1065%26p2%3D152,534,451,1065%26tos%3D10270,0,0,0,0%26mtos%3D10270,10270,10270,10270,10270%26amtos%3D0,0,0,0,0%26mtos1%3D5247,0,0%26mtos2%3D5005,0,0%26mcvt%3D10270%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10270%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2253%26pst%3D413%26dur%3D20015%26vmtime%3D10194%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D18,18,18,18,18%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1007%26femvt%3D0%26emc%3D53%26emuc%3D0%26emb%3D53,0,0,0,0%26avms%3Dexc%26qi%3D34897802%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D12096%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10270%26ss0%3D0.08%26ss1%3D0.08%26ss2%3D0.08&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.08%26t%3D1639494879539 HTTP 302
• https://www.googleadservices.com/pagead/aclk?sa=L&ai=CsiIm37S4YaXrCNHy3wOsrrPQCOHWk4pn2JnJzdsOsJAfEAEguY2OKGCV4pCCoAegAbyrqu4CyAEFqQIe34noCP2yPuACAKgDAZgEAKoElgJP0D-DpRetLCq44ye-lIEAV5bFGHElmIfmWA6JojswRGFfm74hsjnDdXNd6H_Ut4UWaBqm8OFDBr4kuqeXw681hxsnkYPlOJtAVaI8Kw0hM6fT1ZXv3xOeOfFw0Lhwcry5u3sCUpoODISaHsLsER_Sl7AFBzBonSukOhQd1wUK1UwHCluutG9GXDkvgE-8yIz2XjQTuo72wgKDCPx9nJWoYa-5MZ5EeuBLmTv6voBjpjMpwmZ3HgGcsB7gHyKCZOrBtnZH8M_97xy3dbAgL3PfYAoj5e19N3HmDtR4GCukilSoRWivVNob9erfE--19a_wwiBPuSFgj1tLGzmxG2Je4B4mHxHia_JWizedRtPcWLMc9fQHFMAE6YC-l6AD4AQBiAX8kprwKpIFBggDEAMYAcAFbqAGVIAHrNTVkQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2OZoJHWh0dHA6Ly9yZWZ1cmJlZC5kZS9sL3Byb2R1Y3RzsQl98A5WqcAkroAKA5gLAcgLAdALDrgMAdgTDdAVAeIWAggBgBcB&num=1&client=ca-pub-9848746867798493&ctype=110&label=video_10s_engaged_view&ad_mt=10194&acvw=sv%3D914%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26p0%3D152,534,451,1065%26p1%3D152,534,451,1065%26p2%3D152,534,451,1065%26tos%3D10270,0,0,0,0%26mtos%3D10270,10270,10270,10270,10270%26amtos%3D0,0,0,0,0%26mtos1%3D5247,0,0%26mtos2%3D5005,0,0%26mcvt%3D10270%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10270%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2253%26pst%3D413%26dur%3D20015%26vmtime%3D10194%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D18,18,18,18,18%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1007%26femvt%3D0%26emc%3D53%26emuc%3D0%26emb%3D53,0,0,0,0%26avms%3Dexc%26qi%3D34897802%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D12096%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10270%26ss0%3D0.08%26ss1%3D0.08%26ss2%3D0.08&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.08%26t%3D1639494879539&cid=CAQSKQCNIrLMsKY4gAw_X6xVrdkTkUt6lOC7vIK6TP8kqYulP83-vEUcRkvM&dblrd=1&val=ChAyMjg4Njk1MmQxY2UwMDA3EN3p4o0GGghZGgtOV_2B_CABKAE&sig=AOD64_3ie9RXsEH18en-93kbGWi2LmUcjA&adurl=http://refurbed.de/l/products%3Fcq_src%3Dyoutube%26cq_cmp%3D11509598588%26cq_con%3D111718400105

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
11 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request NordVPN%20free Show response www.tumgir.com/tag/	44 KB 10 KB	1598ms 1395ms	Document text/html	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/tag/NordVPN%20free Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Next.js Resource Hash a94fc4dba692eba3f03c9046d0c51dd96403d0646d6218a3d2f734bdc65b007e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx/1.18.0 (Ubuntu) Date Tue, 14 Dec 2021 15:14:36 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By Next.js ETag "af25-0gAvksUra4nSTsjZhpk39rxOTuY" Cache-Control private, no-cache, no-store, max-age=0, must-revalidate Vary Accept-Encoding Content-Encoding gzip
GET H2	200	js Show response www.googletagmanager.com/gtag/	90 KB 36 KB	133ms 49ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-134279593-1 Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5881cc3bc5c2bc1fd91814845beb0c7aa74e70d39edd672895e193832041964b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:36 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36192 x-xss-protection 0 expires Tue, 14 Dec 2021 15:14:36 GMT
GET H/1.1	200 OK	e3b772f2bb392641.css www.tumgir.com/_next/static/css/	13 KB 4 KB	96ms 96ms	Stylesheet text/css	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/css/e3b772f2bb392641.css Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 83bf5b98721ba135b243f64ed9a99f35f744a2378380b77461506cf9e755dad2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:36 GMT Content-Encoding gzip Last-Modified Wed, 17 Nov 2021 21:53:06 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"35d4-17d2fe39f76" X-Cache-Status HIT Vary Accept-Encoding Content-Type text/css; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	webpack-514908bffb652963.js Show response www.tumgir.com/_next/static/chunks/	1 KB 1 KB	190ms 96ms	Script application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/chunks/webpack-514908bffb652963.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 88b7b60abfbcd15997d22d2839830aa4593142a21fc2b7be01f6896ac3d27310 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:36 GMT Content-Encoding gzip Last-Modified Wed, 17 Nov 2021 21:50:59 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"5c0-17d2fe1b16c" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	framework-91d7f78b5b4003c8.js Show response www.tumgir.com/_next/static/chunks/	127 KB 42 KB	376ms 187ms	Script application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/chunks/framework-91d7f78b5b4003c8.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:36 GMT Content-Encoding gzip Last-Modified Tue, 16 Nov 2021 01:43:07 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"1fc6a-17d26697e3b" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	main-6099a486a931d74e.js Show response www.tumgir.com/_next/static/chunks/	95 KB 28 KB	287ms 96ms	Script application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 473139c85473daa13724d7c0c9a99ed3cc7ba671cb59fc71e9ad7fef8a0fb0ae Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:36 GMT Content-Encoding gzip Last-Modified Tue, 16 Nov 2021 01:44:49 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"17c94-17d266b0ccf" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	_app-ec7224a5f47129d4.js Show response www.tumgir.com/_next/static/chunks/pages/	43 KB 12 KB	383ms 191ms	Script application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/chunks/pages/_app-ec7224a5f47129d4.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash d41b4df437b5651c44f2373bcf30cb9926215a7927dfde6ff1576e8dccd9ebc7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:36 GMT Content-Encoding gzip Last-Modified Mon, 22 Nov 2021 21:28:26 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"abe3-17d498cd65f" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	%5Bname%5D-9bec5972e1a21e13.js Show response www.tumgir.com/_next/static/chunks/pages/tag/	3 KB 2 KB	289ms 96ms	Script application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/chunks/pages/tag/%5Bname%5D-9bec5972e1a21e13.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash d7392e0bc0b6ceca61f2efe0cad9ec6e4f09b30901a18378a0b782c66f386ada Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:36 GMT Content-Encoding gzip Last-Modified Wed, 17 Nov 2021 21:51:42 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"c6f-17d2fe258ee" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	_buildManifest.js Show response www.tumgir.com/_next/static/0f4f4941fdbd91c5aa5063ee1cc651052f1cdee9/	765 B 1 KB	172ms 96ms	Script application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/0f4f4941fdbd91c5aa5063ee1cc651052f1cdee9/_buildManifest.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash f6eb9373a823e0cadc07731b17f6a98f1e0320c9af119920033d705603e464d2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:36 GMT Last-Modified Mon, 22 Nov 2021 21:27:32 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"2fd-17d498c03e7" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Content-Length 765
GET H/1.1	200 OK	_ssgManifest.js Show response www.tumgir.com/_next/static/0f4f4941fdbd91c5aa5063ee1cc651052f1cdee9/	77 B 451 B	134ms 107ms	Script application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/0f4f4941fdbd91c5aa5063ee1cc651052f1cdee9/_ssgManifest.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:36 GMT Last-Modified Mon, 22 Nov 2021 21:23:05 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"4d-17d4987f068" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Content-Length 77
GET H/1.1	200 OK	_middlewareManifest.js Show response www.tumgir.com/_next/static/0f4f4941fdbd91c5aa5063ee1cc651052f1cdee9/	92 B 466 B	97ms 97ms	Script application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/0f4f4941fdbd91c5aa5063ee1cc651052f1cdee9/_middlewareManifest.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:36 GMT Last-Modified Mon, 22 Nov 2021 21:23:56 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"5c-17d4988b77d" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Content-Length 92
GET H2	200	000f5551cbf3a8ea8b1b23497b5e94e331c7258f.jpg 64.media.tumblr.com/0d4ffc4fa82120ee9ae52cf9db4e0bef/08e2ca0a9f79e632-1c/s400x600/	33 KB 34 KB	37ms 14ms	Image image/jpeg	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/0d4ffc4fa82120ee9ae52cf9db4e0bef/08e2ca0a9f79e632-1c/s400x600/000f5551cbf3a8ea8b1b23497b5e94e331c7258f.jpg Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash d8ed51b3cdee1c2a332b23af0f4c417ac6d376407850c2b492d164a3ff03b1c2 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-nc MISS hhn 2 date Tue, 14 Dec 2021 15:14:36 GMT last-modified Mon, 13 Apr 2020 12:19:50 GMT server nginx x-frames 1 etag "567669bb16a81ffbaf410d75e8f1c61c-1498089600-577bc15" access-control-max-age 86400 access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-disposition inline; filename="tumblr_0d4ffc4fa82120ee9ae52cf9db4e0bef_000f5551_400.jpg" strict-transport-security max-age=31536000; preload timing-allow-origin * content-length 34097
GET H2	200	60cabb5e767620fa76970bf831c376d7ce11e449.jpg 64.media.tumblr.com/b8062dc058ab1ca559ee23cce66c7051/6f9a4d0562406aeb-bf/s640x960/	71 KB 72 KB	261ms 239ms	Image image/jpeg	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/b8062dc058ab1ca559ee23cce66c7051/6f9a4d0562406aeb-bf/s640x960/60cabb5e767620fa76970bf831c376d7ce11e449.jpg Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 3c1cd3c77913d38e643cec12be8c185ce99faf2c70cd594eae609fcd276a2293 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-nc MISS hhn 3 date Tue, 14 Dec 2021 15:14:36 GMT last-modified Sun, 13 Dec 2020 11:36:17 GMT server nginx x-frames 1 etag "3f4c294c64c1797f9ac6a84b5349c978-1498089600-f5d4802" access-control-max-age 86400 access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-disposition inline; filename="tumblr_b8062dc058ab1ca559ee23cce66c7051_60cabb5e_640.jpg" strict-transport-security max-age=31536000; preload timing-allow-origin * content-length 73112
GET H2	200	12b0c3b91e940e6b82e56bdd10d9fe5f68afee89.jpg 64.media.tumblr.com/071c2cc5b3ac07ea3c1eceac3d32eccd/115cfe538710aacd-0a/s540x810/	48 KB 48 KB	296ms 274ms	Image image/jpeg	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/071c2cc5b3ac07ea3c1eceac3d32eccd/115cfe538710aacd-0a/s540x810/12b0c3b91e940e6b82e56bdd10d9fe5f68afee89.jpg Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 8618caed18ffbab3bdc55e242449461da109b4b000047f0eb72a0b82992ee82d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-nc MISS hhn 4 date Tue, 14 Dec 2021 15:14:36 GMT last-modified Mon, 11 Oct 2021 05:56:57 GMT server nginx x-frames 1 etag "61be02355356c4e90f4d45be9e7db5bd-1498089600-f5d4802" access-control-max-age 86400 access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-disposition inline; filename="tumblr_071c2cc5b3ac07ea3c1eceac3d32eccd_12b0c3b9_540.jpg" strict-transport-security max-age=31536000; preload timing-allow-origin * content-length 49033
GET H2	200	d3f63af6f753088d4cb848ec2424aca966ee8b03.jpg 64.media.tumblr.com/0424f3da9de159dfe7248d460ce45eac/cf2c460677d50041-a6/s540x810/	33 KB 33 KB	279ms 257ms	Image image/jpeg	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/0424f3da9de159dfe7248d460ce45eac/cf2c460677d50041-a6/s540x810/d3f63af6f753088d4cb848ec2424aca966ee8b03.jpg Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 500d4054ad90a0c9dd91e96d9b2d0435c4718fe789c677c5a8688528da314881 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-nc MISS hhn 2 date Tue, 14 Dec 2021 15:14:36 GMT last-modified Fri, 17 Sep 2021 17:49:01 GMT server nginx x-frames 1 etag "3d43d4cf0b1b6d9de3a02cfac371a47b-1498089600-f5d4802" access-control-max-age 86400 access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-disposition inline; filename="tumblr_0424f3da9de159dfe7248d460ce45eac_d3f63af6_540.jpg" strict-transport-security max-age=31536000; preload timing-allow-origin * content-length 33364
GET H2	200	377ec48483e8231ab2162858f6d4914d969679c5.jpg 64.media.tumblr.com/094863d4ce999d8547ee9ef8668eaf24/47ba13d4efc53bc8-54/s540x810/	13 KB 13 KB	195ms 194ms	Image image/jpeg	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/094863d4ce999d8547ee9ef8668eaf24/47ba13d4efc53bc8-54/s540x810/377ec48483e8231ab2162858f6d4914d969679c5.jpg Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 0c2a56047981eaec5dcd1505645439994d000eef6de1db95174da291be864280 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-nc MISS hhn 3 date Tue, 14 Dec 2021 15:14:36 GMT last-modified Wed, 01 Sep 2021 10:34:22 GMT server nginx x-frames 1 etag "e9a4761b80714cd3dce737a1d6775ba6-1498089600-f5d4802" access-control-max-age 86400 access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-disposition inline; filename="tumblr_094863d4ce999d8547ee9ef8668eaf24_377ec484_540.jpg" strict-transport-security max-age=31536000; preload timing-allow-origin * content-length 13519
GET H2	200	addthis_widget.js Show response s7.addthis.com/js/300/	353 KB 114 KB	59ms 9ms	Script application/javascript	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/js/300/addthis_widget.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip last-modified Mon, 26 Oct 2020 18:11:48 GMT server nginx/1.15.8 etag W/"5f971164-5834c" vary Accept-Encoding x-distribution 99 content-type application/javascript date Tue, 14 Dec 2021 15:14:36 GMT x-host s7.addthis.com content-length 116325
GET H/1.1	200 OK	sw.js Show response www.tumgir.com/	100 KB 38 KB	198ms 198ms	Script application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/sw.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 8c382d76b7f3c936b789e587ff26a8383cb504a1b7c7f6183f80a45d2a464c9d Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:36 GMT Content-Encoding gzip Last-Modified Mon, 18 Oct 2021 16:42:26 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"190ed-17c94486c04" Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=0 Transfer-Encoding chunked Connection keep-alive Accept-Ranges bytes
GET H2	200	/ Show response d18g6t7whf8ejf.cloudfront.net/	248 KB 77 KB	44ms 16ms	Script text/plain	13.224.194.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.194.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-128.fra2.r.cloudfront.net Software / Resource Hash 441162ba3fb0788c73eb379504a48ce2ab27ecc87bd7ec09678f56342cdd4522 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 14:21:46 GMT content-encoding gzip age 3170 x-cache Hit from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform x-amz-cf-pop FRA2-C1 content-length 78627 via 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront) x-amz-cf-id xvB4oaaLR6b3YyaW8AMW1az3cEpHDeoqDAc3gNKbR5VmQfzC5g-1yg==
GET H2	200	/ Show response dmmzkfd82wayn.cloudfront.net/	246 KB 81 KB	48ms 10ms	Script text/plain	2600:9000:21f3:1e00:6:2e3c:5fc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528 Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:1e00:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 787f0fa3db656a94ce2d9323e2497c2d907c088da922d12d91e1a5927db39b8a Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 14:21:46 GMT content-encoding gzip age 3170 x-cache Hit from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform x-amz-cf-pop FRA2-C2 content-length 82369 via 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront) x-amz-cf-id c5kriTOcuRMYH-gxMZcfxTkungEJfR4am6i35Ttw4TzhbSVsEeAD9Q==
GET H2	200	KFOmCnqEu92Fr1Me5g.woff fonts.gstatic.com/s/roboto/v29/	64 KB 64 KB	131ms 44ms	Font font/woff	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Me5g.woff Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55110586d3719c3e8bdaa21f06e4cc1c0a7451abbae662344cbd4411536b585f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tumgir.com/ Origin https://www.tumgir.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 07 Dec 2021 20:02:46 GMT x-content-type-options nosniff age 587510 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 65244 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:22 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 07 Dec 2022 20:02:46 GMT
GET H2	200	KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2 fonts.gstatic.com/s/roboto/v29/	8 KB 8 KB	114ms 39ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2 Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0d36e77c4a6a1683f72d450876bcd72e692cf63104237a085091b5c69ab9675e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tumgir.com/ Origin https://www.tumgir.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 11:10:08 GMT x-content-type-options nosniff age 14668 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7700 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:20 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 14 Dec 2022 11:10:08 GMT
GET H2	200	moatframe.js Show response z.moatads.com/addthismoatframe568911941483/	2 KB 1 KB	23ms 7ms	Script application/x-javascript	2.18.235.40 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/addthismoatframe568911941483/moatframe.js Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-235-40.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:36 GMT content-encoding gzip last-modified Fri, 08 Nov 2019 20:13:52 GMT server AmazonS3 x-amz-request-id D5503D14AA2F06AA etag "f14b4e1f799b14f798a195f43cf58376" vary Accept-Encoding content-type application/x-javascript cache-control max-age=26246 accept-ranges bytes content-length 948 x-amz-id-2 JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	119ms 35ms	Script text/javascript	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-134279593-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 810 date Tue, 14 Dec 2021 15:01:06 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 14 Dec 2021 17:01:06 GMT
GET H2	204	utx Show response terhousoo.com/	0 491 B	213ms 186ms	XHR text/plain	18.66.112.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://terhousoo.com/utx?cb=a8UxcrciS3ED&top=www.tumgir.com&tid=852974 Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-3.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:36 GMT via 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tumgir.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id 1Fjk52lQx3IOXFFBhvECZ1QvzCmocwqcmqJGhj8OSEX452L_FuSewg==
GET H2	200	NXpFR0JUGCYqfVRHJ2E3RxZ4YnBzX3cBJgRCInE2Ag0tIXpQECNpIVkVMCMkRxUrM2xbHzFicHM0JBIYYx8BEgl+LjYiAV1KMwoXYDQdDxBGLjIBEnk5HB8VTRZyBgFSNAIVE087EzAneBJ1MwBeQjwLOkIzEhADAD0TNA1QSQgjFUIKch0EAC8BFBBaLgcKJnsQK... Show response terhousoo.com/ Frame 4992	3 KB 2 KB	113ms 102ms	Document text/html	18.66.112.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://terhousoo.com/NXpFR0JUGCYqfVRHJ2E3RxZ4YnBzX3cBJgRCInE2Ag0tIXpQECNpIVkVMCMkRxUrM2xbHzFicHM0JBIYYx8BEgl+LjYiAV1KMwoXYDQdDxBGLjIBEnk5HB8VTRZyBgFSNAIVE087EzAneBJ1MwBeQjwLOkIzEhADAD0TNA1QSQgjFUIKch0EAC8BFBBaLgcKJnsQKhMBdw0qChAELgQEJUIyBwohf0giERVdNzMIEGcvEQ8TYS4XMxhsSCEOCmdOMwg6TRsNLRRCKSISCngUBwwAYxJ3InJSKxIgEEIpIhIneQAxCANgAnQBcwUyEhN3Xy4HPw9RPWgSGGcoLjYPdEMUBDsFQgEFAFc7AgUOdBEhdhsESg0QFQFfdwUHcD8ADCx3MSEsOgUgFxUhdBMLMBFSLwoOOGwuEiwAXyB1LxV0LhRxBGM4CCMAezgEdyYHH3UwBm1JD3ATZCAIIwVgNhMGelswPQITYg0HIBFCMA0jFXsfFAETExA2KCxFRxAXekUoIz4rQg4NEnE Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-3.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 387d74063a35738cc689017e343b38f8383f64671fecec11cda08a5bd91b51d0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers content-type text/html content-length 1231 date Tue, 14 Dec 2021 15:14:36 GMT server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform pragma no-cache p3p CP="NID DSP ALL COR" content-encoding gzip accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache Miss from cloudfront via 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amz-cf-id j23S2aLqhvlVohWcWyVvvHM6QGW4CWHfH87_CQWPiBEtdHfc2ZqWlQ==
GET H2	204	utx Show response terhousoo.com/	0 489 B	195ms 186ms	XHR text/plain	18.66.112.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://terhousoo.com/utx?cb=SVSJDjfHObaX&top=www.tumgir.com&tid=853405 Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-3.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:36 GMT via 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tumgir.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id aJydBsgDGFg1acCtcfyT5D41ib19t_MQ1v6JZFSMCK51xYnSakCaGw==
