www.tumgir.com Open in urlscan Pro
159.203.91.122 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tumgir.com/favoredbyspring
Submission: On October 20 via manual (October 20th 2020, 3:17:42 pm UTC) from PH

Summary HTTP 52 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 13 IPs in 6 countries across 14 domains to perform 52 HTTP transactions. The main IP is 159.203.91.122, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.tumgir.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 17th 2020. Valid for: a year.

This is the only time www.tumgir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	159.203.91.122 159.203.91.122	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6 6	152.199.21.147 152.199.21.147	15133 (EDGECAST) (EDGECAST)
19	192.0.77.3 192.0.77.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	52.222.177.202 52.222.177.202	16509 (AMAZON-02) (AMAZON-02)
7	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	54.237.125.12 54.237.125.12	14618 (AMAZON-AES) (AMAZON-AES)
5	13.227.156.95 13.227.156.95	16509 (AMAZON-02) (AMAZON-02)
1	95.101.185.246 95.101.185.246	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	151.101.112.84 151.101.112.84	54113 (FASTLY) (FASTLY)
1	99.86.2.32 99.86.2.32	16509 (AMAZON-02) (AMAZON-02)
1 1	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
1	94.31.29.131 94.31.29.131	33438 (HIGHWINDS2) (HIGHWINDS2)
52	13

7 159.203.91.122 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

www.tumgir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 152.199.21.147 (United States) 6 redirects

ASN15133 (EDGECAST, US)

api.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

64.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.177.202 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-177-202.ham50.r.cloudfront.net

d18g6t7whf8ejf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.237.125.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-125-12.compute-1.amazonaws.com

othernedm.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.227.156.95 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-156-95.muc51.r.cloudfront.net

endriawoolr.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.185.246 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a95-101-185-246.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.2.32 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-32.fra6.r.cloudfront.net

nsidereturn.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.192.101.24 (Dallas, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

ngp4.intnotif.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.131 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.131.IPYX-077437-ZYO.above.net

www.ssaimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	tumblr.com 6 redirects api.tumblr.com 64.media.tumblr.com	1 MB
7	tumgir.com www.tumgir.com	234 KB
6	addthis.com s7.addthis.com m.addthis.com api-public.addthis.com	191 KB
5	endriawoolr.top endriawoolr.top	4 KB
2	pinterest.com widgets.pinterest.com	460 B
2	facebook.com graph.facebook.com	939 B
2	google-analytics.com www.google-analytics.com	19 KB
2	cloudfront.net d18g6t7whf8ejf.cloudfront.net	89 KB
1	ssaimg.com www.ssaimg.com	4 KB
1	intnotif.club ngp4.intnotif.club Failed	183 B
1	nsidereturn.club nsidereturn.club	368 B
1	addthisedge.com v1.addthisedge.com	691 B
1	moatads.com z.moatads.com	1 KB
1	othernedm.info othernedm.info	16 KB
52	14

	Domain	Requested by
19	64.media.tumblr.com	www.tumgir.com
7	www.tumgir.com	www.tumgir.com
6	api.tumblr.com	6 redirects
5	endriawoolr.top	d18g6t7whf8ejf.cloudfront.net
3	s7.addthis.com	www.tumgir.com s7.addthis.com
2	api-public.addthis.com	s7.addthis.com
2	widgets.pinterest.com	s7.addthis.com
2	graph.facebook.com	s7.addthis.com
2	www.google-analytics.com	www.tumgir.com www.google-analytics.com
2	d18g6t7whf8ejf.cloudfront.net	www.tumgir.com
1	www.ssaimg.com
1	ngp4.intnotif.club
1	nsidereturn.club	www.tumgir.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	othernedm.info	www.tumgir.com
52	17

This site contains links to these domains. Also see Links.