GET H2	200	Gwc8YS1PdQE4FDJ0GAUFEG4jAAw+El0WCRx+GBQkNlM7PnolfSkSLDlPWyMPIVhaARYURS5jFCJuKWgJFHUiIw9GflwVNC1+LRcpPHo6NwsWcTlhHwBtVgY5E34tFykjey4dDxVyKWICD3keBgpGVS4+CDVTXmEWPHVCAT40cippDB4DKgEgRmAuYSkxVV8gfCBPI... Show response terhousoo.com/N29QTndWDTMjSFZSMmgCRQNta0VxSmIIEwZXN3gDABg4KE9SBTZgFFsAJSoRRQA+OllZCiRrRXFWHiIfXD0HfyF5GD8kIlwmKA8/XzkRfANmCwYpJnoHMz82BzU8DxB+OTMkBG8sJwwWUQcRa0VxLAE6GGYGOwMgc1YKFwBfNh9/ Frame 6C83	3 KB 2 KB	188ms 187ms	Document text/html	18.66.112.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://terhousoo.com/N29QTndWDTMjSFZSMmgCRQNta0VxSmIIEwZXN3gDABg4KE9SBTZgFFsAJSoRRQA+OllZCiRrRXFWHiIfXD0HfyF5GD8kIlwmKA8/XzkRfANmCwYpJnoHMz82BzU8DxB+OTMkBG8sJwwWUQcRa0VxLAE6GGYGOwMgc1YKFwBfNh9/Gwc8YS1PdQE4FDJ0GAUFEG4jAAw+El0WCRx+GBQkNlM7PnolfSkSLDlPWyMPIVhaARYURS5jFCJuKWgJFHUiIw9GflwVNC1+LRcpPHo6NwsWcTlhHwBtVgY5E34tFykjey4dDxVyKWICD3keBgpGVS4+CDVTXmEWPHVCAT40cippDB4DKgEgRmAuYSkxVV8gfCBPISEYMAcoCCcAfSQFKTJwXxZ9L2EAKAoOdSYSCRBzJhF7E3lfYSkvQDZnCjNULAc0RnULKT0nVQQgfyZAJSUbGXErFHwDdQthfzF4PhklPwZWaRgQeTYSGU58Czw9Jns5O2gdRAA+PkpRKCgKFEQhPSI Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-3.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e92610c996331b79758baab2ff5d5f485d90f67ef0e20e49cfcf0492742a4e74 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers content-type text/html content-length 1226 date Tue, 14 Dec 2021 15:14:36 GMT server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform pragma no-cache p3p CP="NID DSP ALL COR" content-encoding gzip accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache Miss from cloudfront via 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amz-cf-id zxfa6R0WazSc6pgHnPdlQ79oHMM29-m9eu9FUuT64clFWfRoQ3KM7Q==
GET H2	204	SW5NUTFmUS4iDAQUCwFSHFoBE185Kys2cAgIfTkECgkbZ2IRN2slWC1TdWQDcFl5d0EgCnBiA28dOTBFPB1wYBcgACs+DG8YcGEfcUB7fwFvG3BgFz0eLDYMeEg9JUUlU3xnAnBadGUJflh5ZgM peukasrsih.com/	0 533 B	133ms 104ms	Image text/plain	2606:4700:3030::6815:3b8f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://peukasrsih.com/SW5NUTFmUS4iDAQUCwFSHFoBE185Kys2cAgIfTkECgkbZ2IRN2slWC1TdWQDcFl5d0EgCnBiA28dOTBFPB1wYBcgACs+DG8YcGEfcUB7fwFvG3BgFz0eLDYMeEg9JUUlU3xnAnBadGUJflh5ZgM Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3b8f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:36 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GC4UAtmQgKhYVK8%2Bur5YOI6vuKkxutdaO%2F0w2RWrWLJKUrth7MThAK81S3aepbOEwBbU4Qi%2Bn2eHziuNAtqtYB%2BnVsmXEebYiOYh9K9BZvEhJEtyOxLpOP1svKs9kWEbvoXS12viYFcuHrKuCg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6bd862026dea2bf6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	204	OBQYMylqCllodGAGSiokMw9faGskRg0uOCQPXmp9YBQFNCs4D158O2oCQmJjYRxcfDhqA0ouPTZVUWtrJ0YYNnBmBF9jeW4GVG17YwVf peukasrsih.com/TVcybFpiaFEfZxw5dFkXfB0EPjE6EGsCHAwEYxw2KGdkIRl/	0 263 B	130ms 109ms	Image text/plain	2606:4700:3030::6815:3b8f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://peukasrsih.com/TVcybFpiaFEfZxw5dFkXfB0EPjE6EGsCHAwEYxw2KGdkIRl/OBQYMylqCllodGAGSiokMw9faGskRg0uOCQPXmp9YBQFNCs4D158O2oCQmJjYRxcfDhqA0ouPTZVUWtrJ0YYNnBmBF9jeW4GVG17YwVf Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3b8f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:36 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BoWgLdxaiX3Q%2FO1g47LUexzJR%2BuMlX3toQ1K7t7AvJNjXxLSB0OMhY9Fjax0Y8yny90ImKbAhLqNmQwFWeAUvXHuw%2FZXQW0U1afWSgykgexTZvSSHulFKpX4Q28pQgSkSHkiCsnVWc6upbcVPA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6bd862026deb2bf6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	204	MnNrUzUdTAggCGc1ORhnSBcECm1aCioUZ1wWBRJ2UzQxZ1FzOk0nXFZOU2YGBkNedUVbF1ZhDBQAHzJBRwBWYhNbHQ08CBQFVmIbAl1eZhsCVR5uBBQHGzJSD0JNI0FGH1ZiAwFKX2oBCkRdZw0L peukasrsih.com/	0 264 B	122ms 109ms	Image text/plain	2606:4700:3030::6815:3b8f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://peukasrsih.com/MnNrUzUdTAggCGc1ORhnSBcECm1aCioUZ1wWBRJ2UzQxZ1FzOk0nXFZOU2YGBkNedUVbF1ZhDBQAHzJBRwBWYhNbHQ08CBQFVmIbAl1eZhsCVR5uBBQHGzJSD0JNI0FGH1ZiAwFKX2oBCkRdZw0L Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3b8f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:36 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhR3NdUh3kjWAmIOYUx%2BVTyg9Xp3Oz1C%2BdFhyyArKP7K5o0Kv0m3iEIEpiRdA%2F2S2N3jM023M6NbtV%2B4hyrfdW570Dq1jlseD9ciU5ORQK4FvsAPoEfEwkio45gmXHnbBlhfIs2VRFZ%2FR%2B7yBw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6bd862026ded2bf6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2 fonts.gstatic.com/s/roboto/v29/	3 KB 4 KB	49ms 49ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2 Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3922ae70f49ae2fe18817005584b1a429e561354fbc6cf02ce8ed55e5dffe1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tumgir.com/ Origin https://www.tumgir.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 08 Dec 2021 15:52:41 GMT x-content-type-options nosniff age 516115 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3480 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 08 Dec 2022 15:52:41 GMT
GET H2	204	utx Show response terhousoo.com/	0 491 B	110ms 109ms	XHR text/plain	18.66.112.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://terhousoo.com/utx?cb=lWddT4ffc24y&top=www.tumgir.com&tid=921528 Requested by Host: dmmzkfd82wayn.cloudfront.net URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-3.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:36 GMT via 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tumgir.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id dnSWiFCb7I1PD7HBITE95AJNI8wHDP2sihBiQYjPv_AVIwUFifWlNg==
GET H2	200	WSA+GgkCKyECZDs Show response terhousoo.com/blFvSncPMwwnSA9sDWwCHD1Sb0UodF0MEwM8FSERCmldPRYXP0EpGwEkCywFAT8bZBkLJUp4MRg1KwA1Cjs6Ei89aT4JECwzJR8EIwMIBEc8EF4ZICoYNR0APwErLU42FggbBT5hKjkvFxAIHSIoPDU9PT4ULnMPOxcEHC8tCyMPDygyJiEEKwQ... Frame 60EC	3 KB 2 KB	186ms 185ms	Document text/html	18.66.112.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://terhousoo.com/blFvSncPMwwnSA9sDWwCHD1Sb0UodF0MEwM8FSERCmldPRYXP0EpGwEkCywFAT8bZBkLJUp4MRg1KwA1Cjs6Ei89aT4JECwzJR8EIwMIBEc8EF4ZICoYNR0APwErLU42FggbBT5hKjkvFxAIHSIoPDU9PT4ULnMPOxcEHC8tCyMPDygyJiEEKwQDBxsoEAcLMSoEKB0fVgEkIg88EF8DDyoXKi4hXDIrHDICNyMtDw0WKX4QOyYMMzVcaCgPMjcSDhsxDRYDEwIvBDUYNiYUNhshKxAMHxQoBggAHDwJCxg2JhQtEjUBFAscOikfBy4NPDpeCTUDfAceNV4DOwcmNAsqHyIFFyl+Ezw8PQ8UXhQtLhsJFj4iExQDB3oROTs6KCA4FC4LGyMZPQxDARk5CCUvGSoYIiw1NQYbVgA9LT4HGQQpFTYoPR41FBgjLkYJFzgtLV0ALgwWLWIlHjVeAy0DNSwELSYDBQMnBDUvCTUTNQUYOgQyHXcFORgAIVIFDgw/WSA+GgkCKyECZDs Requested by Host: dmmzkfd82wayn.cloudfront.net URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-3.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 16e436f095290e5475f91a1cff83671dcd2f0df5bbdeac4dcaa2f502967ef7da Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers content-type text/html content-length 1234 date Tue, 14 Dec 2021 15:14:36 GMT server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform pragma no-cache p3p CP="NID DSP ALL COR" content-encoding gzip accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache Miss from cloudfront via 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amz-cf-id pkviKoOOWrbFazpBLpsLOr4-0nZNbJNU8gtAAAh4gsJP806PWTk_3Q==
GET H2	204	utx Show response terhousoo.com/	0 490 B	98ms 96ms	XHR text/plain	18.66.112.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://terhousoo.com/utx?cb=r48tQO3a7SRZ&top=www.tumgir.com&tid=853405 Requested by Host: dmmzkfd82wayn.cloudfront.net URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-3.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:36 GMT via 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tumgir.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id P_SAhTx5isy7HR_8qn1a7JtNZUt5aHEWdCqnNR7ItcMX80M_fmpKJg==
GET H2	204	cxgiNQxiOQUpHWU9HUUTWz55WlUDb3ZbQUIzIF5WFCkwAhNHKXlSQVs0IgxaFCx5UkkBbmpRUxxqYhZaA3wwEwZVZ3VFF0YuKF5WBGl9V14GYnNVUQJi peukasrsih.com/WkRjZzJ1ewAUDwsQBytTMB5SJWpjIiE/	0 262 B	104ms 103ms	Image text/plain	2606:4700:3030::6815:3b8f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://peukasrsih.com/WkRjZzJ1ewAUDwsQBytTMB5SJWpjIiE/cxgiNQxiOQUpHWU9HUUTWz55WlUDb3ZbQUIzIF5WFCkwAhNHKXlSQVs0IgxaFCx5UkkBbmpRUxxqYhZaA3wwEwZVZ3VFF0YuKF5WBGl9V14GYnNVUQJi Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3b8f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:36 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCWF9NrXnpDMyH2D2YLRqSFFh2ILo9MlS%2FHcz1yqIDqAKFpKxLnCbzAXz5nS0qo85XcByvHB1tPMEiMcpN8BY%2F1OMS%2BK3M8WxFa8AnezOntfpNeABNidcHyaxSI8v8d%2F41VWeAbcIGK2LM0Dkg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6bd86202ff132bf6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	login.php www.facebook.com/	0 0	101ms 85ms	Image text/html	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers
GET H2	200	ServiceLogin accounts.google.com/	0 0	169ms 79ms	Image text/html	2a00:1450:4001:831::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers
GET H2	200	ServiceLogin accounts.google.com/	0 0	273ms 183ms	Image text/html	2a00:1450:4001:831::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers
GET H2	204	utx Show response terhousoo.com/	0 489 B	186ms 186ms	XHR text/plain	18.66.112.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://terhousoo.com/utx?cb=1HBGxn6eamdd&top=www.tumgir.com&tid=921528 Requested by Host: dmmzkfd82wayn.cloudfront.net URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-3.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:36 GMT via 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tumgir.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id Odh29IihBWrLenyEhz12m4Zqtwm2ZZcfSp18eqDIcC4fP5g8LrI4Rg==
GET H2	204	utx Show response terhousoo.com/	0 490 B	185ms 185ms	XHR text/plain	18.66.112.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://terhousoo.com/utx?cb=JTYP7RRtudqJ&top=www.tumgir.com&tid=853405 Requested by Host: dmmzkfd82wayn.cloudfront.net URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-3.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:36 GMT via 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tumgir.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id h1d3_sq5Oj7rAkEPGuh4mOH5ljDKbmLp2ReZXeUaFKQtVuZiE-brkw==
GET H2	200	/ Show response freychang.fun/	14 B 722 B	144ms 114ms	Fetch text/plain	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/?f=42a5f2350406b5b34afe49ff517ecb3b Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc03387460f88a7c82372e9d3be06c7e94b11dc5723e1664514b5d070394e1ac Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:36 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin https://www.tumgir.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDVYwfTiXNCooio%2FBOHvIHNe0W%2FtV5L3n8jwNnzMnr4g8S9Z8nvjxxubLRMKiaGHqxMd3kWzbLOUwCaGqu1LwcczV8hH%2BfG0hHGqcNedYEFM0dNCShiyZPz3S1GHsudi46MceBg572W1%2BuCB"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 6bd862034f072c26-FRA access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	NaUZVeDUKKTseCh0vMUUNXHRsTwFPLCYXWxl7ACgNGRQzAVweMh0tBk8yLxwIWWA5GVsOe3MdWwp7ZF5UDSRoTBMdNjoTCBwoMR1TACgwHBMcJ2gVWhMvORRUTHQTTRtZY2dIHR4vOxxaHjVwSgUHMnBKBVh2e0gQWgRwSgUeLztOAUx1F10HWT5jTBxMdG-UZRRk... Show response d18g6t7whf8ejf.cloudfront.net/ Frame 4992	409 B 604 B	163ms 163ms	Script text/plain	13.224.194.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d18g6t7whf8ejf.cloudfront.net/NaUZVeDUKKTseCh0vMUUNXHRsTwFPLCYXWxl7ACgNGRQzAVweMh0tBk8yLxwIWWA5GVsOe3MdWwp7ZF5UDSRoTBMdNjoTCBwoMR1TACgwHBMcJ2gVWhMvORRUTHQTTRtZY2dIHR4vOxxaHjVwSgUHMnBKBVh2e0gQWgRwSgUeLztOAUx1F10HWT5jTBxMdG-UZRRkqMA9QCy08DBBbAGBLAkd1Y10HWW4+EEEEKnBKdkx0ZRRcAiNwSgUOIzYTWkBjZ0hWATQ6FVBMdBNBA0d2e0wDX3J7QQZMdGULVA8nJxEQWwBgSwJHdWNeQFQ Requested by Host: terhousoo.com URL: https://terhousoo.com/NXpFR0JUGCYqfVRHJ2E3RxZ4YnBzX3cBJgRCInE2Ag0tIXpQECNpIVkVMCMkRxUrM2xbHzFicHM0JBIYYx8BEgl+LjYiAV1KMwoXYDQdDxBGLjIBEnk5HB8VTRZyBgFSNAIVE087EzAneBJ1MwBeQjwLOkIzEhADAD0TNA1QSQgjFUIKch0EAC8BFBBaLgcKJnsQKhMBdw0qChAELgQEJUIyBwohf0giERVdNzMIEGcvEQ8TYS4XMxhsSCEOCmdOMwg6TRsNLRRCKSISCngUBwwAYxJ3InJSKxIgEEIpIhIneQAxCANgAnQBcwUyEhN3Xy4HPw9RPWgSGGcoLjYPdEMUBDsFQgEFAFc7AgUOdBEhdhsESg0QFQFfdwUHcD8ADCx3MSEsOgUgFxUhdBMLMBFSLwoOOGwuEiwAXyB1LxV0LhRxBGM4CCMAezgEdyYHH3UwBm1JD3ATZCAIIwVgNhMGelswPQITYg0HIBFCMA0jFXsfFAETExA2KCxFRxAXekUoIz4rQg4NEnE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.194.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-128.fra2.r.cloudfront.net Software / Resource Hash c3c5d6397ca8c6a62c09a07c589eec0a90b24f406b2a11b3fa8915a1e42213bf Request headers Accept-Language de-DE,de;q=0.9 Referer https://terhousoo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:36 GMT content-encoding gzip x-amz-cf-pop FRA2-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 328 via 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront) x-amz-cf-id -UhU3n_YyoI-asUE9KGIg3J8zYf9Q3eRa5rqjw8PmUV5VoBJbEFqnQ==
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	92ms 45ms	XHR text/plain	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=475837257&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&ul=en-us&de=UTF-8&dt=%23NordVPN%20free%20%7C%20Explore%20Tumblr%20Posts%20and%20Blogs%20%7C%20Tumgir&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1725269802&gjid=950707076&cid=1498876895.1639494877&tid=UA-134279593-1&_gid=1637438250.1639494877&_r=1&gtm=2ouc10&z=1018417541 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:36 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.tumgir.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response freychang.fun/	15 B 333 B	113ms 113ms	Fetch text/plain	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/?f=42a5f2350406b5b34afe49ff517ecb3b Requested by Host: dmmzkfd82wayn.cloudfront.net URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94372e5ddcf3dfedd3cb12f1af72439cb7bc0d52e04e60c3638e3f482ef27a91 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:36 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin https://www.tumgir.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXDNQqbCp00r3wUQ3LPKoExkvMt1PtZPnjoLbxT8UTEewfloQQAf0qpB0GHiSMK55aS%2BY6BsnbzzeRSk%2BKkMRCmdgDT5XpUsACPdvHyjimtOkRXTjKXT8XHWSTrap4M%2BkPG0AqYA7DRmMEZh"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 6bd862037f672c26-FRA access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	_ate.track.config_resp Show response v1.addthisedge.com/live/boost/ra-6103d59079bcdcec/	1 KB 680 B	119ms 110ms	Script application/javascript	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://v1.addthisedge.com/live/boost/ra-6103d59079bcdcec/_ate.track.config_resp Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software / Resource Hash 1e552184493eea74a53b11e52b6e6eec9c35d90cece6592d9bdf6cf1090ad8c0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:36 GMT content-encoding gzip etag 706338575--gzip vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control public, max-age=47, s-maxage=86400 content-disposition attachment; filename=1.txt content-length 504
GET H2	200	300lo.json Show response m.addthis.com/live/red_lojson/	89 B 249 B	170ms 154ms	Script application/javascript	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://m.addthis.com/live/red_lojson/300lo.json?si=61b8b4dcb487d8aa&bkl=0&bl=1&pdt=1619&sid=61b8b4dcb487d8aa&pub=ra-6103d59079bcdcec&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tumgir.com&fp=tag%2FNordVPN%2520free&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1639494876748&jsl=0&uvs=61b8b4dc2345ad59000&skipb=1&callback=addthis.cbs.jsonp__92453298329722420 Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software / Resource Hash 9a6aba975eabc4303b2282aa2fc61fc561589181993beff4f8f6a5dabd142084 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:36 GMT cache-control max-age=0, no-cache, no-store, no-transform content-disposition attachment; filename=1.txt content-length 89 content-type application/javascript;charset=utf-8
GET		sh.f48a1a04fe8dbf021b4cda1d.html s7.addthis.com/static/ Frame 744E	0 0
GET H2	200	sh.f48a1a04fe8dbf021b4cda1d.html Show response s7.addthis.com/static/ Frame 1F9E	71 KB 26 KB	13ms 12ms	Document text/html	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers server nginx/1.15.8 content-type text/html last-modified Mon, 26 Oct 2020 18:11:48 GMT etag W/"5f971164-11adc" timing-allow-origin * cache-control public, max-age=86313600 p3p CP="NON ADM OUR DEV IND COM STA" strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip content-length 26421 date Tue, 14 Dec 2021 15:14:36 GMT vary Accept-Encoding x-host s7.addthis.com
GET H2	200	/ Show response freychang.fun/	15 B 329 B	115ms 115ms	Fetch text/plain	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/?f=42a5f2350406b5b34afe49ff517ecb3b Requested by Host: dmmzkfd82wayn.cloudfront.net URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bc469acac119c64140cc310d92a28e09bb38f0f832909799f850598e54e0ca2c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:36 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin https://www.tumgir.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sc7PcMR4QYNbQ%2BKN0DMWYLFMtBbW%2FKNfOTOSC0ae15iWR3F%2FCFSAhErODWf1qTH01%2F5c8TcSDjbs2wNffNtEKKf9Vg9WzqENDcwuS9p0gR9DaxCwJUrEvScd0gKxCXpypDW9CnylKne4wqgh"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 6bd86203c8112c26-FRA access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	b4763d50-e3a3-4c94-87b6-682aed526c7f Show response player.ex.co/player/	731 KB 215 KB	36ms 7ms	Script application/javascript	151.101.130.132 FASTLY
General Check archive.org Show headers Download Go to Full URL https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f Requested by Host: www.tumgir.com URL: https://www.tumgir.com/_next/static/chunks/pages/_app-ec7224a5f47129d4.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.132 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 052bbbb0a8bf7d09c32033af4189f54c2db7ca033ebca8be39ceca9e4c142bc9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:36 GMT content-encoding gzip age 591 x-cache HIT, HIT access-control-max-age 600 content-length 219591 x-served-by cache-iad-kcgs7200059-IAD, cache-hhn4075-HHN access-control-allow-origin * server nginx x-timer S1639494877.799155,VS0,VE0 etag W/"b6b26-iIk3k2CvE3MdQHH/Vl2cFtH/Te4" vary Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player access-control-allow-methods GET, POST, PUT, DELETE content-type application/javascript; charset=utf-8 via 1.1 varnish, 1.1 varnish cache-control no-cache accept-ranges bytes access-control-allow-headers Accept, Authorization, Content-Type x-cache-hits 1, 3
GET H/1.1	200 OK	blogs Show response www.tumgir.com/api/tumblr/trending/	347 KB 54 KB	510ms 510ms	Fetch application/json	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/api/tumblr/trending/blogs Requested by Host: www.tumgir.com URL: https://www.tumgir.com/_next/static/chunks/pages/_app-ec7224a5f47129d4.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 5119582d0d821ecbd2b3ab088abb8c6110eb3ba805097571af839e4cab6b9bc4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Content-Encoding gzip Server nginx/1.18.0 (Ubuntu) ETag "56cb5-0kHBFqQ2bosinOLYBjfSIPS5mmM" Vary Accept-Encoding Content-Type application/json; charset=utf-8 Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	blogs Show response www.tumgir.com/api/tumblr/trending/	347 KB 54 KB	1514ms 1514ms	Fetch application/json	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/api/tumblr/trending/blogs Requested by Host: www.tumgir.com URL: https://www.tumgir.com/_next/static/chunks/pages/_app-ec7224a5f47129d4.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 7cf4e9a92ae03e77be77344ffa8f315d95b45e8569abbc34ff8b90b83c7daabf Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:38 GMT Content-Encoding gzip Server nginx/1.18.0 (Ubuntu) ETag "56cb5-N/IDUMnFFYXXEwcdYwuE3MJ0WUQ" Vary Accept-Encoding Content-Type application/json; charset=utf-8 Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	index-fafc30d93898c907.js www.tumgir.com/_next/static/chunks/pages/	0 2 KB	96ms 96ms	Other application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/chunks/pages/index-fafc30d93898c907.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:36 GMT Content-Encoding gzip Last-Modified Wed, 17 Nov 2021 16:55:22 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"bf0-17d2ed30b57" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	about-3501640c6fc85760.js www.tumgir.com/_next/static/chunks/pages/static/	0 1 KB	97ms 96ms	Other application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/chunks/pages/static/about-3501640c6fc85760.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:36 GMT Content-Encoding gzip Last-Modified Thu, 11 Nov 2021 22:34:07 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"550-17d11230342" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	privacy-policy-1a7b93fcb52325c1.js www.tumgir.com/_next/static/chunks/pages/static/	0 2 KB	97ms 96ms	Other application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/chunks/pages/static/privacy-policy-1a7b93fcb52325c1.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:36 GMT Content-Encoding gzip Last-Modified Thu, 11 Nov 2021 22:31:40 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"13c8-17d1120c5f8" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	%5Bname%5D-49c31a9cecc012b6.js www.tumgir.com/_next/static/chunks/pages/	0 2 KB	108ms 108ms	Other application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/chunks/pages/%5Bname%5D-49c31a9cecc012b6.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:36 GMT Content-Encoding gzip Last-Modified Wed, 17 Nov 2021 16:56:37 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"d93-17d2ed4300a" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive
GET H2	200	WnNqYWMhURkWPC8BBkNZeBseFRMpSUVOFC0ERBUWNxQDE005HAdOEC1dABJBdlEZDAV4SVtNQSkeHENZeEdEUUF2UR4ABAUaDkNZeEteV1RrQ0hNQSkGCD4KPkFIW0FqSw9UUGpCCExbO0ZSTFc%2BQ1hMAW8WCUxVbxJSVFdsFQgEAmxRFw Show response mefagetobri.top/	56 KB 23 KB	326ms 112ms	Script application/javascript	107.22.28.167 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mefagetobri.top/WnNqYWMhURkWPC8BBkNZeBseFRMpSUVOFC0ERBUWNxQDE005HAdOEC1dABJBdlEZDAV4SVtNQSkeHENZeEdEUUF2UR4ABAUaDkNZeEteV1RrQ0hNQSkGCD4KPkFIW0FqSw9UUGpCCExbO0ZSTFc%2BQ1hMAW8WCUxVbxJSVFdsFQgEAmxRFw Requested by Host: www.tumgir.com URL: https://www.tumgir.com/sw.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-22-28-167.compute-1.amazonaws.com Software / Express Resource Hash 407dacba66f573c85081f1321f84d1b330fb33a1ced1cc896a04c79ea42a4d74 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-encoding gzip etag W/"e0f1-Yh1IUPp1YDCROdsYuFkjTGAZdUY" x-powered-by Express vary Accept-Encoding access-control-allow-methods GET, POST content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-headers X-Requested-With,content-type
GET H2	200	GkIwDjAdTn4RJFBbNx4sAVo5QXcrA3ZUYF8GcBMsA1I3EzZIBGgKMUgEaFV1QwZ9VwdIBGgTLAMAbEF2LxNqVD1bAnFBd11XKB-QpCEE9Bi4EQn1WA1gFb0p2WxNqVG0GXiwJKUgEG0F3XVoxDyBIBGgDIA5dN01gXwY7DDcCWz1BdysPbkp1QwJuUnFDD2tBd11F... Show response d18g6t7whf8ejf.cloudfront.net/9NlhkRW1VNwojUkIxAHhVA2tQdVgQMhcqA0ZlAgIVcjsXCwBafhA/CQtoQikMWD9ZYwhYO1l0S1c8BnhZECwUKgYLPBI/ Frame 6C83	565 B 717 B	164ms 164ms	Script text/plain	13.224.194.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d18g6t7whf8ejf.cloudfront.net/9NlhkRW1VNwojUkIxAHhVA2tQdVgQMhcqA0ZlAgIVcjsXCwBafhA/CQtoQikMWD9ZYwhYO1l0S1c8BnhZECwUKgYLPBI/GkIwDjAdTn4RJFBbNx4sAVo5QXcrA3ZUYF8GcBMsA1I3EzZIBGgKMUgEaFV1QwZ9VwdIBGgTLAMAbEF2LxNqVD1bAnFBd11XKB-QpCEE9Bi4EQn1WA1gFb0p2WxNqVG0GXiwJKUgEG0F3XVoxDyBIBGgDIA5dN01gXwY7DDcCWz1BdysPbkp1QwJuUnFDD2tBd11FOQIkH199VgNYBW9KdlsQLVk Requested by Host: terhousoo.com URL: https://terhousoo.com/N29QTndWDTMjSFZSMmgCRQNta0VxSmIIEwZXN3gDABg4KE9SBTZgFFsAJSoRRQA+OllZCiRrRXFWHiIfXD0HfyF5GD8kIlwmKA8/XzkRfANmCwYpJnoHMz82BzU8DxB+OTMkBG8sJwwWUQcRa0VxLAE6GGYGOwMgc1YKFwBfNh9/Gwc8YS1PdQE4FDJ0GAUFEG4jAAw+El0WCRx+GBQkNlM7PnolfSkSLDlPWyMPIVhaARYURS5jFCJuKWgJFHUiIw9GflwVNC1+LRcpPHo6NwsWcTlhHwBtVgY5E34tFykjey4dDxVyKWICD3keBgpGVS4+CDVTXmEWPHVCAT40cippDB4DKgEgRmAuYSkxVV8gfCBPISEYMAcoCCcAfSQFKTJwXxZ9L2EAKAoOdSYSCRBzJhF7E3lfYSkvQDZnCjNULAc0RnULKT0nVQQgfyZAJSUbGXErFHwDdQthfzF4PhklPwZWaRgQeTYSGU58Czw9Jns5O2gdRAA+PkpRKCgKFEQhPSI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.194.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-128.fra2.r.cloudfront.net Software / Resource Hash 3b1fbca6e794b0761226567f14e40efbd616cd239a544ad68608b2c15b4d4239 Request headers Accept-Language de-DE,de;q=0.9 Referer https://terhousoo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:36 GMT content-encoding gzip x-amz-cf-pop FRA2-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 442 via 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront) x-amz-cf-id EvtntOQt0CrrrvGrdr8_3jpMh8qsNK-aXpqTegHi6HuY8Uqq8_eXmQ==
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 136 B	296ms 96ms	XHR text/plain	54.164.123.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.123.106 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-123-106.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.tumgir.com date Tue, 14 Dec 2021 15:14:37 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H2	200	css2 fonts.googleapis.com/	2 KB 1 KB	132ms 44ms	Stylesheet text/css	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 14 Dec 2021 14:46:10 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 14 Dec 2021 15:14:36 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 14 Dec 2021 15:14:36 GMT
GET H2	200	hls.min.js Show response player.avplayer.com/script/2/2.55/libs/	247 KB 71 KB	49ms 7ms	Script application/javascript	2a02:26f0:6c00::210:bb21 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://player.avplayer.com/script/2/2.55/libs/hls.min.js Requested by Host: player.ex.co URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:bb21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:36 GMT content-encoding gzip x-guploader-uploadid ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 71831 last-modified Sun, 10 Jan 2021 14:52:52 GMT server UploadServer etag "7888b98658e8cef4a98786556ccdab66" vary Accept-Encoding x-goog-hash crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg== content-language en x-goog-generation 1610290372874389 cache-control public, max-age=300 x-goog-stored-content-length 71831 accept-ranges bytes content-type application/javascript expires Tue, 14 Dec 2021 15:19:36 GMT
GET DATA	200 OK	truncated /	216 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	385 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	237 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	238 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	411 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	240 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	AVmanager.js Show response player.aniview.com/script/6.1/ Frame 478C	365 KB 103 KB	47ms 14ms	Script application/javascript	2a02:26f0:6c00:2ab::2c79 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Requested by Host: player.ex.co URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 0092b2b2a89deb98cb1a154fa658a05a85fb13c18cb8473f1c19b4eded77f9b3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:36 GMT content-encoding gzip x-guploader-uploadid ADPycduPkGI6zRbKh9Bp6Sa56jwJQQakWB3RUQ1DVt2sOWY5XDSb3tP00Ksntsg8IZvkO9SGESWjcp4YdV8xctKnNCvIPeKqzA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 105169 last-modified Sun, 12 Dec 2021 09:09:43 GMT server UploadServer etag "89cb1bd7c45e3ebc8adc7440dc66b75a" vary Accept-Encoding x-goog-hash crc32c=b4Z3JA==, md5=icsb18RePryK3HRA3Ga3Wg== content-language en access-control-allow-origin * x-goog-generation 1639300183361749 access-control-expose-headers Content-Type cache-control no-transform, max-age=300 x-goog-stored-content-length 105169 accept-ranges bytes content-type application/javascript expires Tue, 14 Dec 2021 15:19:36 GMT
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 137 B	236ms 96ms	XHR text/plain	54.164.123.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.123.106 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-123-106.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.tumgir.com date Tue, 14 Dec 2021 15:14:37 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H2	200	track atrack.avplayer.com/	0 71 B	306ms 98ms	Image text/plain	34.224.231.98 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M16&cb=1639494876928&cid=60a0c4acce284b4c1059cbe8&VERSION=4.107.0&AV_PAGE_LOAD_UID=a769710f-4039-4072-81cb-d295cbbd18c8&AV_CDIM4=a769710f-4039-4072-81cb-d295cbbd18c8&AV_ABTEST_TEMPLATE_WIGHT=50&AV_CDIM6=50&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.224.231.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-224-231-98.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:37 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H2	200	layers.fa6cd1947ce26e890d3d.js Show response s7.addthis.com/static/	263 KB 76 KB	9ms 9ms	Script application/javascript	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip last-modified Mon, 26 Oct 2020 18:11:48 GMT server nginx/1.15.8 etag W/"5f971164-41cf5" vary Accept-Encoding content-type application/javascript cache-control public, max-age=86313600 date Tue, 14 Dec 2021 15:14:36 GMT x-host s7.addthis.com timing-allow-origin * content-length 77617
GET H3	204	CE0Vf34XWFdsfQ1FU2Q6BFpQc3cJUlN6fwxaVnZ7C00XMi5eVlJkP00fD39+D1hadnYNU1R0dg1S peukasrsih.com/OWtjQk8WVAAxcmszOTAVYT0bEAkAOjEsHXgzNRgCXS4tFhlsPkU2Jl1WWnB+DFlbZD9QD15zaUofAjY6SlZQcn8ITQosKVZWU3J/	0 554 B	135ms 118ms	Image text/plain	2606:4700:3030::6815:3b8f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://peukasrsih.com/OWtjQk8WVAAxcmszOTAVYT0bEAkAOjEsHXgzNRgCXS4tFhlsPkU2Jl1WWnB+DFlbZD9QD15zaUofAjY6SlZQcn8ITQosKVZWU3J/CE0Vf34XWFdsfQ1FU2Q6BFpQc3cJUlN6fwxaVnZ7C00XMi5eVlJkP00fD39+D1hadnYNU1R0dg1S Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3b8f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:37 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C76mXUbw0zAIXqcvzL%2B44MLN20E%2FX9QKg%2FQo3VvTcJaSvZ4P526UOZp%2FjQuSkqa15vJaG4fp8mdkSoPjXHF%2Fj0mNTCJU5eOymzwNEMl0h%2BFn5IAdqFcii54g9nTxbBSZjlfH8NYkDPcUPvUX3Q%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6bd862050d345b6e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	vdDJBdjUXXS8QCgBbJUsMRgN0RA1SWDIZWwQPDg9XGgQrP0EsXyAgWUFmZwJPEA9xUFkVXCZLExFcIksEUlMlFAhAFDUGWh8PKhxRA0IxDFEdV2cDVElfLgxcGF4gUwcyB29GEEYCaQFcGlYuAUZRAHEYQVEAcUcFWgJkRXdRAHEBXBoEdVMGNhdzRk1CBm-hTB0R... Show response dmmzkfd82wayn.cloudfront.net/ Frame 60EC	939 B 914 B	158ms 158ms	Script text/plain	2600:9000:21f3:1e00:6:2e3c:5fc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dmmzkfd82wayn.cloudfront.net/vdDJBdjUXXS8QCgBbJUsMRgN0RA1SWDIZWwQPDg9XGgQrP0EsXyAgWUFmZwJPEA9xUFkVXCZLExFcIksEUlMlFAhAFDUGWh8PKhxRA0IxDFEdV2cDVElfLgxcGF4gUwcyB29GEEYCaQFcGlYuAUZRAHEYQVEAcUcFWgJkRXdRAHEBXBoEdVMGNhdzRk1CBm-hTB0RTMQZZEUUkFF4dRmREc0EBdlgGQhdzRh0fWjUbWVEAAlMHRF4oHVBRAHERUBdZLl8QRgIiHkcbXyRTBzILd1gFWgZ3QAFaC3JTB0RBIBBUBltkRHNBAXZYBkIUNEs Requested by Host: terhousoo.com URL: https://terhousoo.com/blFvSncPMwwnSA9sDWwCHD1Sb0UodF0MEwM8FSERCmldPRYXP0EpGwEkCywFAT8bZBkLJUp4MRg1KwA1Cjs6Ei89aT4JECwzJR8EIwMIBEc8EF4ZICoYNR0APwErLU42FggbBT5hKjkvFxAIHSIoPDU9PT4ULnMPOxcEHC8tCyMPDygyJiEEKwQDBxsoEAcLMSoEKB0fVgEkIg88EF8DDyoXKi4hXDIrHDICNyMtDw0WKX4QOyYMMzVcaCgPMjcSDhsxDRYDEwIvBDUYNiYUNhshKxAMHxQoBggAHDwJCxg2JhQtEjUBFAscOikfBy4NPDpeCTUDfAceNV4DOwcmNAsqHyIFFyl+Ezw8PQ8UXhQtLhsJFj4iExQDB3oROTs6KCA4FC4LGyMZPQxDARk5CCUvGSoYIiw1NQYbVgA9LT4HGQQpFTYoPR41FBgjLkYJFzgtLV0ALgwWLWIlHjVeAy0DNSwELSYDBQMnBDUvCTUTNQUYOgQyHXcFORgAIVIFDgw/WSA+GgkCKyECZDs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:1e00:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 6e436ee356fe184003139b836b104f1d576c6a22c8a4e7a0411138b8453ac008 Request headers Accept-Language de-DE,de;q=0.9 Referer https://terhousoo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:37 GMT content-encoding gzip x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 637 via 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront) x-amz-cf-id OOZhf4wrF9Yg3FPvlJGlp9qkBcZM3SnZm_ouk1wIkNMsktNVZeGygg==
POST H2	200	shares-post.json Show response api-public.addthis.com/url/serviceapi/	2 B 268 B	222ms 157ms	XHR application/json	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-type text/plain Response headers strict-transport-security max-age=15724800; includeSubDomains surrogate-key sFbt=https://www.tumgir.com/tag/NordVPN%20free last-modified Tue, 14 Dec 2021 15:00:00 GMT server nginx/1.15.8 date Tue, 14 Dec 2021 15:14:37 GMT content-type application/json access-control-allow-origin https://www.tumgir.com cache-control no-transform, max-age=0, s-maxage=14400 access-control-allow-credentials true content-length 2
GET H2	200	shares.json Show response api-public.addthis.com/url/	33 B 294 B	256ms 190ms	Script application/json	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&callback=_ate.cbs.rcb_i7p10 Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash b3ca13230def12c2d0340b104a0849b20c7cadde81fe66029e8fb25f80ddbbfb Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip surrogate-key www.tumgir.com/tag/nordvpn%20free last-modified Tue, 14 Dec 2021 15:14:37 GMT server nginx/1.15.8 date Tue, 14 Dec 2021 15:14:37 GMT vary Accept-Encoding content-type application/json cache-control no-transform, must-revalidate, max-age=0, s-maxage=3600 content-length 53
GET H2	200	shares.json Show response api-public.addthis.com/url/	33 B 294 B	257ms 192ms	Script application/json	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&callback=_ate.cbs.rcb_6bex0 Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 02d24fd47ca296c77931e1c43134bf0b9c4377e2a3cfe76291f3852257a6316a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip surrogate-key www.tumgir.com/tag/nordvpn%20free last-modified Tue, 14 Dec 2021 15:14:37 GMT server nginx/1.15.8 date Tue, 14 Dec 2021 15:14:37 GMT vary Accept-Encoding content-type application/json cache-control no-transform, must-revalidate, max-age=0, s-maxage=3600 content-length 53
GET DATA	200 OK	truncated /	443 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/png
GET H3	200	KFOmCnqEu92Fr1Mu7GxKOzY.woff2 fonts.gstatic.com/s/roboto/v29/	12 KB 12 KB	39ms 39ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.tumgir.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 11:23:17 GMT x-content-type-options nosniff age 13880 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11860 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:24 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 14 Dec 2022 11:23:17 GMT
GET H2	200	track track1.aniview.com/	0 71 B	296ms 96ms	Image text/plain	18.213.6.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?r=www.tumgir.com&sn=&cd4=a769710f-4039-4072-81cb-d295cbbd18c8&cd5=default&cd6=50&cd7=main&ic=0&tgt=0&app=&wi=531&he=299&test=&d36=6.1.2.91&apppkg=&fv=1&proto=https&pid=56ea678d181f46c76f8b45fb&cid=60a0c4acce284b4c1059cbe8&stagid=&stplid=&e=inventory&vi=100&cb=1639494877076 Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-6-218.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:37 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H/1.1	200 OK	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.m3u8 Show response mcd.ex.co/video/upload/sp_hd/v1490095101/	1 KB 2 KB	52ms 7ms	XHR application/x-mpegurl	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.m3u8 Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 56b2046eea8418d2661b5780a7b4228805f10299fd9eebf3edbff8eae1c50d14 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Last-Modified Sun, 06 Jun 2021 09:41:30 GMT Server cloudinary X-Timer S1638938334.908860,VS0,VE1 ETag "524e1b4f8e4ee75f050c54bcff3449c1" X-Served-By cache-wdc5558-WDC Content-Type application/x-mpegURL Access-Control-Allow-Origin * Cache-Control public, max-age=31001025 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With Content-Length 1128 X-Cache-Hits 1
GET H/1.1	200 OK	%5Bname%5D-49c31a9cecc012b6.js Show response www.tumgir.com/_next/static/chunks/pages/	3 KB 2 KB	108ms 108ms	Script application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/chunks/pages/%5Bname%5D-49c31a9cecc012b6.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 3dece685b5f01b1a1a47c89706b9bb6e156edca56c99793271b13a82209a053b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Content-Encoding gzip Last-Modified Wed, 17 Nov 2021 16:56:37 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"d93-17d2ed4300a" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	index-fafc30d93898c907.js Show response www.tumgir.com/_next/static/chunks/pages/	3 KB 2 KB	96ms 96ms	Script application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/chunks/pages/index-fafc30d93898c907.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 6cb77653f129d93e740f0303e5ee82f8565f7d432d4c4a1f4e85a128050967e9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Content-Encoding gzip Last-Modified Wed, 17 Nov 2021 16:55:22 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"bf0-17d2ed30b57" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	about-3501640c6fc85760.js Show response www.tumgir.com/_next/static/chunks/pages/static/	1 KB 1 KB	96ms 96ms	Script application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/chunks/pages/static/about-3501640c6fc85760.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 344a91e54490d605b83bf9c3a1b7d16ebcc61b6caa828c3aa2d7823b24ce8278 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Content-Encoding gzip Last-Modified Thu, 11 Nov 2021 22:34:07 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"550-17d11230342" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	privacy-policy-1a7b93fcb52325c1.js Show response www.tumgir.com/_next/static/chunks/pages/static/	5 KB 2 KB	96ms 96ms	Script application/javascript	167.71.185.16 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/_next/static/chunks/pages/static/privacy-policy-1a7b93fcb52325c1.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash a9d882997ec60e3829e71a8ec3c7f77e2ac8d8408aa26beb6ecc80dea0d9fcfe Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/tag/NordVPN%20free User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Content-Encoding gzip Last-Modified Thu, 11 Nov 2021 22:31:40 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"13c8-17d1120c5f8" X-Cache-Status HIT Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive
GET H2	200	/ Show response premiumsrv.aniview.com/api/adserver/tag/	44 KB 5 KB	333ms 125ms	XHR application/json	75.101.235.47 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.107.0&AV_PAGE_LOAD_UID=a769710f-4039-4072-81cb-d295cbbd18c8&AV_CDIM4=a769710f-4039-4072-81cb-d295cbbd18c8&AV_ABTEST_TEMPLATE_WIGHT=50&AV_CDIM6=50&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=60a0c4acce284b4c1059cbe8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.tumgir.com&AV_DADPOS=1&d36=6.1.2.91&responsive=1&sver=1&avtoken=877075&AV_WIDTH=531&AV_HEIGHT=299&AV_DNT=0&cb=1639494877087 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.101.235.47 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-75-101-235-47.compute-1.amazonaws.com Software / Resource Hash 5ad3f96618ac49a2c2362b90776beb07c84428daf1907063871fa458c5376086 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:37 GMT content-encoding gzip vary Accept-Encoding content-type application/json access-control-allow-origin https://www.tumgir.com cache-control no-cache access-control-allow-credentials true expires Fri, 03 Dec 2021 01:27:57 GMT
GET H3	200	KFOmCnqEu92Fr1Mu7WxKOzY.woff2 fonts.gstatic.com/s/roboto/v29/	5 KB 5 KB	39ms 39ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fb56f0e08adb026eb4e4b28c2fc33b35ce3ddf30a075f9906ec14caff095fa3c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.tumgir.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 08 Dec 2021 20:20:55 GMT x-content-type-options nosniff age 500022 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5540 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 08 Dec 2022 20:20:55 GMT
GET H/1.1	200 OK	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.m3u8 Show response mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1583944588/	2 KB 3 KB	7ms 7ms	XHR application/x-mpegurl	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.m3u8 Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 580e3635dd0653797a650a2633e9473f70878e3a24ea9aa37f425f1c52e27902 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Last-Modified Thu, 27 May 2021 23:45:44 GMT Server cloudinary X-Timer S1638938260.765591,VS0,VE1 ETag "ceb904b20a188d6b12c1c76a48d9c45c" X-Served-By cache-wdc5531-WDC Content-Type application/x-mpegURL Access-Control-Allow-Origin * Cache-Control public, max-age=31000965 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With Content-Length 2122 X-Cache-Hits 1
OPTIONS H/1.1	200 OK	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1583944588/ Frame	0 0	8ms 8ms	Preflight text/html	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www.tumgir.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Tue, 14 Dec 2021 15:14:37 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Show response mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1583944588/	83 KB 83 KB	8ms 8ms	XHR video/mp2t	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash e8ed8fc8158aad27cc907aac99f6d3e9dca1cb28e5ff4eee183e4ec2cf333712 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=0-84787 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Cache-Tag 344244065305281221549964677194789729468,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31 Content-Range bytes 0-84787/1738436 Connection keep-alive Content-Length 84788 X-Served-By cache-wdc5531-WDC Last-Modified Thu, 27 May 2021 23:45:44 GMT Server cloudinary X-Timer S1638938179.607606,VS0,VE129 ETag "6a29cf3d6ef2dfae7ae9ee92008fa179" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31000871 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
GET BLOB	200 OK	dd3b3ca3-5dae-4efd-b38f-05cbfbfe757f https://www.tumgir.com/	63 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.tumgir.com/dd3b3ca3-5dae-4efd-b38f-05cbfbfe757f Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Length 64352 Content-Type text/javascript
GET H/1.1	200 OK	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.m3u8 Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/	2 KB 3 KB	7ms 7ms	XHR application/x-mpegurl	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.m3u8 Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash c5f9389bd572e3a6622aaf47bb85d17d3dcafd52e3d5f0189a4a544fa478d44c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Last-Modified Sun, 06 Jun 2021 09:41:06 GMT Server cloudinary X-Timer S1638938260.128420,VS0,VE1 ETag "8a8d1e38cce4ec234f9918cd31306aa3" X-Served-By cache-wdc5531-WDC Content-Type application/x-mpegURL Access-Control-Allow-Origin * Cache-Control public, max-age=31000947 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With Content-Length 2135 X-Cache-Hits 1
OPTIONS H/1.1	200 OK	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/ Frame	0 0	7ms 7ms	Preflight text/html	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www.tumgir.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Tue, 14 Dec 2021 15:14:37 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/	128 KB 128 KB	7ms 7ms	XHR video/mp2t	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 82bf627d2d2682c5934605d27cb627c399f0ebda6dbd1f6158e44d670936697d Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=0-130847 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Cache-Tag 344244065305281221549964677194789729468,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31 Content-Range bytes 0-130847/3449988 Connection keep-alive Content-Length 130848 X-Served-By cache-wdc5558-WDC Last-Modified Thu, 27 May 2021 23:46:32 GMT Server cloudinary X-Timer S1638938305.115410,VS0,VE0 ETag "402257fc52be17d900f071856c2e2c51" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31001037 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 1
GET H3	200	popunder.gif peukasrsih.com/	35 B 636 B	16ms 16ms	Image image/gif	2606:4700:3030::6815:3b8f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://peukasrsih.com/popunder.gif Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/NordVPN%20free Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3b8f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma public date Tue, 14 Dec 2021 15:14:37 GMT cf-cache-status HIT last-modified Mon, 13 Dec 2021 07:41:56 GMT server cloudflare age 113561 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLnPPWFn6rWT4GgTuIYWN7yV0zmhSjvWNOauRbpWjv2nG3XOS51y3yeTXk78QLmFE8oZbZjav%2FBvDuoNjTza0s3x5%2F0qqwmyRygOB0EdyjC5uBGqA4j%2FKVHKWe2Dq37eKV%2FvykQKb%2BociTn7Uw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6bd86206984d5b6e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
POST H3	204	AU1mB3AWBDRBIxZNZwVmUlY8WzAKTWcTIFhAew14U15lEyNYRWwGZFNBYQVjU0hmDW9QViFFNwJNZBMmEQQ5CGdTQ2wBb1FIYgJkVkU peukasrsih.com/VmVwVTV5WhMmCAULKhNUE1wJBG0UARZmWR4BJhMBNVU6ImAeBlYhXDJYSGAHb1JEc0U/	0 511 B	112ms 111ms	Ping text/plain	2606:4700:3030::6815:3b8f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peukasrsih.com/VmVwVTV5WhMmCAULKhNUE1wJBG0UARZmWR4BJhMBNVU6ImAeBlYhXDJYSGAHb1JEc0U/AU1mB3AWBDRBIxZNZwVmUlY8WzAKTWcTIFhAew14U15lEyNYRWwGZFNBYQVjU0hmDW9QViFFNwJNZBMmEQQ5CGdTQ2wBb1FIYgJkVkU Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3b8f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 14 Dec 2021 15:14:37 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaslevSKis%2BhBdpaVugNiF6Pow%2FKRI%2B0%2Fbk2x2si2zL8WazcmY85zj5Z3i1XTiWJzTLw9D%2FMgdyJxOd8RNjlc0bm7FM5mfuL3shafg182FMdzsPhg875NUeVfyj6cSO7f3iLxHupjct3rYE0cQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6bd86206c8985b6e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	floater Show response terhousoo.com/	2 KB 2 KB	584ms 584ms	XHR text/plain	18.66.112.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://terhousoo.com/floater?cs=S3ZxVGZzQURhVnhHQW1RckJEbF4&abt=0&red=1&sm=83&k=nordvpn%20free%20explore%20tumblr%20posts%20blogs%20tumgir&v=0.8.6.0&sts=0&prn=0&emb=0&tid=852974&u=593261405683895&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F96.0.4664.93%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td1_oi1_&_Z06R=1639494877235&crc=1 Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-3.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 0626a985ecd0ee900fd2272ea3d62aa5e98b037dd034556dc3c179fb46fdb156 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:37 GMT content-encoding gzip server openresty/1.17.8.2 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tumgir.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version content-type text/plain content-length 1086 via 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront) x-amz-cf-id i63LslDPrKndGi3g_vuiHfK3O8-Mqyu6Nohh1TrmYl97hIpRPyw4aA==
GET H2	200	multi Show response terhousoo.com/	3 KB 2 KB	100ms 100ms	XHR text/plain	18.66.112.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://terhousoo.com/multi?cs=QXhNcEp5TX9FfXVLfUd%2FeUp%2FQ38&abt=0&red=1&sm=76&k=nordvpn%20free%20explore%20tumblr%20posts%20blogs%20tumgir&v=1.0.55.0&sts=0&prn=0&emb=0&tid=853405&u=593261405683895&fs=1&ref=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F96.0.4664.93%20safari%2F537.36&tzd=0&uloc=&if=0&_wApr=1639494877236&crc=1 Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-3.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash da6a69c5491809ab661cadd77adc68c9759fa64acf80b94cf8c72d30cd61a5e3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:37 GMT content-encoding gzip server openresty/1.17.8.2 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tumgir.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version content-type text/plain content-length 1365 via 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront) x-amz-cf-id iuvGGyfFknLqwT6v-0lkwOEoQpK4mlE-rFfNKLYubVNa-xoZeqKLEQ==
GET H2	204	utx Show response oranopportu.com/	0 492 B	124ms 97ms	XHR text/plain	18.66.139.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://oranopportu.com/utx?tid=846710&top=www.tumgir.com&cb=70Rm4SQ6KVCf Requested by Host: mefagetobri.top URL: https://mefagetobri.top/WnNqYWMhURkWPC8BBkNZeBseFRMpSUVOFC0ERBUWNxQDE005HAdOEC1dABJBdlEZDAV4SVtNQSkeHENZeEdEUUF2UR4ABAUaDkNZeEteV1RrQ0hNQSkGCD4KPkFIW0FqSw9UUGpCCExbO0ZSTFc%2BQ1hMAW8WCUxVbxJSVFdsFQgEAmxRFw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-34.fra60.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:37 GMT via 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA60-P4 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tumgir.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id KfaD3-CWkKYpXVQBzCE8g5EDbvVNHqWk-fkxDtTYLDisVBnFIkYjOw==
OPTIONS H/1.1	200 OK	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/ Frame	0 0	7ms 6ms	Preflight text/html	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www.tumgir.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Tue, 14 Dec 2021 15:14:37 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/	187 KB 187 KB	9ms 8ms	XHR video/mp2t	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 1a8d6ce628d60908d81e9cbab244cfcface83b2cf86795a82247c8ffdba0c55f Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=130848-322043 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Cache-Tag 344244065305281221549964677194789729468,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31 Content-Range bytes 130848-322043/3449988 Connection keep-alive Content-Length 191196 X-Served-By cache-wdc5558-WDC Last-Modified Thu, 27 May 2021 23:46:32 GMT Server cloudinary X-Timer S1638938305.115410,VS0,VE0 ETag "402257fc52be17d900f071856c2e2c51" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31001037 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 1
POST H2	200	/ Show response assumedadel.xyz/	0 37 B	301ms 98ms	XHR text/plain	44.195.137.121 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://assumedadel.xyz/ Requested by Host: mefagetobri.top URL: https://mefagetobri.top/WnNqYWMhURkWPC8BBkNZeBseFRMpSUVOFC0ERBUWNxQDE005HAdOEC1dABJBdlEZDAV4SVtNQSkeHENZeEdEUUF2UR4ABAUaDkNZeEteV1RrQ0hNQSkGCD4KPkFIW0FqSw9UUGpCCExbO0ZSTFc%2BQ1hMAW8WCUxVbxJSVFdsFQgEAmxRFw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-137-121.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * content-length 0
GET DATA	200 OK	truncated /	552 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 15 KB	39ms 39ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.tumgir.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 08 Dec 2021 01:54:06 GMT x-content-type-options nosniff age 566431 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 08 Dec 2022 01:54:06 GMT
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 136 B	96ms 96ms	XHR text/plain	54.164.123.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.123.106 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-123-106.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.tumgir.com date Tue, 14 Dec 2021 15:14:37 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H/1.1	206 Partial Content	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/	167 KB 167 KB	11ms 10ms	XHR video/mp2t	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 7d73bd0d34d0ec8e0b9f6f24bddf802e50bb7f432a008eeef07e6a7aca561291 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=322044-492747 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Cache-Tag 344244065305281221549964677194789729468,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31 Content-Range bytes 322044-492747/3449988 Connection keep-alive Content-Length 170704 X-Served-By cache-wdc5558-WDC Last-Modified Thu, 27 May 2021 23:46:32 GMT Server cloudinary X-Timer S1638938305.115410,VS0,VE0 ETag "402257fc52be17d900f071856c2e2c51" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31001037 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 1
OPTIONS H/1.1	200 OK	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/ Frame	0 0	7ms 7ms	Preflight text/html	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www.tumgir.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Tue, 14 Dec 2021 15:14:37 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/	248 KB 248 KB	7ms 7ms	XHR video/mp2t	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 7e074b6b6d1139c69920d14c66b458833e4d012a3e4f6c99dfe301a60d05805d Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=492748-746359 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Cache-Tag 344244065305281221549964677194789729468,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31 Content-Range bytes 492748-746359/3449988 Connection keep-alive Content-Length 253612 X-Served-By cache-wdc5558-WDC Last-Modified Thu, 27 May 2021 23:46:32 GMT Server cloudinary X-Timer S1638938305.115410,VS0,VE0 ETag "402257fc52be17d900f071856c2e2c51" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31001037 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 1
OPTIONS H/1.1	200 OK	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/ Frame	0 0	8ms 8ms	Preflight text/html	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www.tumgir.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Tue, 14 Dec 2021 15:14:37 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
OPTIONS H/1.1	200 OK	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/ Frame	0 0	7ms 7ms	Preflight text/html	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www.tumgir.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Tue, 14 Dec 2021 15:14:37 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/	207 KB 207 KB	7ms 7ms	XHR video/mp2t	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 02af9643ad546afc9633ea13b2d848a519a476d64b832416699073ca2e21fe86 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=746360-957859 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Cache-Tag 344244065305281221549964677194789729468,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31 Content-Range bytes 746360-957859/3449988 Connection keep-alive Content-Length 211500 X-Served-By cache-wdc5558-WDC Last-Modified Thu, 27 May 2021 23:46:32 GMT Server cloudinary X-Timer S1638938305.115410,VS0,VE0 ETag "402257fc52be17d900f071856c2e2c51" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31001037 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 1
GET H/1.1	206 Partial Content	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/	142 KB 142 KB	7ms 7ms	XHR video/mp2t	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 4ab52005776391782f5543927ef54e85e98ba440ebc656fbfc1e3b5b5857fb00 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=957860-1102995 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Cache-Tag 344244065305281221549964677194789729468,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31 Content-Range bytes 957860-1102995/3449988 Connection keep-alive Content-Length 145136 X-Served-By cache-wdc5558-WDC Last-Modified Thu, 27 May 2021 23:46:32 GMT Server cloudinary X-Timer S1638938305.115410,VS0,VE0 ETag "402257fc52be17d900f071856c2e2c51" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31001037 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 1
OPTIONS H/1.1	200 OK	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/ Frame	0 0	7ms 6ms	Preflight text/html	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www.tumgir.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Tue, 14 Dec 2021 15:14:37 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 7154	14 KB 5 KB	54ms 8ms	Document text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D1%26key%3D Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers last-modified Tue, 15 Jun 2021 06:08:03 GMT etag "1300708-3945-5c4c7cc02bd56" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 5054 content-type text/html; charset=UTF-8 cache-control max-age=61054 expires Wed, 15 Dec 2021 08:12:11 GMT date Tue, 14 Dec 2021 15:14:37 GMT vary Accept-Encoding
GET H/1.1	200 OK	usermatch Show response ssum.casalemedia.com/ Frame 9D91 Redirect Chain https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D42%26key%3D https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D42%26key%3D&s=190719&C=1	2 KB 3 KB	28ms 28ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D42%26key%3D&s=190719&C=1 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash f45cc362203df9cdd31f8fe78ca79dddf08466cf445df505f379c31310a126c6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers Server Apache Content-Type text/html Dropped-Udsids 45|230|39|241|8|13|90|31 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Content-Length 1846 Expires Tue, 14 Dec 2021 15:14:37 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Tue, 14 Dec 2021 15:14:37 GMT Connection keep-alive Redirect headers Server Apache Content-Length 379 Content-Type text/html; charset=iso-8859-1 Location https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D42%26key%3D&s=190719&C=1 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Expires Tue, 14 Dec 2021 15:14:37 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Tue, 14 Dec 2021 15:14:37 GMT Connection keep-alive
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame BD8F Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east	281 B 554 B	42ms 6ms	Document text/html	23.79.143.124 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-143-124.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 26 Oct 2021 17:01:05 GMT ETag "40019-119-5cf446c48f640" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Tue, 14 Dec 2021 15:14:37 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east Date Tue, 14 Dec 2021 15:14:37 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H/1.1	204 No Content	merge ce.lijit.com/ Frame AB95	0 0	107ms 34ms	Document text/plain	216.52.2.48 VOXEL-DOT-NET
General Check archive.org Show headers Download Go to Full URL https://ce.lijit.com/merge?pid=&3pid=1639494877342-920230896493-006871-002-005241&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D18%26key%3D%5BSOVRNID%5D Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US), Reverse DNS Software nginx / raptor Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers Server nginx Date Tue, 14 Dec 2021 15:14:37 GMT Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 Pragma no-cache Expires Fri, 20 Mar 2009 00:00:00 GMT P3P CP="CUR ADM OUR NOR STA NID" X-Powered-By raptor X-Sovrn-Pod ad_ap5ams1
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 136 B	96ms 96ms	XHR text/plain	54.164.123.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.123.106 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-123-106.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.tumgir.com date Tue, 14 Dec 2021 15:14:37 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H2	200	avpb3.js Show response player.aniview.com/script/6.1/ Frame 478C	314 KB 98 KB	31ms 31ms	Script application/javascript	2a02:26f0:6c00:2ab::2c79 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://player.aniview.com/script/6.1/avpb3.js Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 90bd71e512a5de39a5e6692747523d000850a9bcd37887effabd90a4207c78ad Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:37 GMT content-encoding gzip x-guploader-uploadid ADPycds251ONBi8vXM075Cv7Gy4QK39_qAvu00XBNEbP3zDMAmE-hz9oNUSZZRWF-5wKMMYypXcv22Pd04eJbPGRP1x58WbR1w x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip content-length 99492 last-modified Sun, 12 Dec 2021 09:08:32 GMT server UploadServer etag "08cd3c37c0bd6034c6de18b37a99eb5f" vary Accept-Encoding x-goog-hash crc32c=MgeckA==, md5=CM08N8C9YDTG3hizepnrXw== content-language en access-control-allow-origin * x-goog-generation 1639300112402204 access-control-expose-headers Content-Type cache-control public, max-age=300 x-goog-stored-content-length 99492 accept-ranges bytes content-type application/javascript expires Tue, 14 Dec 2021 15:19:37 GMT
GET H2	200	vast2 Show response tag.targeting.unrulymedia.com/rmp/236691/0/	168 B 378 B	63ms 16ms	XHR application/xml	213.19.147.42 RHYTHMONE
General Check archive.org Show headers Download Go to Full URL https://tag.targeting.unrulymedia.com/rmp/236691/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&w=531&h=299&cbb=9494877435 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US), Reverse DNS Software Tengine / Resource Hash d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:37 GMT server Tengine content-type application/xml access-control-allow-origin https://www.tumgir.com cache-control private, max-age=0, no-cache, no-store access-control-allow-credentials true content-length 168
GET H2	200	vast2 Show response tag.targeting.unrulymedia.com/rmp/234705/0/	168 B 378 B	82ms 35ms	XHR application/xml	213.19.147.42 RHYTHMONE
General Check archive.org Show headers Download Go to Full URL https://tag.targeting.unrulymedia.com/rmp/234705/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&w=531&h=299&cbb=9494877436 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US), Reverse DNS Software Tengine / Resource Hash d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:37 GMT server Tengine content-type application/xml access-control-allow-origin https://www.tumgir.com cache-control private, max-age=0, no-cache, no-store access-control-allow-credentials true content-length 168
GET H2	200	vast2 Show response tag.targeting.unrulymedia.com/rmp/216513/0/	168 B 378 B	61ms 15ms	XHR application/xml	213.19.147.42 RHYTHMONE
General Check archive.org Show headers Download Go to Full URL https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&w=531&h=299&cbb=9494877436 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US), Reverse DNS Software Tengine / Resource Hash d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:37 GMT server Tengine content-type application/xml access-control-allow-origin https://www.tumgir.com cache-control private, max-age=0, no-cache, no-store access-control-allow-credentials true content-length 168
GET H2	200	vast2 Show response tag.targeting.unrulymedia.com/rmp/236693/0/	168 B 378 B	70ms 24ms	XHR application/xml	213.19.147.42 RHYTHMONE
General Check archive.org Show headers Download Go to Full URL https://tag.targeting.unrulymedia.com/rmp/236693/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&w=531&h=299&cbb=9494877436 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US), Reverse DNS Software Tengine / Resource Hash d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:37 GMT server Tengine content-type application/xml access-control-allow-origin https://www.tumgir.com cache-control private, max-age=0, no-cache, no-store access-control-allow-credentials true content-length 168