Domain
notesoutofmymind.tumblr.com
neckkiss.tumblr.com
elenacxx.tumblr.com
janeforest.tumblr.com
www.lido-lido.com
m96k.tumblr.com
eternale.tumblr.com
sundaylatte.tumblr.com
mrs-bingley.tumblr.com
abdullahrq.tumblr.com
godspeedmp3-deactivated20200914.tumblr.com
myaurelia.tumblr.com
surqrised.tumblr.com
birdasaurus.tumblr.com
www.instagram.com
sabonhomeblog.tumblr.com
www.addthis.com

Subject Issuer	Validity	Valid
tumgir.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-17` - `2021-03-17`	a year	crt.sh
*.media.tumblr.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-10` - `2022-02-09`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
othernedm.info Let's Encrypt Authority X3	`2020-09-21` - `2020-12-20`	3 months	crt.sh
endriawoolr.top Amazon	`2020-10-04` - `2021-11-03`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
nsidereturn.club Amazon	`2020-09-06` - `2021-10-06`	a year	crt.sh
www.ssaimg.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-12` - `2022-04-14`	2 years	crt.sh

This page contains 6 frames:

Primary Page: https://www.tumgir.com/favoredbyspring
Frame ID: EF5AE4E782BB0081E3F7418BB50B789D
Requests: 48 HTTP requests in this frame

Frame: https://endriawoolr.top/NVNJQjFUMSovDlRuK2RERz90ZwNzdnsEVQRrLnRFAiQhJAlQOS9sUlk8PCZXRzwnNh9bNj1nA3MpGhp/WgF4LUB9EhAqa2FjKAZ5RTovB3dnMA57R3IBOi1/cT8GAEtvOQsQBQMYMC4UBxUCEARdHyMPaWMLH3p7ZxoOC3ZRJQ8laF4JeipndgAEdlVwNwYPSFo+DgRkBBogdlB3ABwxfU0KBBtiDTwdJWRaGgoDV3cQE2cDczYzFFVUBDkxYGM7PwxIUgIIEVpAGS4DcGw+Ig5nWSN6D0hWGw0RRRBhDycBeBUDKF1GAh8lXn4EMQBmcWpscHdQYwcYVUIFfRBLGDcwIQNNER4BaEQcG3p/eBdxMHZ0FjMkAkZiERpjQQl5AFRsPiF3ZkIePw5YZDUdGmRvMQwEaH4pBCt3XmJ4I1gBBAo7RgQKDxhQUSkiKnBkMDgSA00RBSwIRQl5DHZWYT13YHAJMSMDTREeBmACHzELUHk9cHV/Y2J5IGZREhEvdEM3CyZTURQiLXdjJ2xwc3obCBppTAU/DnNsHABweEYCJXsBVzo9AXV2HSYOY2wYbyhCWj05f15EagUvY1kgfxhH
Frame ID: 8C5975256F6793130DA6878C071BBAC2
Requests: 1 HTTP requests in this frame

Frame: https://endriawoolr.top/eTZpSjEYVAonDhgLC2xEC1pUbwM/E1sMVUgODnxFTkEBLAkcXA9kUhVZHC5XC1kHPh8XUx1vAz9HPCFdNWECJUkzXzxyVSpvDgYDHU8zeUUAVDF/ATBMDnt7OnxZAHYORCwScEB5EzlrNXFZP3w9bFkvaQ5bJDNSCmxbPQIzTwEkVEpnBgZLEQUzJwlcBC8BWCwDDQ4FSXoDKUcwXDg8fxQOTHhzNgUKbwM/fAMPSzNcXSVTFFEkEAMdAQ95WRBvOhMGMmIaJGEDY1wFXAECLg0IHlM6AwEpXAomUxReXxpIHlkPeVkQfAMiFEtwDA14AVQEIgcgBQIfUEoCJyx2VHxMeHcccSAlfgBZBARLTUMmCXROZj5/Xj1xDXxXMWRcEHYBAwgneEx/PXICM1gNfXIxD10TWCxfJBkISlNaOQg1TCwjezF4HxN5ElkkIFZAfCp/FEtwDAhjAVMhGAcfflh8UBdaUSwCCRNbDFQ+f18BWw5EIAlzDFcoMl8cWBF6VC5kHxpcGhADOV4XRlQlBxh1UDxQCH0M
Frame ID: 1C8627DAA9B88BED7717ED5C73C90704
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 5C39C5BCD0B22846FE958486E8EC8C06
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 0FE73B8A973C5A8D8894D21934160850
Requests: 1 HTTP requests in this frame

Frame: https://www.ssaimg.com/~lDwrnvAdJts/9174ab3ac4e83931e76281a9773fa2f08a39cce63e890e30fff3817773f513d7.png
Frame ID: 0E9E41C14557386ADA8F8792CBE9F6AC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

52
Requests

96 %
HTTPS

14 %
IPv6

14
Domains

17
Subdomains

13
IPs

6
Countries

1955 kB
Transfer

2767 kB
Size

0
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://notesoutofmymind.tumblr.com/post/162010514252/out-of-my-notebook
Title: notesoutofmymind