GET H2	200	track track1.aniview.com/	0 70 B	101ms 101ms	Image text/plain	18.213.6.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=38935&t=1639494877&cip=185.213.155.177&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1639494877342-920230896493-006871-002-005241&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=34964954111&cd1=4.107.0&cd4=a769710f-4039-4072-81cb-d295cbbd18c8&cd5=default&cd6=50&cd7=main&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&nid=56ea678d181f46c76f8b45fb&ncid=60a0c4acce284b4c1059cbe8&e=request&cb=1639494877438&asid=60a0c4aabd19fc3b905086bf%2C5fa2a98bba80693a416064d7%2C5ee3d57071193a26344a4076%2C5f8c4fcaf3eefc7b4d24fc09%2C60a0c4aa7ae1cb4e6b0eca03%2C60ebfe86a4a7792110515aa4%2C5f06eb963739774ab35ff916%2C60a0c4aafb68616f1841bc65%2C61129c5f0e70e663bd7c5b71%2C60ebfe94ebe867570438e997%2C60c60c3b1731ed2b383f0908%2C5fbe5add3443ef680f0480d7%2C6112a980827c476d02686ca4%2C59f5ee5e28a061016262480e&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C4&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-6-218.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:37 GMT cache-control max-age=0, no-cache, no-store content-length 0
POST H2	200	auction Show response prebid-server.rubiconproject.com/openrtb2/	185 B 409 B	121ms 70ms	XHR application/json	18.198.241.247 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prebid-server.rubiconproject.com/openrtb2/auction Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/avpb3.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.198.241.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-198-241-247.eu-central-1.compute.amazonaws.com Software / Resource Hash 6b149eb516a0fa7f9e2d0327c0a81f55acd11bf49d5c8162e4650a82e3bbdc03 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:37 GMT content-encoding gzip x-prebid pbs-java/1.80.0 content-type application/json access-control-allow-origin https://www.tumgir.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 174 expires 0
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame 7154	0 42 B	62ms 15ms	Script text/plain	198.47.127.19 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60934899&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D1%26key%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:36 GMT content-length 0
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame BD8F	32 KB 10 KB	10ms 9ms	Script text/html	23.79.143.124 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-143-124.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 87eddedd2d5c528960a4851583fd6dd917c1893db2ee14ecbfd4809093ac6a71 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Content-Encoding gzip Last-Modified Mon, 06 Dec 2021 17:06:27 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=57311 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9506 Expires Wed, 15 Dec 2021 07:09:48 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 9D91 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ybi03TOoHBTV4Tc1Q6MomgAA https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Ybi03TOoHBTV4Tc1Q6MomgAA&google_tc= https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHFFQ5hFUhIoBSr8-70Q67g&google_cver=1&gdpr=1	43 B 1001 B	15ms 14ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHFFQ5hFUhIoBSr8-70Q67g&google_cver=1&gdpr=1 Requested by Host: ssum.casalemedia.com URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D42%26key%3D&s=190719&C=1 Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Tue, 14 Dec 2021 15:14:37 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 14 Dec 2021 15:14:37 GMT Redirect headers pragma no-cache date Tue, 14 Dec 2021 15:14:37 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHFFQ5hFUhIoBSr8-70Q67g&google_cver=1&gdpr=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 325 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	usermatchredir ssum-sec.casalemedia.com/ Frame 9D91 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ybi03TOoHBTV4Tc1Q6MomgAABHYAAAIB&gdpr_consent=&us_privacy=&gdpr=1 https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Ybi03TOoHBTV4Tc1Q6MomgAABHYAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOJl9_9N7rFWuQNlSf3TMvk&google_cver=1	43 B 315 B	32ms 10ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOJl9_9N7rFWuQNlSf3TMvk&google_cver=1 Requested by Host: ssum.casalemedia.com URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D42%26key%3D&s=190719&C=1 Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Tue, 14 Dec 2021 15:14:37 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Tue, 14 Dec 2021 15:14:37 GMT Redirect headers pragma no-cache date Tue, 14 Dec 2021 15:14:37 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOJl9_9N7rFWuQNlSf3TMvk&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 343 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame 9D91	70 B 265 B	104ms 32ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?gdpr=1 Requested by Host: ssum.casalemedia.com URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D42%26key%3D&s=190719&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:37 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame 9D91 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybi03TOoHBTV4Tc1Q6MomgAABHYAAAIB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybi03TOoHBTV4Tc1Q6MomgAABHYAAAIB&dcc=t	43 B 645 B	100ms 100ms	Image image/gif	209.54.177.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybi03TOoHBTV4Tc1Q6MomgAABHYAAAIB&dcc=t Requested by Host: ssum.casalemedia.com URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D42%26key%3D&s=190719&C=1 Protocol HTTP/1.1 Server 209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Tue, 14 Dec 2021 15:14:37 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 4AD9QYBVH5J389DD07HZ Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 14 Dec 2021 15:14:37 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid Y8GVBCBDASXTXWH10A15 Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybi03TOoHBTV4Tc1Q6MomgAABHYAAAIB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 9D91 Redirect Chain https://beacon.lynx.cognitivlabs.com/ix.gif https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f5a56d62-497d-4f62-bf51-be27a538f948&expiration=1671030877	43 B 1 KB	18ms 18ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f5a56d62-497d-4f62-bf51-be27a538f948&expiration=1671030877 Requested by Host: ssum.casalemedia.com URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D42%26key%3D&s=190719&C=1 Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Tue, 14 Dec 2021 15:14:37 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 14 Dec 2021 15:14:37 GMT Redirect headers location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f5a56d62-497d-4f62-bf51-be27a538f948&expiration=1671030877 date Tue, 14 Dec 2021 15:14:37 GMT server Kestrel content-length 0
GET		indexexchange sync.adotmob.com/cookie/ Frame 9D91	0 0
GET H2	204	no_match_opted_out um.simpli.fi/ Frame 9D91 Redirect Chain https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 https://um.simpli.fi/no_match_opted_out	0 278 B	14ms 14ms	Image text/plain	169.50.137.184 SOFTLAYER
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/no_match_opted_out Requested by Host: ssum.casalemedia.com URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D42%26key%3D&s=190719&C=1 Protocol H2 Server 169.50.137.184 , United States, ASN36351 (SOFTLAYER, US), Reverse DNS b8.89.32a9.ip4.static.sl-reverse.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers access-control-allow-origin * date Tue, 14 Dec 2021 15:14:37 GMT x-content-type-options nosniff server nginx access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS Redirect headers date Tue, 14 Dec 2021 15:14:37 GMT x-content-type-options nosniff server nginx location /no_match_opted_out strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type text/html access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 138 expires Mon, 13 Dec 2021 15:14:37 GMT
GET H/1.1	200 OK	noop px.owneriq.net/ Frame 9D91 Redirect Chain https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6927812771750264273&uid=Q6927812771750264273&ref=%2Feucm%2Fp%2Fcc https://px.owneriq.net/noop?ct=image%2Fgif	0 287 B	7ms 6ms	Image image/gif	104.111.242.53 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.owneriq.net/noop?ct=image%2Fgif Requested by Host: ssum.casalemedia.com URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D42%26key%3D&s=190719&C=1 Protocol HTTP/1.1 Server 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-242-53.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:37 GMT Server Apache/2.2.15 (CentOS) Connection keep-alive P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" X-Powered-By PHP/5.3.3 Content-Length 0 Content-Type image/gif Redirect headers Location https://px.owneriq.net/noop?ct=image%2Fgif Date Tue, 14 Dec 2021 15:14:37 GMT Server AkamaiGHost Connection keep-alive Content-Length 0
GET H2	200	cookiesyncendpoint sync.aniview.com/ Frame 9D91	0 233 B	304ms 96ms	Image text/plain	52.200.158.235 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.aniview.com/cookiesyncendpoint?auid=1639494877342-920230896493-006871-002-005241&biddername=42&key=Ybi03TOoHBTV4Tc1Q6MomgAA%261142 Requested by Host: ssum.casalemedia.com URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1639494877342-920230896493-006871-002-005241%26biddername%3D42%26key%3D&s=190719&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.200.158.235 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-158-235.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:37 GMT content-length 0
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame BD8F	284 B 536 B	37ms 9ms	Image image/jpg	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost a66cbf3142c6ef39e3614b84a34262cf Content-Type image/jpg
GET H2	200	track track1.aniview.com/	0 70 B	96ms 96ms	Image text/plain	18.213.6.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=38935&t=1639494877&cip=185.213.155.177&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1639494877342-920230896493-006871-002-005241&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=34964954111&cd1=4.107.0&cd4=a769710f-4039-4072-81cb-d295cbbd18c8&cd5=default&cd6=50&cd7=main&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&nid=56ea678d181f46c76f8b45fb&ncid=60a0c4acce284b4c1059cbe8&e=bid&cb=1639494877638&asid=60a0c4aabd19fc3b905086bf%2C5fa2a98bba80693a416064d7%2C5ee3d57071193a26344a4076%2C5f8c4fcaf3eefc7b4d24fc09%2C60a0c4aa7ae1cb4e6b0eca03%2C60ebfe86a4a7792110515aa4%2C5f06eb963739774ab35ff916%2C60a0c4aafb68616f1841bc65%2C60ebfe94ebe867570438e997&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-6-218.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:37 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/ Frame 478C	375 KB 124 KB	149ms 49ms	Script text/javascript	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:37 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 126530 x-xss-protection 0 expires Tue, 14 Dec 2021 15:14:37 GMT
GET H3	200	bridge3.491.0_en.html Show response imasdk.googleapis.com/js/core/ Frame 7BC6	596 KB 194 KB	147ms 100ms	Document text/html	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-length 198240 date Sat, 11 Dec 2021 21:08:33 GMT expires Sun, 11 Dec 2022 21:08:33 GMT last-modified Wed, 08 Dec 2021 17:44:52 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 237965 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	client.js Show response s0.2mdn.net/instream/video/ Frame 478C	44 KB 17 KB	135ms 48ms	Script text/javascript	2a00:1450:4001:808::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/instream/video/client.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:38 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript cache-control private, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16746 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 14 Dec 2021 15:14:38 GMT
GET H3	200	bridge3.491.0_en.html Show response imasdk.googleapis.com/js/core/ Frame 8BCD	596 KB 194 KB	119ms 86ms	Document text/html	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-length 198240 date Sat, 11 Dec 2021 21:08:33 GMT expires Sun, 11 Dec 2022 21:08:33 GMT last-modified Wed, 08 Dec 2021 17:44:52 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 237965 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	bridge3.491.0_en.html Show response imasdk.googleapis.com/js/core/ Frame F9CD	596 KB 194 KB	66ms 40ms	Document text/html	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-length 198240 date Sat, 11 Dec 2021 21:08:33 GMT expires Sun, 11 Dec 2022 21:08:33 GMT last-modified Wed, 08 Dec 2021 17:44:52 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 237965 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	bridge3.491.0_en.html Show response imasdk.googleapis.com/js/core/ Frame 0052	596 KB 194 KB	74ms 56ms	Document text/html	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-length 198240 date Sat, 11 Dec 2021 21:08:33 GMT expires Sun, 11 Dec 2022 21:08:33 GMT last-modified Wed, 08 Dec 2021 17:44:52 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 237965 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	bridge3.491.0_en.html Show response imasdk.googleapis.com/js/core/ Frame F4C3	596 KB 194 KB	48ms 39ms	Document text/html	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-length 198240 date Sat, 11 Dec 2021 21:08:33 GMT expires Sun, 11 Dec 2022 21:08:33 GMT last-modified Wed, 08 Dec 2021 17:44:52 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 237965 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 478C	107 B 549 B	134ms 48ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.tumgir.com Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Tue, 14 Dec 2021 15:14:38 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame FEF1	37 KB 13 KB	124ms 38ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 14:35:03 GMT content-encoding gzip x-content-type-options nosniff age 2375 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12861 x-xss-protection 0 last-modified Tue, 26 Oct 2021 20:08:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Tue, 14 Dec 2021 15:35:03 GMT
GET H2	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7B11	37 KB 13 KB	132ms 46ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 14:35:03 GMT content-encoding gzip x-content-type-options nosniff age 2375 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12861 x-xss-protection 0 last-modified Tue, 26 Oct 2021 20:08:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Tue, 14 Dec 2021 15:35:03 GMT
GET H2	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame E8C2	37 KB 13 KB	162ms 77ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 14:35:03 GMT content-encoding gzip x-content-type-options nosniff age 2375 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12861 x-xss-protection 0 last-modified Tue, 26 Oct 2021 20:08:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Tue, 14 Dec 2021 15:35:03 GMT
GET H2	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8033	37 KB 13 KB	171ms 86ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 14:35:03 GMT content-encoding gzip x-content-type-options nosniff age 2375 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12861 x-xss-protection 0 last-modified Tue, 26 Oct 2021 20:08:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Tue, 14 Dec 2021 15:35:03 GMT
GET H2	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame D271	37 KB 13 KB	182ms 97ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 14:35:03 GMT content-encoding gzip x-content-type-options nosniff age 2375 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12861 x-xss-protection 0 last-modified Tue, 26 Oct 2021 20:08:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Tue, 14 Dec 2021 15:35:03 GMT
POST H/1.1	200	371.json Show response id5-sync.com/g/v2/	212 B 531 B	39ms 9ms	XHR application/json	54.36.109.166 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/371.json Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/avpb3.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.36.109.166 , France, ASN16276 (OVH, FR), Reverse DNS p10.id5-sync.com Software / Resource Hash 52a96dcebb759fcb2feb912e483c69507777a51c7b5c7d29080a32d93b1fc397 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.tumgir.com Date Tue, 14 Dec 2021 15:15:23 GMT Access-Control-Allow-Credentials true Vary Origin Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload Content-Type application/json;charset=UTF-8
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 44CD	281 B 554 B	7ms 7ms	Document text/html	23.79.143.124 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/avpb3.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-143-124.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 26 Oct 2021 17:01:05 GMT ETag "40019-119-5cf446c48f640" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Tue, 14 Dec 2021 15:14:38 GMT Connection keep-alive Vary Accept-Encoding
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 44CD	32 KB 10 KB	8ms 7ms	Script text/html	23.79.143.124 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-143-124.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 87eddedd2d5c528960a4851583fd6dd917c1893db2ee14ecbfd4809093ac6a71 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/usync.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:38 GMT Content-Encoding gzip Last-Modified Mon, 06 Dec 2021 17:06:27 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=57310 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9506 Expires Wed, 15 Dec 2021 07:09:48 GMT
GET H2	200	60bfc3b94f7d20d55753febfa58ed9fe7463f259.jpg 64.media.tumblr.com/e9a582c782829dfc55b740adfad8363a/26f7f34a3e7d664a-f6/s128x128u_c1/ Redirect Chain https://api.tumblr.com/v2/blog/renekita.tumblr.com/avatar/128 https://64.media.tumblr.com/e9a582c782829dfc55b740adfad8363a/26f7f34a3e7d664a-f6/s128x128u_c1/60bfc3b94f7d20d55753febfa58ed9fe7463f259.jpg	7 KB 7 KB	10ms 9ms	Image image/jpeg	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/e9a582c782829dfc55b740adfad8363a/26f7f34a3e7d664a-f6/s128x128u_c1/60bfc3b94f7d20d55753febfa58ed9fe7463f259.jpg Protocol H2 Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash c7497b6769949b2b45c5471e915ddac27cd6dbb019575bff895529c3249e8544 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-nc HIT hhn 3 date Tue, 14 Dec 2021 15:14:38 GMT last-modified Tue, 27 Jul 2021 10:53:08 GMT server nginx x-frames 1 etag "d0b21e9543ff2c421fd167f393257205-1498089600-66c08dc" access-control-max-age 86400 access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-disposition inline; filename="tumblr_e9a582c782829dfc55b740adfad8363a_60bfc3b9_128.jpg" strict-transport-security max-age=31536000; preload timing-allow-origin * content-length 6787 Redirect headers date Tue, 14 Dec 2021 15:14:38 GMT server nginx x-cache-avatar true strict-transport-security max-age=31536000; preload p3p CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy" location https://64.media.tumblr.com/e9a582c782829dfc55b740adfad8363a/26f7f34a3e7d664a-f6/s128x128u_c1/60bfc3b94f7d20d55753febfa58ed9fe7463f259.jpg#_=_ x-rid f946214f8720bd5710e67979e1477e32 content-type application/json content-length 204 x-ua-compatible IE=Edge,chrome=1
GET H2	200	avatar_0698ff3812bd_128.png 64.media.tumblr.com/ Redirect Chain https://api.tumblr.com/v2/blog/indolentjellyfish.tumblr.com/avatar/128 https://64.media.tumblr.com/avatar_0698ff3812bd_128.png	20 KB 20 KB	6ms 6ms	Image image/png	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/avatar_0698ff3812bd_128.png Protocol H2 Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 15c01dce374a6655d5120e70f37735c982b1572e24edeb38868e1c6bf1bccdde Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-nc HIT hhn 3 date Tue, 14 Dec 2021 15:14:38 GMT last-modified Thu, 10 Dec 2020 18:04:29 GMT server nginx x-frames 1 etag "61132a615f8888b687341022ebcc5e5f-1498089600-0b5eada" access-control-max-age 86400 access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control max-age=31536000 content-disposition inline; filename="avatar_0698ff3812bd_128.png" strict-transport-security max-age=31536000; preload timing-allow-origin * content-length 20419 Redirect headers date Tue, 14 Dec 2021 15:14:38 GMT server nginx x-cache-avatar true strict-transport-security max-age=31536000; preload p3p CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy" location https://64.media.tumblr.com/avatar_0698ff3812bd_128.png#_=_ x-rid 4a40c82e2560396f19b10c1c85b9bc66 content-type application/json content-length 121 x-ua-compatible IE=Edge,chrome=1