Search URL Search Domain Scan URL

URL: http://neckkiss.tumblr.com/post/165691349622/kiss-me-slowly
Title: neckkiss

Search URL Search Domain Scan URL

URL: https://elenacxx.tumblr.com/post/631258948866015232
Title: elenacxx

Search URL Search Domain Scan URL

URL: https://janeforest.tumblr.com/post/629984892237840385/wwwlido-lidocom
Title: janeforest

Search URL Search Domain Scan URL

URL: http://www.lido-lido.com/
Title: www.lido-lido.com

Search URL Search Domain Scan URL

URL: https://m96k.tumblr.com/post/630517435568734208
Title: m96k

Search URL Search Domain Scan URL

URL: https://eternale.tumblr.com/post/631105686083911680/sometimes-you-have-to-be-apart-from-people-you
Title: eternale

Search URL Search Domain Scan URL

URL: https://sundaylatte.tumblr.com/
Title: sundaylatte

Search URL Search Domain Scan URL

URL: https://mrs-bingley.tumblr.com/post/631148179858063360/me-when-someone-plays-with-my-hair-can-you-do
Title: mrs-bingley

Search URL Search Domain Scan URL

URL: http://abdullahrq.tumblr.com/post/183526673202
Title: abdullahrq

Search URL Search Domain Scan URL

URL: https://godspeedmp3-deactivated20200914.tumblr.com/post/187952059961
Title: godspeedmp3-deactivated20200914

Search URL Search Domain Scan URL

URL: https://myaurelia.tumblr.com/post/157576254159/if-you-remember-that-life-is-fluid-youll-never
Title: myaurelia

Search URL Search Domain Scan URL

URL: https://surqrised.tumblr.com/post/616399374303592448/when-a-person-tells-you-that-you-hurt-them-you
Title: surqrised

Search URL Search Domain Scan URL

URL: https://surqrised.tumblr.com/
Title: surqrised

Search URL Search Domain Scan URL

URL: https://birdasaurus.tumblr.com/post/630983079078559744
Title: birdasaurus

Search URL Search Domain Scan URL

URL: https://www.instagram.com/christina.kassi/
Title: Christina Kassi

Search URL Search Domain Scan URL

URL: https://sabonhomeblog.tumblr.com/post/628246763606818816/parbengtsson1
Title: sabonhomeblog

Search URL Search Domain Scan URL

URL: https://sabonhomeblog.tumblr.com/
Title: @parbengtsson1

Search URL Search Domain Scan URL

URL: https://sabonhomeblog.tumblr.com/post/615655351135715328/luke-beard
Title: sabonhomeblog

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://api.tumblr.com/v2/blog/favoredbyspring.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/f9716bb54192e745205b4920c8f2f35d/83f2afdf26873a69-45/s128x128u_c1/c18f0ed55335075c01949b0b77b8f61053007ec0.jpg

Request Chain 2

https://api.tumblr.com/v2/blog/rajinists.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_1ee2709ca047_128.png

Request Chain 3

https://api.tumblr.com/v2/blog/thebornthisway.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/ee47264ae3121cec9f552155f7df455a/7708637b971820e2-21/s128x128u_c1/fdde171c33f764e981fb1c841311dc73e621918b.jpg

Request Chain 4

https://api.tumblr.com/v2/blog/abyssnighthawk.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/7feb7903f6cf7951b985a3e2ede0d167/7e7ea12e94e03344-19/s128x128u_c1/ac0ac533f99f184a75b3e548e7cdba6fb875a4a8.png

Request Chain 5

https://api.tumblr.com/v2/blog/hiirop8000.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_bbd6e9ba933d_128.png

Request Chain 6

https://api.tumblr.com/v2/blog/teathy.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_87c410b315d1_128.png