GET H2	200	5cdbfdb5843e112e810778c92d95c599c56c4786.png 64.media.tumblr.com/b5d7b03951b49c78d5b1d2af63f9d907/d3a841ea3d05b55d-ba/s128x128u_c1/ Redirect Chain https://api.tumblr.com/v2/blog/camilicy.tumblr.com/avatar/128 https://64.media.tumblr.com/b5d7b03951b49c78d5b1d2af63f9d907/d3a841ea3d05b55d-ba/s128x128u_c1/5cdbfdb5843e112e810778c92d95c599c56c4786.png	26 KB 26 KB	8ms 8ms	Image image/png	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/b5d7b03951b49c78d5b1d2af63f9d907/d3a841ea3d05b55d-ba/s128x128u_c1/5cdbfdb5843e112e810778c92d95c599c56c4786.png Protocol H2 Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 4fc9c7e0cf6621bc36b2ad3d98a99bbf2dc8e3e6394941868a3cbe57adce153c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-nc HIT hhn 2 date Tue, 14 Dec 2021 15:14:38 GMT last-modified Thu, 24 Jun 2021 22:56:36 GMT server nginx x-frames 1 etag "9e9bfb285cc416e8f5937835926e4e81-1498089600-66c08dc" access-control-max-age 86400 access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control max-age=315360000 content-disposition inline; filename="tumblr_b5d7b03951b49c78d5b1d2af63f9d907_5cdbfdb5_128.png" strict-transport-security max-age=31536000; preload timing-allow-origin * content-length 26581 Redirect headers date Tue, 14 Dec 2021 15:14:38 GMT server nginx x-cache-avatar true strict-transport-security max-age=31536000; preload p3p CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy" location https://64.media.tumblr.com/b5d7b03951b49c78d5b1d2af63f9d907/d3a841ea3d05b55d-ba/s128x128u_c1/5cdbfdb5843e112e810778c92d95c599c56c4786.png#_=_ x-rid 7f90089ce9923440d2ee0276ad43a163 content-type application/json content-length 204 x-ua-compatible IE=Edge,chrome=1
GET H2	200	avatar_239966e78ef2_128.png 64.media.tumblr.com/ Redirect Chain https://api.tumblr.com/v2/blog/walking-geema.tumblr.com/avatar/128 https://64.media.tumblr.com/avatar_239966e78ef2_128.png	33 KB 33 KB	7ms 6ms	Image image/png	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/avatar_239966e78ef2_128.png Protocol H2 Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 79764748539a922633396c54d45475318031da72758de7e0f4a8f7e3b8cdb268 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-nc HIT hhn 3 date Tue, 14 Dec 2021 15:14:38 GMT last-modified Wed, 09 Dec 2020 04:07:46 GMT server nginx x-frames 1 etag "4be0da6ea1848460944c9d5efcd8dfb9-1498089600-0b5eada" access-control-max-age 86400 access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control max-age=31536000 content-disposition inline; filename="avatar_239966e78ef2_128.png" strict-transport-security max-age=31536000; preload timing-allow-origin * content-length 33973 Redirect headers date Tue, 14 Dec 2021 15:14:38 GMT server nginx x-cache-avatar true strict-transport-security max-age=31536000; preload p3p CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy" location https://64.media.tumblr.com/avatar_239966e78ef2_128.png#_=_ x-rid bc36388f2a32514903801b50fb18f1aa content-type application/json content-length 121 x-ua-compatible IE=Edge,chrome=1
GET H2	200	avatar_2248ceddef8b_128.png 64.media.tumblr.com/ Redirect Chain https://api.tumblr.com/v2/blog/macrolit.tumblr.com/avatar/128 https://64.media.tumblr.com/avatar_2248ceddef8b_128.png	5 KB 5 KB	9ms 9ms	Image image/png	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/avatar_2248ceddef8b_128.png Protocol H2 Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 5717917d952b725be41c7c1d48130cf94fa32e3e17c0a2717dae049b180e0e20 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-nc HIT hhn 4 date Tue, 14 Dec 2021 15:14:38 GMT last-modified Wed, 09 Dec 2020 05:22:40 GMT server nginx x-frames 1 etag "b24e869032c8486f1b7d4d6a5dcfd5d3-1498089600-833670c" access-control-max-age 86400 access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control max-age=31536000 content-disposition inline; filename="avatar_2248ceddef8b_128.png" strict-transport-security max-age=31536000; preload timing-allow-origin * content-length 4762 Redirect headers date Tue, 14 Dec 2021 15:14:38 GMT server nginx x-cache-avatar true strict-transport-security max-age=31536000; preload p3p CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy" location https://64.media.tumblr.com/avatar_2248ceddef8b_128.png#_=_ x-rid 8c8061a47db44c540ec37090d84b792d content-type application/json content-length 121 x-ua-compatible IE=Edge,chrome=1
GET H2	200	ads Show response pubads.g.doubleclick.net/gampad/ Frame 0052	156 B 236 B	434ms 340ms	XHR text/xml	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3408030493227446&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1846007618&sdk_apis=2%2C8&sid=162C6FCF-F85C-480C-B705-EE6325AF87DC&nel=0&eid=21064201%2C44725355&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&dt=1639494878571&cookie_enabled=1&scor=1474032723165298&ged=ve4_td2_tt1_pd2_la2000_er152.534.302.834_vi0.0.1200.1600_vp100_eb24171 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash 8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:38 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 113 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response pubads.g.doubleclick.net/gampad/ Frame 8BCD	156 B 185 B	489ms 407ms	XHR text/xml	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=823790018408285&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3336733521&sdk_apis=2%2C8&sid=162C6FCF-F85C-480C-B705-EE6325AF87DC&nel=0&eid=21064201%2C44725355&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&dt=1639494878583&cookie_enabled=1&scor=3974718160181675&ged=ve4_td2_tt1_pd2_la2000_er152.534.302.834_vi0.0.1200.1600_vp100_ts0_eb24171 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash 8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:39 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 113 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response pubads.g.doubleclick.net/gampad/ Frame F9CD	156 B 185 B	427ms 349ms	XHR text/xml	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4002092999768110&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3655730091&sdk_apis=2%2C8&sid=162C6FCF-F85C-480C-B705-EE6325AF87DC&nel=0&eid=21064201%2C44725355&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&dt=1639494878586&cookie_enabled=1&scor=2949307163108835&ged=ve4_td2_tt1_pd2_la2000_er152.534.302.834_vi0.0.1200.1600_vp100_ts0_eb24171 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash 8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:38 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 113 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response pubads.g.doubleclick.net/gampad/ Frame F4C3	1 KB 1 KB	152ms 80ms	XHR text/xml	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22651381276%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_tumgir.com_9&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&cust_params=publisher_name%3Dtumgir.com&env=vp&correlator=736957848307940&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=What%20Your%20Truck%27s%20Color%20Says%20About%20You&vid_d=68&vid_kw=automotive%20design%2Cvehicle%2Cdodge%20ram%20srt-10%2Ctire%2Cland%20vehicle%2Ccar%2Csky%2Cpickup%20truck%2Ctruck%20bed%20part%2Cchevrolet%20silverado&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=548367149&sdk_apis=2%2C8&sid=162C6FCF-F85C-480C-B705-EE6325AF87DC&nel=0&eid=21064201%2C44725355&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&dt=1639494878593&cookie_enabled=1&scor=4192207402266645&ged=ve4_td2_tt1_pd2_la2000_er152.534.302.834_vi0.0.1200.1600_vp100_ts0_eb24171 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash fbd9ef4eb579cd45f4778c7c9b1089338342f521a753b728e8bc7178917d9151 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:38 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 785 x-xss-protection 0 google-lineitem-id 0 pragma no-cache server cafe google-creative-id 0 content-type text/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response pubads.g.doubleclick.net/gampad/ Frame 7BC6	1 KB 858 B	161ms 93ms	XHR text/xml	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22651381276%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_tumgir.com_3&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&cust_params=publisher_name%3Dtumgir.com&env=vp&correlator=787582366592773&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=What%20Your%20Truck%27s%20Color%20Says%20About%20You&vid_d=68&vid_kw=automotive%20design%2Cvehicle%2Cdodge%20ram%20srt-10%2Ctire%2Cland%20vehicle%2Ccar%2Csky%2Cpickup%20truck%2Ctruck%20bed%20part%2Cchevrolet%20silverado&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=333335710&sdk_apis=2%2C8&sid=162C6FCF-F85C-480C-B705-EE6325AF87DC&nel=0&eid=21064201%2C44725355&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&dt=1639494878597&cookie_enabled=1&scor=1202337333080755&ged=ve4_td2_tt1_pd2_la2000_er152.534.302.834_vi0.0.1200.1600_vp100_ts0_eb24171 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash 50f4d06b3b5f21df213d6cbea828d4f7f96641e4b340fced6535ae81037834e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:38 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 784 x-xss-protection 0 google-lineitem-id 0 pragma no-cache server cafe google-creative-id 0 content-type text/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 136 B	96ms 96ms	XHR text/plain	54.164.123.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.123.106 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-123-106.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.tumgir.com date Tue, 14 Dec 2021 15:14:38 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H2	200	track atrack.avplayer.com/	0 70 B	97ms 96ms	Image text/plain	34.224.231.98 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M20&cb=1639494878947&cid=60a0c4acce284b4c1059cbe8&VERSION=4.107.0&AV_PAGE_LOAD_UID=a769710f-4039-4072-81cb-d295cbbd18c8&AV_CDIM4=a769710f-4039-4072-81cb-d295cbbd18c8&AV_ABTEST_TEMPLATE_WIGHT=50&AV_CDIM6=50&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.224.231.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-224-231-98.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:38 GMT cache-control max-age=0, no-cache, no-store content-length 0
POST H2	200	track Show response track1.aniview.com/	0 94 B	291ms 99ms	XHR text/plain	18.213.6.218 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=38935&t=1639494877&cip=185.213.155.177&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1639494877342-920230896493-006871-002-005241&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=34964954111&cd1=4.107.0&cd4=a769710f-4039-4072-81cb-d295cbbd18c8&cd5=default&cd6=50&cd7=main&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-6-218.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Tue, 14 Dec 2021 15:14:39 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H3	200	bridge3.491.0_en.html Show response imasdk.googleapis.com/js/core/ Frame 9D54	596 KB 194 KB	39ms 39ms	Document text/html	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-length 198240 date Sat, 11 Dec 2021 21:08:33 GMT expires Sun, 11 Dec 2022 21:08:33 GMT last-modified Wed, 08 Dec 2021 17:44:52 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 237966 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame 478C	107 B 122 B	94ms 48ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.tumgir.com Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Tue, 14 Dec 2021 15:14:39 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response pubads.g.doubleclick.net/gampad/ Frame 7BC6	71 KB 14 KB	430ms 386ms	XHR text/xml	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_tumgir.com_3&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dtumgir.com&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&min_ad_duration=0&max_ad_duration=30000&ppos=1&lip=true&sid=162C6FCF-F85C-480C-B705-EE6325AF87DC&adk=333335710&cookie_enabled=1&correlator=787582366592773&dt=1639494879048&ged=ve4_td2_tt1_pd2_la2000_er152.534.451.1065_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&osd=2&scor=1202337333080755&sdk_apis=2%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&vis=1&u_so=l&eid=21064201%2C44725355&hl=en&frm=0&sdki=44d&sdkv=h.3.491.0&sdr=1&vid_d=68&nel=0&afvsz=200x200%2C450x50%2C468x60%2C480x70&cnc=22651381276&kfa=0&tfcd=0&ctv=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash a61f48bc53a26e2c6805e98fc9db866183cad643e8f22d3aa7fa68a90e6faf19 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:39 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14734 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	bridge3.491.0_en.html Show response imasdk.googleapis.com/js/core/ Frame 9E5C	596 KB 194 KB	39ms 39ms	Document text/html	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-length 198240 date Sat, 11 Dec 2021 21:08:33 GMT expires Sun, 11 Dec 2022 21:08:33 GMT last-modified Wed, 08 Dec 2021 17:44:52 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 237966 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame AA60	37 KB 13 KB	89ms 42ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: srcdoc URL: about:srcdoc Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 14:35:03 GMT content-encoding gzip x-content-type-options nosniff age 2376 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12861 x-xss-protection 0 last-modified Tue, 26 Oct 2021 20:08:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Tue, 14 Dec 2021 15:35:03 GMT
GET H3	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3069	37 KB 13 KB	79ms 40ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: srcdoc URL: about:srcdoc Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 14:35:03 GMT content-encoding gzip x-content-type-options nosniff age 2376 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12861 x-xss-protection 0 last-modified Tue, 26 Oct 2021 20:08:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Tue, 14 Dec 2021 15:35:03 GMT
GET H3	200	bridge3.491.0_en.html Show response imasdk.googleapis.com/js/core/ Frame 3F4D	596 KB 194 KB	39ms 39ms	Document text/html	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-length 198240 date Sat, 11 Dec 2021 21:08:33 GMT expires Sun, 11 Dec 2022 21:08:33 GMT last-modified Wed, 08 Dec 2021 17:44:52 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 237966 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2483	37 KB 13 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: srcdoc URL: about:srcdoc Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 14:35:03 GMT content-encoding gzip x-content-type-options nosniff age 2376 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12861 x-xss-protection 0 last-modified Tue, 26 Oct 2021 20:08:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Tue, 14 Dec 2021 15:35:03 GMT
GET H3	200	ads Show response pubads.g.doubleclick.net/gampad/ Frame 9D54	156 B 142 B	489ms 488ms	XHR text/xml	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_450&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1534825612882485&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=368703145&sdk_apis=2%2C8&sid=162C6FCF-F85C-480C-B705-EE6325AF87DC&nel=0&eid=21064201%2C44725355&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&dt=1639494879232&cookie_enabled=1&scor=1190030474380456&ged=ve4_td2_tt1_pd2_la2000_er152.534.302.834_vi0.0.1200.1600_vp100_ts0_eb24171 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash 8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:39 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 113 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response pubads.g.doubleclick.net/gampad/ Frame 9E5C	156 B 142 B	273ms 272ms	XHR text/xml	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndicaton_8&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4158959572160863&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3470103541&sdk_apis=2%2C8&sid=162C6FCF-F85C-480C-B705-EE6325AF87DC&nel=0&eid=21064201%2C44725355&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&dt=1639494879306&cookie_enabled=1&scor=997483279344156&ged=ve4_td2_tt1_pd2_la2000_er152.534.302.834_vi0.0.1200.1600_vp100_ts0_eb24171 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash 8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:39 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 113 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response pubads.g.doubleclick.net/gampad/ Frame 3F4D	1 KB 817 B	73ms 73ms	XHR text/xml	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22651381276%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_tumgir.com_5&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&cust_params=publisher_name%3Dtumgir.com&env=vp&correlator=1291455246777022&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=What%20Your%20Truck%27s%20Color%20Says%20About%20You&vid_d=68&vid_kw=automotive%20design%2Cvehicle%2Cdodge%20ram%20srt-10%2Ctire%2Cland%20vehicle%2Ccar%2Csky%2Cpickup%20truck%2Ctruck%20bed%20part%2Cchevrolet%20silverado&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2630311310&sdk_apis=2%2C8&sid=162C6FCF-F85C-480C-B705-EE6325AF87DC&nel=0&eid=21064201%2C44725355&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&dt=1639494879366&cookie_enabled=1&scor=3418463658934733&ged=ve4_td2_tt1_pd2_la2000_er152.534.302.834_vi0.0.1200.1600_vp100_ts0_eb24171 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash 36dbf399763091bb39ba21a81a8d37e59e39691b8cbf5405e9aa0471ef2d7157 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:39 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 790 x-xss-protection 0 google-lineitem-id 0 pragma no-cache server cafe google-creative-id 0 content-type text/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 7BC6	0 54 B	397ms 150ms	Ping image/gif	2607:f8b0:4000:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kx68x4jr&c=321807481188&slotId=160903740594&qqid=COXWh6_K4_QCFVH5dwodLNcMig&gqid=37S4YZHOBoOhrASmronYDw&fb=ima_html5-lima&sdkv=h.3.491.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=21064201%2C44725355&met.4=ghmsh_s.kx68x5ad~ghmsh_s.kx68x5ae&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=XNZRbxVXaOVwJ_im Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4000:800::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://imasdk.googleapis.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:39 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	help_outline_white_24dp_with_3px_trbl_padding.png imasdk.googleapis.com/formats/wta/ Frame 7BC6	453 B 478 B	40ms 39ms	Image image/png	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-9848746867798493 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 14:52:58 GMT x-content-type-options nosniff age 1301 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 453 x-xss-protection 0 last-modified Wed, 13 Oct 2021 14:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type image/png cache-control public, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 14 Dec 2021 15:42:58 GMT
GET H2	200	/ googleads.g.doubleclick.net/pagead/interaction/ Frame 7BC6	42 B 536 B	138ms 51ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/interaction/?ai=C2bkq37S4YaXrCNHy3wOsrrPQCOHWk4pn2JnJzdsOsJAfEAEguY2OKGCV4pCCoAegAbyrqu4CyAEFqQIe34noCP2yPuACAKgDAZgEAKoElgJP0D-DpRetLCq44ye-lIEAV5bFGHElmIfmWA6JojswRGFfm74hsjnDdXNd6H_Ut4UWaBqm8OFDBr4kuqeXw681hxsnkYPlOJtAVaI8Kw0hM6fT1ZXv3xOeOfFw0Lhwcry5u3sCUpoODISaHsLsER_Sl7AFBzBonSukOhQd1wUK1UwHCluutG9GXDkvgE-8yIz2XjQTuo72wgKDCPx9nJWoYa-5MZ5EeuBLmTv6voBjpjMpwmZ3HgGcsB7gHyKCZOrBtnZH8M_97xy3dbAgL3PfYAoj5e19N3HmDtR4GCukilSoRWivVNob9erfE--19a_wwiBPuSFgj1tLGzmxG2Je4B4mHxHia_JWizedRtPcWLMc9fQHFMAE6YC-l6AD4AQBiAX8kprwKpIFBggDEAMYAaAGVIAHrNTVkQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2ObEJffAOVqnAJK6ACgOYCwHICwHQCw64DAHYEw3QFQHiFgIIAYAXAQ&sigh=58KhCOTyioQ&label=show_ad&acvw=&sdkv=h.3.491.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUwNTYyNjY0MzY3MjIMNTY1MzUzMjU1MDQ3QLMDUh0QDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25QABgB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:39 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	adview pubads.g.doubleclick.net/pagead/ Frame 7BC6	0 0	72ms 72ms	Image text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pubads.g.doubleclick.net/pagead/adview?ai=CUeoR37S4YaXrCNHy3wOsrrPQCOHWk4pn2JnJzdsOsJAfEAEguY2OKGCV4pCCoAegAbyrqu4CyAEFqQIe34noCP2yPuACAKgDAZgEAKoEkwJP0D-DpRetLCq44ye-lIEAV5bFGHElmIfmWA6JojswRGFfm74hsjnDdXNd6H_Ut4UWaBqm8OFDBr4kuqeXw681hxsnkYPlOJtAVaI8Kw0hM6fT1ZXv3xOeOfFw0Lhwcry5u3sCUpoODISaHsLsER_Sl7AFBzBonSukOhQd1wUK1UwHCluutG9GXDkvgE-8yIz2XjQTuo72wgKDCPx9nJWoYa-5MZ5EeuBLmTv6voBjpjMpwmZ3HgGcsB7gHyKCZOrBtnZH8M_97xy3dbAgL3PfYAoj5e19N3HmDtR4GCukilSoRWivVNobret9D-ePY41iPsTb3fL0rOG2XotkIXxUJhQIB6hIjrfkVMuJassimT94JsAE6YC-l6AD4AQBoAZUgAes1NWRAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQguolqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00OTM3Nzc4NDQ5NzM5ODY5gAoDyAsBwhMGGLyrqu4C2BMN0BUB4hYCCAGAFwGyFx4KHAgAEhRwdWItOTc5MDc2MjgxMTA1NzY5ORjR1RM&sigh=-J_UURnXGUg&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&vt=10&sdkv=h.3.491.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUwNTYyNjY0MzY3MjIMNTY1MzUzMjU1MDQ3QLMDUh0QDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25QABgB Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers
GET DATA	200 OK	truncated / Frame 7BC6	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/gif
POST H2	204	csi csi.gstatic.com/ Frame 478C	0 54 B	363ms 149ms	Ping image/gif	2607:f8b0:4000:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kx68x43d&c=321807481188&slotId=160903740594&eee=missing-element&bi=missing-id Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4000:800::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:39 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7BC6	0 20 B	73ms 72ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.491.0&e=21064201%2C44725355&id=ima_html5&c=3695383860386675&domain=www.tumgir.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:39 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	206 Partial Content	videoplayback rr1---sn-5hneknee.googlevideo.com/ Redirect Chain https://rr1---sn-5hneknee.googlevideo.com/videoplayback?expire=1639523679&ei=37S4Ye_MGeC9x_AP3bGziA8&ip=185.213.155.177&id=83929857dc6e7355&itag=22&source=youtube&requiressl=yes&mh=qQ&mm=31&mn=sn-5... https://rr1---sn-5hneknee.googlevideo.com/videoplayback?expire=1639523679&ei=37S4Ye_MGeC9x_AP3bGziA8&ip=185.213.155.177&id=83929857dc6e7355&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&c...	3 MB 3 MB	45ms 16ms	Media video/mp4	2a00:1450:400e:8::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr1---sn-5hneknee.googlevideo.com/videoplayback?expire=1639523679&ei=37S4Ye_MGeC9x_AP3bGziA8&ip=185.213.155.177&id=83929857dc6e7355&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1638272290657383&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgLnm1coR1WpehrmMItLPqv4BBhdMbDg-I4iPvy-oQkCcCID4e2oTaByq-ow62qLcYXesIJHlS2JUXOqnq0AJPwJ7D&cpn=XNZRbxVXaOVwJ_im&redirect_counter=1&rm=sn-5hnesl7e&req_id=33f5db5b561836e2&cms_redirect=yes&ipbypass=yes&mh=qQ&mip=2a03:1b20:6:f011::7e&mm=31&mn=sn-5hneknee&ms=au&mt=1639494801&mv=m&mvi=1&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPYKX4N3vsNtlDeowsmrNF8T1c77-J7LcaU-C1_THkEpAiEA2z_e59a4dsFYsTYSBWG13lX4v_RYmme4hMZL03Y52j4%3D Protocol HTTP/1.1 Server 2a00:1450:400e:8::6 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 856bc73da583898db32d5e8e22fe0dbbf1773d9e9d20308afecc194f892205f4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:39 GMT X-Content-Type-Options nosniff Last-Modified Tue, 30 Nov 2021 11:38:10 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Content-Range bytes 0-2987171/2987172 Cache-Control private, max-age=28500 Cross-Origin-Resource-Policy cross-origin Connection close Accept-Ranges bytes Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 2987172 Expires Tue, 14 Dec 2021 15:14:39 GMT Redirect headers Date Tue, 14 Dec 2021 15:14:39 GMT X-Content-Type-Options nosniff Last-Modified Wed, 02 May 2007 10:26:10 GMT Server gvs 1.0 Vary Origin Content-Type text/html Location https://rr1---sn-5hneknee.googlevideo.com/videoplayback?expire=1639523679&ei=37S4Ye_MGeC9x_AP3bGziA8&ip=185.213.155.177&id=83929857dc6e7355&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1638272290657383&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgLnm1coR1WpehrmMItLPqv4BBhdMbDg-I4iPvy-oQkCcCID4e2oTaByq-ow62qLcYXesIJHlS2JUXOqnq0AJPwJ7D&cpn=XNZRbxVXaOVwJ_im&redirect_counter=1&rm=sn-5hnesl7e&req_id=33f5db5b561836e2&cms_redirect=yes&ipbypass=yes&mh=qQ&mip=2a03:1b20:6:f011::7e&mm=31&mn=sn-5hneknee&ms=au&mt=1639494801&mv=m&mvi=1&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPYKX4N3vsNtlDeowsmrNF8T1c77-J7LcaU-C1_THkEpAiEA2z_e59a4dsFYsTYSBWG13lX4v_RYmme4hMZL03Y52j4%3D Cache-Control private, max-age=900 Cross-Origin-Resource-Policy cross-origin Connection close Content-Length 0 Expires Tue, 14 Dec 2021 15:14:39 GMT
GET H3	200	bridge3.491.0_en.html Show response imasdk.googleapis.com/js/core/ Frame A006	596 KB 194 KB	39ms 39ms	Document text/html	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-length 198240 date Sat, 11 Dec 2021 21:08:33 GMT expires Sun, 11 Dec 2022 21:08:33 GMT last-modified Wed, 08 Dec 2021 17:44:52 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 237966 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame 478C	107 B 122 B	48ms 48ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.tumgir.com Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Tue, 14 Dec 2021 15:14:39 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame AA68	37 KB 13 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: srcdoc URL: about:srcdoc Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 14:35:03 GMT content-encoding gzip x-content-type-options nosniff age 2376 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12861 x-xss-protection 0 last-modified Tue, 26 Oct 2021 20:08:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Tue, 14 Dec 2021 15:35:03 GMT
POST H2	204	csi csi.gstatic.com/ Frame 7BC6	0 327 B	254ms 149ms	Ping image/gif	2607:f8b0:4000:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kx68x5ag&c=321807481188&slotId=160903740594&qqid=COXWh6_K4_QCFVH5dwodLNcMig&gqid=37S4YZHOBoOhrASmronYDw&fb=ima_html5-lima&sdkv=h.3.491.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.kx68x5ah~vss_tr.16r Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4000:800::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://imasdk.googleapis.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:39 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	206 Partial Content	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/	201 KB 202 KB	8ms 8ms	XHR video/mp2t	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash cc013cfccc48c1e4db0978b244bac39b4230793e57550ca991429f041c14d00d Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=1102996-1309231 Response headers Date Tue, 14 Dec 2021 15:14:39 GMT Cache-Tag 344244065305281221549964677194789729468,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31 Content-Range bytes 1102996-1309231/3449988 Connection keep-alive Content-Length 206236 X-Served-By cache-wdc5558-WDC Last-Modified Thu, 27 May 2021 23:46:32 GMT Server cloudinary X-Timer S1638938305.115410,VS0,VE0 ETag "402257fc52be17d900f071856c2e2c51" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=31001035 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 1
OPTIONS H/1.1	200 OK	landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/ Frame	0 0	7ms 7ms	Preflight text/html	2.16.186.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1583944588/landscapea982df8a-4d1c-41ad-8927-9cf1a919710e_1583944397923.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-146.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www.tumgir.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Tue, 14 Dec 2021 15:14:39 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H3	200	ads Show response pubads.g.doubleclick.net/gampad/ Frame A006	156 B 142 B	330ms 330ms	XHR text/xml	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4411589675795071&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3298972240&sdk_apis=2%2C8&sid=162C6FCF-F85C-480C-B705-EE6325AF87DC&nel=0&eid=21064201%2C44725355&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2FNordVPN%2520free&dt=1639494879752&cookie=ID%3D17e737f1c0c79001%3AT%3D1639494879%3AS%3DALNI_MY03GOGrjcRaZhpwYgqJA1KU_0SHg&scor=532743590741724&ged=ve4_td3_tt2_pd3_la3000_er152.534.302.834_vi0.0.1200.1600_vp100_ts1_eb24171 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash 8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:40 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 113 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ googleads.g.doubleclick.net/pagead/interaction/ Frame 7BC6	42 B 64 B	99ms 51ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/interaction/?ai=C2bkq37S4YaXrCNHy3wOsrrPQCOHWk4pn2JnJzdsOsJAfEAEguY2OKGCV4pCCoAegAbyrqu4CyAEFqQIe34noCP2yPuACAKgDAZgEAKoElgJP0D-DpRetLCq44ye-lIEAV5bFGHElmIfmWA6JojswRGFfm74hsjnDdXNd6H_Ut4UWaBqm8OFDBr4kuqeXw681hxsnkYPlOJtAVaI8Kw0hM6fT1ZXv3xOeOfFw0Lhwcry5u3sCUpoODISaHsLsER_Sl7AFBzBonSukOhQd1wUK1UwHCluutG9GXDkvgE-8yIz2XjQTuo72wgKDCPx9nJWoYa-5MZ5EeuBLmTv6voBjpjMpwmZ3HgGcsB7gHyKCZOrBtnZH8M_97xy3dbAgL3PfYAoj5e19N3HmDtR4GCukilSoRWivVNob9erfE--19a_wwiBPuSFgj1tLGzmxG2Je4B4mHxHia_JWizedRtPcWLMc9fQHFMAE6YC-l6AD4AQBiAX8kprwKpIFBggDEAMYAaAGVIAHrNTVkQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2ObEJffAOVqnAJK6ACgOYCwHICwHQCw64DAHYEw3QFQHiFgIIAYAXAQ&sigh=58KhCOTyioQ&label=video_ad_loaded&acvw=&sdkv=h.3.491.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUwNTYyNjY0MzY3MjIMNTY1MzUzMjU1MDQ3QLMDUh0QDyUAAMhBKAE6B3Vua25vd25CB3Vua25vd25QABgB Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:39 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Oy6hyfNY.js Show response tpc.googlesyndication.com/sodar/ Frame 7BC6	41 KB 16 KB	120ms 37ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 10 Dec 2021 13:14:01 GMT content-encoding gzip x-content-type-options nosniff age 352838 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15406 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Sat, 10 Dec 2022 13:14:01 GMT
GET H3	200	adview pubads.g.doubleclick.net/pagead/ Frame 7BC6	0 0	79ms 78ms	Image text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pubads.g.doubleclick.net/pagead/adview?ai=CUeoR37S4YaXrCNHy3wOsrrPQCOHWk4pn2JnJzdsOsJAfEAEguY2OKGCV4pCCoAegAbyrqu4CyAEFqQIe34noCP2yPuACAKgDAZgEAKoEkwJP0D-DpRetLCq44ye-lIEAV5bFGHElmIfmWA6JojswRGFfm74hsjnDdXNd6H_Ut4UWaBqm8OFDBr4kuqeXw681hxsnkYPlOJtAVaI8Kw0hM6fT1ZXv3xOeOfFw0Lhwcry5u3sCUpoODISaHsLsER_Sl7AFBzBonSukOhQd1wUK1UwHCluutG9GXDkvgE-8yIz2XjQTuo72wgKDCPx9nJWoYa-5MZ5EeuBLmTv6voBjpjMpwmZ3HgGcsB7gHyKCZOrBtnZH8M_97xy3dbAgL3PfYAoj5e19N3HmDtR4GCukilSoRWivVNobret9D-ePY41iPsTb3fL0rOG2XotkIXxUJhQIB6hIjrfkVMuJassimT94JsAE6YC-l6AD4AQBoAZUgAes1NWRAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQguolqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00OTM3Nzc4NDQ5NzM5ODY5gAoDyAsBwhMGGLyrqu4C2BMN0BUB4hYCCAGAFwGyFx4KHAgAEhRwdWItOTc5MDc2MjgxMTA1NzY5ORjR1RM&sigh=-J_UURnXGUg&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&sdkv=h.3.491.0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers
GET H3	200	/ googleads.g.doubleclick.net/pagead/interaction/ Frame 7BC6	42 B 64 B	88ms 50ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/interaction/?ai=CpzBi37S4YaXrCNHy3wOsrrPQCOHWk4pn2JnJzdsOsJAfEAEguY2OKGCV4pCCoAegAbyrqu4CyAEFqQIe34noCP2yPuACAKgDAZgEAKoEkwJP0D-DpRetLCq44ye-lIEAV5bFGHElmIfmWA6JojswRGFfm74hsjnDdXNd6H_Ut4UWaBqm8OFDBr4kuqeXw681hxsnkYPlOJtAVaI8Kw0hM6fT1ZXv3xOeOfFw0Lhwcry5u3sCUpoODISaHsLsER_Sl7AFBzBonSukOhQd1wUK1UwHCluutG9GXDkvgE-8yIz2XjQTuo72wgKDCPx9nJWoYa-5MZ5EeuBLmTv6voBjpjMpwmZ3HgGcsB7gHyKCZOrBtnZH8M_97xy3dbAgL3PfYAoj5e19N3HmDtR4GCukilSoRWivVNobret9D-ePY41iPsTb3fL0rOG2XotkIXxUJhQIB6hIjrfkVMuJassimT94JsAE6YC-l6AD4AQBiAX8kprwKqAGVIAHrNTVkQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2OYAKA8gLAdgTDdAVAeIWAggBgBcB&sigh=rkhLP4T_1b0&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D914%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20015%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1007%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D34897802%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1831%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.08%26t%3D1639494879539&sdkv=h.3.491.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUwNTYyNjY0MzY3MjIMNTY1MzUzMjU1MDQ3QLMDUiAQDyUAAMhBKAE6B3Vua25vd25CB3Vua25vd25IjgJQABgB Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:39 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 7BC6	42 B 64 B	76ms 75ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKpcxHbYEWqqst2jRJ1BKIoetdygZdS5Z5n94uwFnk76N10YmKQ6xoxoQjaW9H3NloPqG4a2EiFsmTWgp6XQDclYfhXu3rLr4x7jqGiuPl_Es2fcdTkKRO-uNUsCy18Z2RzoTckRbn78EZ&sai=AMfl-YQ8NUOz5yGDza5rIExU54FsvEH33VcH-maH6lbxOjnDGmUxg2P638LMvJq99K-CxI5LeW4heu4cmc9ymL53-dWBXB0yEVVfUpDo_RVM1W4aOW8WIvtsU9HhUEY&sig=Cg0ArKJSzPr-cWVahOjvEAE&cid=CAASF-RoB5mO4Wz-qqYLVCunDmbEIyG9irVY&id=lidarv&acvw=sv%3D914%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20015%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1007%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D34897802%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1832%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.08%26t%3D1639494879539&avm=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:39 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ googleads.g.doubleclick.net/pagead/interaction/ Frame 7BC6	42 B 64 B	86ms 50ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/interaction/?ai=CpzBi37S4YaXrCNHy3wOsrrPQCOHWk4pn2JnJzdsOsJAfEAEguY2OKGCV4pCCoAegAbyrqu4CyAEFqQIe34noCP2yPuACAKgDAZgEAKoEkwJP0D-DpRetLCq44ye-lIEAV5bFGHElmIfmWA6JojswRGFfm74hsjnDdXNd6H_Ut4UWaBqm8OFDBr4kuqeXw681hxsnkYPlOJtAVaI8Kw0hM6fT1ZXv3xOeOfFw0Lhwcry5u3sCUpoODISaHsLsER_Sl7AFBzBonSukOhQd1wUK1UwHCluutG9GXDkvgE-8yIz2XjQTuo72wgKDCPx9nJWoYa-5MZ5EeuBLmTv6voBjpjMpwmZ3HgGcsB7gHyKCZOrBtnZH8M_97xy3dbAgL3PfYAoj5e19N3HmDtR4GCukilSoRWivVNobret9D-ePY41iPsTb3fL0rOG2XotkIXxUJhQIB6hIjrfkVMuJassimT94JsAE6YC-l6AD4AQBiAX8kprwKqAGVIAHrNTVkQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2OYAKA8gLAdgTDdAVAeIWAggBgBcB&sigh=rkhLP4T_1b0&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D914%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20015%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1007%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D34897802%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1834%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.08%26t%3D1639494879539&sdkv=h.3.491.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUwNTYyNjY0MzY3MjIMNTY1MzUzMjU1MDQ3QLMDUiAQDyUAAMhBKAE6B3Vua25vd25CB3Vua25vd25IjgJQABgB Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:39 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7BC6	0 20 B	73ms 72ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.491.0&e=21064201%2C44725355&id=ima_html5&c=3695383860386675&domain=www.tumgir.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:39 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ googleads.g.doubleclick.net/pagead/interaction/ Frame 7BC6	42 B 64 B	86ms 50ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/interaction/?ai=CpzBi37S4YaXrCNHy3wOsrrPQCOHWk4pn2JnJzdsOsJAfEAEguY2OKGCV4pCCoAegAbyrqu4CyAEFqQIe34noCP2yPuACAKgDAZgEAKoEkwJP0D-DpRetLCq44ye-lIEAV5bFGHElmIfmWA6JojswRGFfm74hsjnDdXNd6H_Ut4UWaBqm8OFDBr4kuqeXw681hxsnkYPlOJtAVaI8Kw0hM6fT1ZXv3xOeOfFw0Lhwcry5u3sCUpoODISaHsLsER_Sl7AFBzBonSukOhQd1wUK1UwHCluutG9GXDkvgE-8yIz2XjQTuo72wgKDCPx9nJWoYa-5MZ5EeuBLmTv6voBjpjMpwmZ3HgGcsB7gHyKCZOrBtnZH8M_97xy3dbAgL3PfYAoj5e19N3HmDtR4GCukilSoRWivVNobret9D-ePY41iPsTb3fL0rOG2XotkIXxUJhQIB6hIjrfkVMuJassimT94JsAE6YC-l6AD4AQBiAX8kprwKqAGVIAHrNTVkQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2OYAKA8gLAdgTDdAVAeIWAggBgBcB&sigh=rkhLP4T_1b0&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=admute&ad_mt=0&acvw=sv%3D914%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D12,0,0,0,0%26mtos%3D12,12,12,12,12%26amtos%3D0,0,0,0,0%26mcvt%3D12%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D12%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D12%26pst%3D-1%26dur%3D20015%26vmtime%3D-1%26dvs%3D12%26dfvs%3D12%26dvpt%3D12%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1007%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D34897802%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1837%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,12&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.08%26t%3D1639494879539&sdkv=h.3.491.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUwNTYyNjY0MzY3MjIMNTY1MzUzMjU1MDQ3QLMDUiAQDyUAAMhBKAE6B3Vua25vd25CB3Vua25vd25IjgJQABgB Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:39 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 136 B	97ms 96ms	XHR text/plain	54.164.123.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.123.106 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-123-106.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.tumgir.com date Tue, 14 Dec 2021 15:14:39 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 136 B	96ms 96ms	XHR text/plain	54.164.123.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.123.106 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-123-106.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.tumgir.com date Tue, 14 Dec 2021 15:14:39 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H2	200	track track1.aniview.com/	0 70 B	97ms 96ms	Image text/plain	18.213.6.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=38935&t=1639494877&cip=185.213.155.177&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1639494877342-920230896493-006871-002-005241&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=34964954111&cd1=4.107.0&cd4=a769710f-4039-4072-81cb-d295cbbd18c8&cd5=default&cd6=50&cd7=main&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&asid=60a0c4aabd19fc3b905086bf&pid=56ea678d181f46c76f8b45fb&cid=60a0c4acce284b4c1059cbe8&h=79a26debfb3551c71e77ebb96f2b1bc44fe46d13&d9=1000&ad=25&vi=100&ofpr=1.86869&imid=71e752edde9c9d4099a35b808d70b8e0_1723155176_9511368&e=impression&cb=1639494877429&ad=25&vi=100&d4=1&d5=2&d1=vpaid&fv=1&cb=1639494877439 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-6-218.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:39 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H2	200	track atrack.avplayer.com/	0 70 B	97ms 97ms	Image text/plain	34.224.231.98 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=playerLoaded&cb=1639494879793&cid=60a0c4acce284b4c1059cbe8&VERSION=4.107.0&AV_PAGE_LOAD_UID=a769710f-4039-4072-81cb-d295cbbd18c8&AV_CDIM4=a769710f-4039-4072-81cb-d295cbbd18c8&AV_ABTEST_TEMPLATE_WIGHT=50&AV_CDIM6=50&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.224.231.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-224-231-98.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:39 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H2	200	track track1.aniview.com/	0 70 B	97ms 97ms	Image text/plain	18.213.6.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=38935&t=1639494877&cip=185.213.155.177&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1639494877342-920230896493-006871-002-005241&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=34964954111&cd1=4.107.0&cd4=a769710f-4039-4072-81cb-d295cbbd18c8&cd5=default&cd6=50&cd7=main&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&asid=60a0c4aabd19fc3b905086bf&pid=56ea678d181f46c76f8b45fb&cid=60a0c4acce284b4c1059cbe8&h=79a26debfb3551c71e77ebb96f2b1bc44fe46d13&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=1.86869&imid=71e752edde9c9d4099a35b808d70b8e0_1723155176_9511368&e=start&d1=vpaid&fv=1&cb=1639494877439 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-6-218.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:39 GMT cache-control max-age=0, no-cache, no-store content-length 0
POST H3	204	ZTBFdEFKDyYHfABcNT4bVGYGFhkdYx8hLRdVE0EoNAJwTBlXAGMAKAENfUFzXAdxUjEMVHhHc0NDMRU1EEN4RnFVBWMdLwNfeEZxVQZ1RHFVBmBDAg1EMQQyQAMEUXMjFXcyNgBSNR0iDh0mEC9LQ3ZaIAhRPxsvBEc2WiIKXWBGBxZeJAQkBlEtAG8VXiJRdiZeM... peukasrsih.com/	0 515 B	111ms 111ms	Ping text/plain	2606:4700:3030::6815:3b8f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peukasrsih.com/ZTBFdEFKDyYHfABcNT4bVGYGFhkdYx8hLRdVE0EoNAJwTBlXAGMAKAENfUFzXAdxUjEMVHhHc0NDMRU1EEN4RnFVBWMdLwNfeEZxVQZ1RHFVBmBDAg1EMQQyQAMEUXMjFXcyNgBSNR0iDh0mEC9LQ3ZaIAhRPxsvBEc2WiIKXWBGBxZeJAQkBlEtAG8VXiJRdiZeMBgtQAcGQXRRCHFAdFcId0Z3UgFxR3RSCWMCfFUefVp3SwBjAXxQCXZGd1QEdUF3XQN9TXRDRDUVJlgBYwQ1EVx4RXdWCXFNdV0HfEx0UA Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3b8f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 14 Dec 2021 15:14:39 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEFFk3dRt8EcaiH%2BnJ4D5lMzKiRLu1bkVAx2XL8cKKI6dY6uR%2FArsE3tQWEO98tGjOTy6Eb4iWQllkV5FV98CkzauTRZK7zSmNoOjuMgpFdfLH%2FX2kMWjfGr9FM%2B%2BmIs9vr8BcQkY53GD5fQYA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6bd862171c115b6e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET		snapecaht.png webpick-cdn.s3.amazonaws.com/	0 0
GET H3	200	hhrtBw21.html Show response tpc.googlesyndication.com/sodar/ Frame 2EDC	23 KB 9 KB	88ms 40ms	Document text/html	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/hhrtBw21.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8727 date Fri, 10 Dec 2021 07:43:36 GMT expires Sat, 10 Dec 2022 07:43:36 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 age 372663 cache-control public, max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7BC6	0 20 B	73ms 73ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=36&d=1&s=1&f=0.01&li=v_h.3.491.0&bgai=BCf6C37S4YaXrCNHy3wOsrrPQCAAAAAA4AboFEwjRuYWvyuP0AhWDEIsKHSZXAvs Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:39 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	snapecaht.png webpick-cdn.s3.amazonaws.com/ Frame FEE8	3 KB 3 KB	635ms 184ms	Image image/png	52.218.241.2 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://webpick-cdn.s3.amazonaws.com/snapecaht.png Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.241.2 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2-w.amazonaws.com Software AmazonS3 / Resource Hash 5af1e32d6499ad2c5e9249164daa9a39860fb4e6f64b223b04fe0afa0c0b6ee2 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Tue, 14 Dec 2021 15:14:41 GMT Last-Modified Tue, 25 Dec 2018 13:48:43 GMT Server AmazonS3 x-amz-request-id 5KNNYY61EXZ5T8NT ETag "84cde431b32705bc6e18c3d7ccc2dd29" Content-Type image/png Accept-Ranges bytes Content-Length 2888 x-amz-id-2 1HO+RvRrqme79yvqRTZvGKHcOI9YV/yS4oHzc8PrE0OptKTkZp688FZJ4+M38ykuw9ZpAltBXTA= x-amz-meta-s3b-last-modified 20181225T134720Z
GET DATA	200 OK	truncated / Frame FEE8	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 52878d35bbd3319522a493c873f3dfe8fe7b15c11a3bb4aafca023115122e702 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FEE8	814 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	204	playback s.youtube.com/api/stats/ Frame 7BC6	0 0	72ms 20ms	Image text/html	2a00:1450:400c:c1b::8a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s.youtube.com/api/stats/playback?ns=yt&fexp=21064201%2C44725355&el=adunit&cpn=XNZRbxVXaOVwJ_im&docid=g5KYV9xuc1U&ver=2&cmt=0.191&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.tumgir.com%2F&len=20.016&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=96.0.4664.93&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=18&rtn=10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c1b::8a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers
GET H3	200	U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response pagead2.googlesyndication.com/bg/ Frame 2EDC	35 KB 13 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 13:27:12 GMT content-encoding br x-content-type-options nosniff age 6448 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13577 x-xss-protection 0 last-modified Mon, 06 Dec 2021 19:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 14 Dec 2022 13:27:12 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2EDC	0 20 B	75ms 75ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.491.0&bgai=BCf6C37S4YaXrCNHy3wOsrrPQCAAAAAA4AboFEwjRuYWvyuP0AhWDEIsKHSZXAvs&bg=!WVqlWh7NAAZKWFskSlg7ACkAdvg8WjazsGZ1lI_qcrWFE7R9XE0X7SKa2ZoRyFO_Dyp2o6tgd6G8DQIAAABfUgAAAAtoAQcKACRowSrfXm_jZt3skdVNN_60v-wsNd-68H6tKrZEWUQ4AEKXGDWZAn3UnTLDR4EDRoHffp3MIG3jUbfIdMuWZN_VnYGqIIs8NUxmqHEMzAk1lSUg54rZe7qWYKwdEYunt65s59sSMgfVGxTtsSh-gZqTFmMzA_pbF9XM67b7uQexLsYA-8MoF0U9grSyHvhoRwVny2xToM6SehOMNhNy-ZYdWt96kzhVgKUv-vxj7o5N2d3u4juMOXAWBduT-nxhb5a7soLpBUIxHAiI4vzDPQCQeIlAoFBbcUAxEmPJF4xivpDYmFSTLvSla-_FvylqYd_-NHEo_vu4Quyd52AMD37HdLbVd5_IyRUjfVB4cf4ntftbIDcv9gZBBwfSouRNybzR5jf0ArWnj2CPEZzC_EDyxrBGOh0TDhEtO5v1TiwX_Rs-Gcpka8Cvtt4U9Oo_jJXsUUz8vgv5j4L_1WjGnII5o2EggtQEQP3GtXaDLCKUYaSzu-ACqe68ttEsjlo3iMMA4nJb8LZgBDuJ4zpy1y23G9r-6KwMaHyi75IC5USk4iNu4HxYs1ZP1cNXfdBU9vnejxRHIHWM_2EkIQaKRO3TVM-DNmIfnVSCjrC7F-SO8NsIYoFEUkQUvXX8GVJ3dQ_MlMHKxPGrrvnRZuPtDLUBEoODTNEL1pY641wfgJBOuBOsQ6TfbkTHtKz1gGrvDBWMXlowk2_OyFzs4j0dnFIegwhzfYQ78w4ni3XNw1EBxzJrVrc9QQJJVM28FivwghtKXXXj2dx3_DWPE1Ud8ZJCPJEUQj3vmKj8cexSeOAzwLgeScO5uit-VbgBp7aDIZ7d8cT7rPWe1SCGivslL8qvpvjYOCMhQ83fdRgTRQBeZ6wTMUd1aLqGOQCEBDuH-W7ZCNAy Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:40 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 7BC6	42 B 64 B	81ms 81ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKpcxHbYEWqqst2jRJ1BKIoetdygZdS5Z5n94uwFnk76N10YmKQ6xoxoQjaW9H3NloPqG4a2EiFsmTWgp6XQDclYfhXu3rLr4x7jqGiuPl_Es2fcdTkKRO-uNUsCy18Z2RzoTckRbn78EZ&sai=AMfl-YQ8NUOz5yGDza5rIExU54FsvEH33VcH-maH6lbxOjnDGmUxg2P638LMvJq99K-CxI5LeW4heu4cmc9ymL53-dWBXB0yEVVfUpDo_RVM1W4aOW8WIvtsU9HhUEY&sig=Cg0ArKJSzPr-cWVahOjvEAE&cid=CAASF-RoB5mO4Wz-qqYLVCunDmbEIyG9irVY&id=lidarv&acvw=sv%3D914%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D2017,0,0,0,0%26mtos%3D2017,2017,2017,2017,2017%26amtos%3D0,0,0,0,0%26mcvt%3D2017%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2017%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D422%26pst%3D413%26dur%3D20015%26vmtime%3D1940%26dtos%3D2017%26dtoss%3D1%26dvs%3D2005%26dfvs%3D2005%26dvpt%3D2005%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1007%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D34897802%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D3843%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2017&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.08%26t%3D1639494879539 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:41 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	track track1.aniview.com/	0 70 B	98ms 98ms	Image text/plain	18.213.6.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=38935&t=1639494877&cip=185.213.155.177&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1639494877342-920230896493-006871-002-005241&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=34964954111&cd1=4.107.0&cd4=a769710f-4039-4072-81cb-d295cbbd18c8&cd5=default&cd6=50&cd7=main&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&asid=60a0c4aabd19fc3b905086bf&pid=56ea678d181f46c76f8b45fb&cid=60a0c4acce284b4c1059cbe8&h=79a26debfb3551c71e77ebb96f2b1bc44fe46d13&d9=1000&ad=25&vi=100&ofpr=1.86869&imid=71e752edde9c9d4099a35b808d70b8e0_1723155176_9511368&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=1&cb=1639494877439 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-6-218.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:42 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H2	200	track track1.aniview.com/	0 70 B	97ms 97ms	Image text/plain	18.213.6.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=38935&t=1639494877&cip=185.213.155.177&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1639494877342-920230896493-006871-002-005241&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=34964954111&cd1=4.107.0&cd4=a769710f-4039-4072-81cb-d295cbbd18c8&cd5=default&cd6=50&cd7=main&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&asid=60a0c4aabd19fc3b905086bf&pid=56ea678d181f46c76f8b45fb&cid=60a0c4acce284b4c1059cbe8&h=79a26debfb3551c71e77ebb96f2b1bc44fe46d13&d9=1000&ad=25&vi=100&ofpr=1.86869&imid=71e752edde9c9d4099a35b808d70b8e0_1723155176_9511368&e=sec3&vi=100&d1=vpaid&fv=1&cb=1639494877439 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-6-218.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:42 GMT cache-control max-age=0, no-cache, no-store content-length 0
POST H2	200	track Show response track1.aniview.com/	0 93 B	97ms 97ms	XHR text/plain	18.213.6.218 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=38935&t=1639494877&cip=185.213.155.177&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1639494877342-920230896493-006871-002-005241&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=34964954111&cd1=4.107.0&cd4=a769710f-4039-4072-81cb-d295cbbd18c8&cd5=default&cd6=50&cd7=main&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-6-218.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Tue, 14 Dec 2021 15:14:44 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H3	200	/ googleads.g.doubleclick.net/pagead/interaction/ Frame 7BC6	42 B 64 B	129ms 125ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/interaction/?ai=CpzBi37S4YaXrCNHy3wOsrrPQCOHWk4pn2JnJzdsOsJAfEAEguY2OKGCV4pCCoAegAbyrqu4CyAEFqQIe34noCP2yPuACAKgDAZgEAKoEkwJP0D-DpRetLCq44ye-lIEAV5bFGHElmIfmWA6JojswRGFfm74hsjnDdXNd6H_Ut4UWaBqm8OFDBr4kuqeXw681hxsnkYPlOJtAVaI8Kw0hM6fT1ZXv3xOeOfFw0Lhwcry5u3sCUpoODISaHsLsER_Sl7AFBzBonSukOhQd1wUK1UwHCluutG9GXDkvgE-8yIz2XjQTuo72wgKDCPx9nJWoYa-5MZ5EeuBLmTv6voBjpjMpwmZ3HgGcsB7gHyKCZOrBtnZH8M_97xy3dbAgL3PfYAoj5e19N3HmDtR4GCukilSoRWivVNobret9D-ePY41iPsTb3fL0rOG2XotkIXxUJhQIB6hIjrfkVMuJassimT94JsAE6YC-l6AD4AQBiAX8kprwKqAGVIAHrNTVkQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2OYAKA8gLAdgTDdAVAeIWAggBgBcB&sigh=rkhLP4T_1b0&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=videoplaytime25&ad_mt=5190&acvw=sv%3D914%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D5247,0,0,0,0%26mtos%3D5247,5247,5247,5247,5247%26amtos%3D0,0,0,0,0%26mcvt%3D5247%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5247%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1229%26pst%3D413%26dur%3D20015%26vmtime%3D5190%26dtos%3D3230%26dtoss%3D2%26dvs%3D3230%26dfvs%3D3230%26dvpt%3D3230%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D5247,5247,5247,5247,5247%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1007%26femvt%3D0%26emc%3D28%26emuc%3D0%26emb%3D28,0,0,0,0%26avms%3Dexc%26qi%3D34897802%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26ptlt%3D7073%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5247&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.08%26t%3D1639494879539&sdkv=h.3.491.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUwNTYyNjY0MzY3MjIMNTY1MzUzMjU1MDQ3QLMDUiAQDyUAAMhBKAE6B3Vua25vd25CB3Vua25vd25IjgJQABgB Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:45 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ googleads.g.doubleclick.net/pagead/interaction/ Frame 7BC6	42 B 64 B	164ms 163ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/interaction/?ai=CpzBi37S4YaXrCNHy3wOsrrPQCOHWk4pn2JnJzdsOsJAfEAEguY2OKGCV4pCCoAegAbyrqu4CyAEFqQIe34noCP2yPuACAKgDAZgEAKoEkwJP0D-DpRetLCq44ye-lIEAV5bFGHElmIfmWA6JojswRGFfm74hsjnDdXNd6H_Ut4UWaBqm8OFDBr4kuqeXw681hxsnkYPlOJtAVaI8Kw0hM6fT1ZXv3xOeOfFw0Lhwcry5u3sCUpoODISaHsLsER_Sl7AFBzBonSukOhQd1wUK1UwHCluutG9GXDkvgE-8yIz2XjQTuo72wgKDCPx9nJWoYa-5MZ5EeuBLmTv6voBjpjMpwmZ3HgGcsB7gHyKCZOrBtnZH8M_97xy3dbAgL3PfYAoj5e19N3HmDtR4GCukilSoRWivVNobret9D-ePY41iPsTb3fL0rOG2XotkIXxUJhQIB6hIjrfkVMuJassimT94JsAE6YC-l6AD4AQBiAX8kprwKqAGVIAHrNTVkQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2OYAKA8gLAdgTDdAVAeIWAggBgBcB&sigh=rkhLP4T_1b0&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=video_skip_shown&ad_mt=5190&acvw=sv%3D914%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26p0%3D152,534,451,1065%26p1%3D152,534,451,1065%26tos%3D5250,0,0,0,0%26mtos%3D5250,5250,5250,5250,5250%26amtos%3D0,0,0,0,0%26mtos1%3D5247,0,0%26mcvt%3D5250%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5250%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1232%26pst%3D413%26dur%3D20015%26vmtime%3D5190%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3,3,3,3,3%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1007%26femvt%3D0%26emc%3D28%26emuc%3D0%26emb%3D28,0,0,0,0%26avms%3Dexc%26qi%3D34897802%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26ptlt%3D7075%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5250%26ss0%3D0.08%26ss1%3D0.08&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.08%26t%3D1639494879539&sdkv=h.3.491.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUwNTYyNjY0MzY3MjIMNTY1MzUzMjU1MDQ3QLMDUiAQDyUAAMhBKAE6B3Vua25vd25CB3Vua25vd25IjgJQABgB Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:45 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	track track1.aniview.com/	0 70 B	99ms 97ms	Image text/plain	18.213.6.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=38935&t=1639494877&cip=185.213.155.177&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1639494877342-920230896493-006871-002-005241&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=34964954111&cd1=4.107.0&cd4=a769710f-4039-4072-81cb-d295cbbd18c8&cd5=default&cd6=50&cd7=main&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&asid=60a0c4aabd19fc3b905086bf&pid=56ea678d181f46c76f8b45fb&cid=60a0c4acce284b4c1059cbe8&h=79a26debfb3551c71e77ebb96f2b1bc44fe46d13&d9=1000&ad=25&vi=100&ofpr=1.86869&imid=71e752edde9c9d4099a35b808d70b8e0_1723155176_9511368&e=firstQuartile&ad=25&vi=100&d1=vpaid&fv=1&cb=1639494877439 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-6-218.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:45 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H2	200	track atrack.avplayer.com/	0 70 B	97ms 97ms	Image text/plain	34.224.231.98 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M18&cb=1639494886935&cid=60a0c4acce284b4c1059cbe8&VERSION=4.107.0&AV_PAGE_LOAD_UID=a769710f-4039-4072-81cb-d295cbbd18c8&AV_CDIM4=a769710f-4039-4072-81cb-d295cbbd18c8&AV_ABTEST_TEMPLATE_WIGHT=50&AV_CDIM6=50&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.224.231.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-224-231-98.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:46 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H2	200	track track1.aniview.com/	0 70 B	101ms 101ms	Image text/plain	18.213.6.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=38935&t=1639494877&cip=185.213.155.177&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1639494877342-920230896493-006871-002-005241&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=34964954111&cd1=4.107.0&cd4=a769710f-4039-4072-81cb-d295cbbd18c8&cd5=default&cd6=50&cd7=main&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&asid=60a0c4aabd19fc3b905086bf&pid=56ea678d181f46c76f8b45fb&cid=60a0c4acce284b4c1059cbe8&h=79a26debfb3551c71e77ebb96f2b1bc44fe46d13&d9=1000&ad=25&vi=100&ofpr=1.86869&imid=71e752edde9c9d4099a35b808d70b8e0_1723155176_9511368&e=sec10&vi=100&d1=vpaid&fv=1&cb=1639494877439 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-6-218.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:49 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H3	200	/ googleads.g.doubleclick.net/pagead/interaction/ Frame 7BC6	42 B 64 B	52ms 50ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/interaction/?ai=CpzBi37S4YaXrCNHy3wOsrrPQCOHWk4pn2JnJzdsOsJAfEAEguY2OKGCV4pCCoAegAbyrqu4CyAEFqQIe34noCP2yPuACAKgDAZgEAKoEkwJP0D-DpRetLCq44ye-lIEAV5bFGHElmIfmWA6JojswRGFfm74hsjnDdXNd6H_Ut4UWaBqm8OFDBr4kuqeXw681hxsnkYPlOJtAVaI8Kw0hM6fT1ZXv3xOeOfFw0Lhwcry5u3sCUpoODISaHsLsER_Sl7AFBzBonSukOhQd1wUK1UwHCluutG9GXDkvgE-8yIz2XjQTuo72wgKDCPx9nJWoYa-5MZ5EeuBLmTv6voBjpjMpwmZ3HgGcsB7gHyKCZOrBtnZH8M_97xy3dbAgL3PfYAoj5e19N3HmDtR4GCukilSoRWivVNobret9D-ePY41iPsTb3fL0rOG2XotkIXxUJhQIB6hIjrfkVMuJassimT94JsAE6YC-l6AD4AQBiAX8kprwKqAGVIAHrNTVkQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2OYAKA8gLAdgTDdAVAeIWAggBgBcB&sigh=rkhLP4T_1b0&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=videoplaytime50&ad_mt=10194&acvw=sv%3D914%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D10252,0,0,0,0%26mtos%3D10252,10252,10252,10252,10252%26amtos%3D0,0,0,0,0%26mcvt%3D10252%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D10252%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2235%26pst%3D413%26dur%3D20015%26vmtime%3D10194%26dtos%3D5005%26dtoss%3D3%26dvs%3D5005%26dfvs%3D5005%26dvpt%3D5005%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D5005,5005,5005,5005,5005%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1007%26femvt%3D0%26emc%3D53%26emuc%3D0%26emb%3D53,0,0,0,0%26avms%3Dexc%26qi%3D34897802%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D12077%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10252&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.08%26t%3D1639494879539&sdkv=h.3.491.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUwNTYyNjY0MzY3MjIMNTY1MzUzMjU1MDQ3QLMDUiAQDyUAAMhBKAE6B3Vua25vd25CB3Vua25vd25IjgJQABgB Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Tue, 14 Dec 2021 15:14:50 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	aclk www.googleadservices.com/pagead/ Frame 7BC6 Redirect Chain https://googleads.g.doubleclick.net/aclk?sa=l&ai=C2bkq37S4YaXrCNHy3wOsrrPQCOHWk4pn2JnJzdsOsJAfEAEguY2OKGCV4pCCoAegAbyrqu4CyAEFqQIe34noCP2yPuACAKgDAZgEAKoElgJP0D-DpRetLCq44ye-lIEAV5bFGHElmIfmWA6Jojs... https://www.googleadservices.com/pagead/aclk?sa=L&ai=CsiIm37S4YaXrCNHy3wOsrrPQCOHWk4pn2JnJzdsOsJAfEAEguY2OKGCV4pCCoAegAbyrqu4CyAEFqQIe34noCP2yPuACAKgDAZgEAKoElgJP0D-DpRetLCq44ye-lIEAV5bFGHElmIfmWA6...	0 0	137ms 50ms	Image text/html	142.250.185.66
General Check archive.org Show headers Download Go to Show image Full URL https://www.googleadservices.com/pagead/aclk?sa=L&ai=CsiIm37S4YaXrCNHy3wOsrrPQCOHWk4pn2JnJzdsOsJAfEAEguY2OKGCV4pCCoAegAbyrqu4CyAEFqQIe34noCP2yPuACAKgDAZgEAKoElgJP0D-DpRetLCq44ye-lIEAV5bFGHElmIfmWA6JojswRGFfm74hsjnDdXNd6H_Ut4UWaBqm8OFDBr4kuqeXw681hxsnkYPlOJtAVaI8Kw0hM6fT1ZXv3xOeOfFw0Lhwcry5u3sCUpoODISaHsLsER_Sl7AFBzBonSukOhQd1wUK1UwHCluutG9GXDkvgE-8yIz2XjQTuo72wgKDCPx9nJWoYa-5MZ5EeuBLmTv6voBjpjMpwmZ3HgGcsB7gHyKCZOrBtnZH8M_97xy3dbAgL3PfYAoj5e19N3HmDtR4GCukilSoRWivVNob9erfE--19a_wwiBPuSFgj1tLGzmxG2Je4B4mHxHia_JWizedRtPcWLMc9fQHFMAE6YC-l6AD4AQBiAX8kprwKpIFBggDEAMYAcAFbqAGVIAHrNTVkQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2OZoJHWh0dHA6Ly9yZWZ1cmJlZC5kZS9sL3Byb2R1Y3RzsQl98A5WqcAkroAKA5gLAcgLAdALDrgMAdgTDdAVAeIWAggBgBcB&num=1&client=ca-pub-9848746867798493&ctype=110&label=video_10s_engaged_view&ad_mt=10194&acvw=sv%3D914%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26p0%3D152,534,451,1065%26p1%3D152,534,451,1065%26p2%3D152,534,451,1065%26tos%3D10270,0,0,0,0%26mtos%3D10270,10270,10270,10270,10270%26amtos%3D0,0,0,0,0%26mtos1%3D5247,0,0%26mtos2%3D5005,0,0%26mcvt%3D10270%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10270%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2253%26pst%3D413%26dur%3D20015%26vmtime%3D10194%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D18,18,18,18,18%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1007%26femvt%3D0%26emc%3D53%26emuc%3D0%26emb%3D53,0,0,0,0%26avms%3Dexc%26qi%3D34897802%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D12096%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10270%26ss0%3D0.08%26ss1%3D0.08%26ss2%3D0.08&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.08%26t%3D1639494879539&cid=CAQSKQCNIrLMsKY4gAw_X6xVrdkTkUt6lOC7vIK6TP8kqYulP83-vEUcRkvM&dblrd=1&val=ChAyMjg4Njk1MmQxY2UwMDA3EN3p4o0GGghZGgtOV_2B_CABKAE&sig=AOD64_3ie9RXsEH18en-93kbGWi2LmUcjA&adurl=http://refurbed.de/l/products%3Fcq_src%3Dyoutube%26cq_cmp%3D11509598588%26cq_con%3D111718400105 Protocol H2 Server 142.250.185.66 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Redirect headers pragma no-cache date Tue, 14 Dec 2021 15:14:50 GMT x-content-type-options nosniff server adclick_server p3p policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.googleadservices.com/pagead/aclk?sa=L&ai=CsiIm37S4YaXrCNHy3wOsrrPQCOHWk4pn2JnJzdsOsJAfEAEguY2OKGCV4pCCoAegAbyrqu4CyAEFqQIe34noCP2yPuACAKgDAZgEAKoElgJP0D-DpRetLCq44ye-lIEAV5bFGHElmIfmWA6JojswRGFfm74hsjnDdXNd6H_Ut4UWaBqm8OFDBr4kuqeXw681hxsnkYPlOJtAVaI8Kw0hM6fT1ZXv3xOeOfFw0Lhwcry5u3sCUpoODISaHsLsER_Sl7AFBzBonSukOhQd1wUK1UwHCluutG9GXDkvgE-8yIz2XjQTuo72wgKDCPx9nJWoYa-5MZ5EeuBLmTv6voBjpjMpwmZ3HgGcsB7gHyKCZOrBtnZH8M_97xy3dbAgL3PfYAoj5e19N3HmDtR4GCukilSoRWivVNob9erfE--19a_wwiBPuSFgj1tLGzmxG2Je4B4mHxHia_JWizedRtPcWLMc9fQHFMAE6YC-l6AD4AQBiAX8kprwKpIFBggDEAMYAcAFbqAGVIAHrNTVkQGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2OZoJHWh0dHA6Ly9yZWZ1cmJlZC5kZS9sL3Byb2R1Y3RzsQl98A5WqcAkroAKA5gLAcgLAdALDrgMAdgTDdAVAeIWAggBgBcB&num=1&client=ca-pub-9848746867798493&ctype=110&label=video_10s_engaged_view&ad_mt=10194&acvw=sv%3D914%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26p0%3D152,534,451,1065%26p1%3D152,534,451,1065%26p2%3D152,534,451,1065%26tos%3D10270,0,0,0,0%26mtos%3D10270,10270,10270,10270,10270%26amtos%3D0,0,0,0,0%26mtos1%3D5247,0,0%26mtos2%3D5005,0,0%26mcvt%3D10270%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10270%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2253%26pst%3D413%26dur%3D20015%26vmtime%3D10194%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D18,18,18,18,18%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1007%26femvt%3D0%26emc%3D53%26emuc%3D0%26emb%3D53,0,0,0,0%26avms%3Dexc%26qi%3D34897802%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D12096%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10270%26ss0%3D0.08%26ss1%3D0.08%26ss2%3D0.08&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.08%26t%3D1639494879539&cid=CAQSKQCNIrLMsKY4gAw_X6xVrdkTkUt6lOC7vIK6TP8kqYulP83-vEUcRkvM&dblrd=1&val=ChAyMjg4Njk1MmQxY2UwMDA3EN3p4o0GGghZGgtOV_2B_CABKAE&sig=AOD64_3ie9RXsEH18en-93kbGWi2LmUcjA&adurl=http://refurbed.de/l/products%3Fcq_src%3Dyoutube%26cq_cmp%3D11509598588%26cq_con%3D111718400105 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	watchtime s.youtube.com/api/stats/ Frame 7BC6	0 0	44ms 20ms	Image text/html	2a00:1450:400c:c1b::8a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.194&rtn=20.000&ns=yt&fexp=21064201%2C44725355&el=adunit&cpn=XNZRbxVXaOVwJ_im&docid=g5KYV9xuc1U&ver=2&cmt=10.194&fmt=18&rt=10.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.tumgir.com%2F&len=20.016&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=96.0.4664.93&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c1b::8a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers
GET H2	200	track track1.aniview.com/	0 70 B	112ms 102ms	Image text/plain	18.213.6.218 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=38935&t=1639494877&cip=185.213.155.177&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1639494877342-920230896493-006871-002-005241&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.91&cb=34964954111&cd1=4.107.0&cd4=a769710f-4039-4072-81cb-d295cbbd18c8&cd5=default&cd6=50&cd7=main&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&asid=60a0c4aabd19fc3b905086bf&pid=56ea678d181f46c76f8b45fb&cid=60a0c4acce284b4c1059cbe8&h=79a26debfb3551c71e77ebb96f2b1bc44fe46d13&d9=1000&ad=25&vi=100&ofpr=1.86869&imid=71e752edde9c9d4099a35b808d70b8e0_1723155176_9511368&e=midpoint&ad=25&vi=100&d1=vpaid&fv=1&cb=1639494877439 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-6-218.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 15:14:50 GMT cache-control max-age=0, no-cache, no-store content-length 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

s7.addthis.com

URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain

sync.adotmob.com

URL

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1

Domain

webpick-cdn.s3.amazonaws.com

URL

https://webpick-cdn.s3.amazonaws.com/snapecaht.png