Request Chain 51

https://ngp4.intnotif.club/adServe/wpnFeed/getImage?ai=BNdG0VyVM1Gu5zTofLxYwlt248FJq917Hy1WQF77YQqEqPUJWXM0RNGbZDOZtxltoukKvnHAyRcMnqwi_8T7NKx_kfbd4fxPoq5j2_ioPXD8SRrDshmUeZ9tJVU0tWTVt7qEDjWGmxuMm63paH6Hd3sR61bUShznUArlYAR-beEUTsIlbJx8MlIhQVtJGJDJoe22Om4jEBLVBc9OfjpeyvkRVCywS_Jg0L9KYcex8iBfEi_dw-XGx7Awo8h51rjW1elXWEBINGeVrXeWUtKEKS5sKuSq92AfoDXjYvczZuwmx8V67OnosLq24wyLJbsOf9xurF1wL5UXshoHf66ZQfLUakIrvlxIbbzyyGQTyZDH4niqbP7svVv39NOsLHl8uk1yhBCHvH18tFa8M9evRBj6A7F6eFPBS0V2PkxrzhNT3pxNEcHCIppKNW8hJ2h4M_RoViYgjdJzfTDAasNq5KgKXmJLBoxDvkX9dKv-noB4405IFX6R6wozeYbpgkILQ_f6CDHEAYeCsAQMqUl0Lm_fIVhiajvNvIDvYpBXcVJj30acqVzszGyvWo5elBrOnRNQiwAqYuvLK0CF86GPvOOcLzGERWTc HTTP 302
https://www.ssaimg.com/~lDwrnvAdJts/9174ab3ac4e83931e76281a9773fa2f08a39cce63e890e30fff3817773f513d7.png

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request favoredbyspring Show response
www.tumgir.com/ 29 KB
6 KB 1278ms
1039ms Document
text/html 159.203.91.122
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tumgir.com/favoredbyspring

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.203.91.122 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

f9fc0c5c616d7b576a1527ad68274f344eaad3811165cd2a124a41935f1d76da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.tumgir.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 20 Oct 2020 15:17:22 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
ETag: W/"72fa-dvfk1j6FulL6RDlDgQbmzhDgLno"
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK style.c926fbb71c3aaabe09fb.css
www.tumgir.com/css/ 19 KB
4 KB 114ms
113ms Stylesheet
text/css 159.203.91.122
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/css/style.c926fbb71c3aaabe09fb.css
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.91.122 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 272ea7a4b9f2ac3caaece88a971ee01e230ce3aa39a832e70b649385b20e3888

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 20 Oct 2020 15:17:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Oct 2019 22:57:58 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5da64ef6-4ab8"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H2

200

c18f0ed55335075c01949b0b77b8f61053007ec0.jpg
64.media.tumblr.com/f9716bb54192e745205b4920c8f2f35d/83f2afdf26873a69-45/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/favoredbyspring.tumblr.com/avatar/128
https://64.media.tumblr.com/f9716bb54192e745205b4920c8f2f35d/83f2afdf26873a69-45/s128x128u_c1/c18f0ed55335075c01949b0b77b8f61053007ec0.jpg

6 KB
6 KB

128ms
127ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/f9716bb54192e745205b4920c8f2f35d/83f2afdf26873a69-45/s128x128u_c1/c18f0ed55335075c01949b0b77b8f61053007ec0.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4858013f46551faa26a8bd17a38cd248fb991478585515524c12a08b995e2a5c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
etag: "d8dbb4799bb867cfc8696fdfd59c2b80-1498089600-59cc1ea"
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_f9716bb54192e745205b4920c8f2f35d_c18f0ed5_128.jpg"
content-length: 6329
x-nc: MISS ams 3
last-modified: Sun, 18 Oct 2020 04:47:07 GMT
server: nginx
date: Tue, 20 Oct 2020 15:17:22 GMT
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

Redirect headers

date: Tue, 20 Oct 2020 15:17:22 GMT
server: openresty
x-cache-avatar: true
status: 302
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/f9716bb54192e745205b4920c8f2f35d/83f2afdf26873a69-45/s128x128u_c1/c18f0ed55335075c01949b0b77b8f61053007ec0.jpg#_=_
x-rid: 179560346382537008395333805713114823861
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

avatar_1ee2709ca047_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/rajinists.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_1ee2709ca047_128.png

36 KB
37 KB

32ms
31ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_1ee2709ca047_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1a378851bff280753b92fd25a7321651d6203c346d7d5e37e7e31ed0a96be77f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:22 GMT
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="avatar_1ee2709ca047_128.png"
content-length: 37266
x-nc: HIT ams 5
last-modified: Thu, 22 Jun 2017 00:00:00 GMT
server: nginx
etag: "5b9e8cc4e43a46d87c257f9bb609ed39-1498089600-17e885d"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *

Redirect headers

date: Tue, 20 Oct 2020 15:17:22 GMT
server: openresty
x-cache-avatar: true
status: 302
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_1ee2709ca047_128.png#_=_
x-rid: 650939714440929403512826052152336042130
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

fdde171c33f764e981fb1c841311dc73e621918b.jpg
64.media.tumblr.com/ee47264ae3121cec9f552155f7df455a/7708637b971820e2-21/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/thebornthisway.tumblr.com/avatar/128
https://64.media.tumblr.com/ee47264ae3121cec9f552155f7df455a/7708637b971820e2-21/s128x128u_c1/fdde171c33f764e981fb1c841311dc73e621918b.jpg

8 KB
8 KB

32ms
31ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/ee47264ae3121cec9f552155f7df455a/7708637b971820e2-21/s128x128u_c1/fdde171c33f764e981fb1c841311dc73e621918b.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

952d86528f522cb3d3672245163abd5f0df9ac5e8a8d95acbe7ddb3132f82306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:22 GMT
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_ee47264ae3121cec9f552155f7df455a_fdde171c_128.jpg"
content-length: 8107
x-nc: HIT ams 5
last-modified: Sat, 25 Jul 2020 17:00:50 GMT
server: nginx
etag: "457b677db5d586f2b18705b80b4d3494-1498089600-37c5a04"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

Redirect headers

date: Tue, 20 Oct 2020 15:17:22 GMT
server: openresty
x-cache-avatar: true
status: 302
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/ee47264ae3121cec9f552155f7df455a/7708637b971820e2-21/s128x128u_c1/fdde171c33f764e981fb1c841311dc73e621918b.jpg#_=_
x-rid: 1654742631836614249916104750690228836410
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

ac0ac533f99f184a75b3e548e7cdba6fb875a4a8.png
64.media.tumblr.com/7feb7903f6cf7951b985a3e2ede0d167/7e7ea12e94e03344-19/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/abyssnighthawk.tumblr.com/avatar/128
https://64.media.tumblr.com/7feb7903f6cf7951b985a3e2ede0d167/7e7ea12e94e03344-19/s128x128u_c1/ac0ac533f99f184a75b3e548e7cdba6fb875a4a8.png

9 KB
9 KB

31ms
30ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/7feb7903f6cf7951b985a3e2ede0d167/7e7ea12e94e03344-19/s128x128u_c1/ac0ac533f99f184a75b3e548e7cdba6fb875a4a8.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1267f33b4469782803b06e9b3f6027c7e457732adb735e4364104119f39d8f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:22 GMT
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_7feb7903f6cf7951b985a3e2ede0d167_ac0ac533_128.png"
content-length: 9430
x-nc: HIT ams 3
last-modified: Thu, 14 Nov 2019 05:33:53 GMT
server: nginx
etag: "2c7636777b04803fa752deba16faf1ed-1498089600-37c5a04"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

Redirect headers

date: Tue, 20 Oct 2020 15:17:22 GMT
server: openresty
x-cache-avatar: true
status: 302
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/7feb7903f6cf7951b985a3e2ede0d167/7e7ea12e94e03344-19/s128x128u_c1/ac0ac533f99f184a75b3e548e7cdba6fb875a4a8.png#_=_
x-rid: 596893368210318504211849407237965849939
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

avatar_bbd6e9ba933d_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/hiirop8000.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_bbd6e9ba933d_128.png

15 KB
15 KB

219ms
218ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_bbd6e9ba933d_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

74da081db1ee79e5b2fe8be79c858e941d374f60d4b960a51fbfa04d97688016

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
etag: "13ab9baa1ae00c0c3772e92583131864-1498089600-59cc1ea"
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="avatar_bbd6e9ba933d_128.png"
content-length: 15069
x-nc: MISS ams 7
last-modified: Mon, 19 Oct 2020 12:36:25 GMT
server: nginx
date: Tue, 20 Oct 2020 15:17:22 GMT
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *

Redirect headers

date: Tue, 20 Oct 2020 15:17:22 GMT
server: openresty
x-cache-avatar: true
status: 302
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_bbd6e9ba933d_128.png#_=_
x-rid: 5727096553635758761339881877190696273
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

avatar_87c410b315d1_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/teathy.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_87c410b315d1_128.png

9 KB
10 KB

234ms
232ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_87c410b315d1_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

84c1ed5544fff50adcf95d42e970a0a39047c3369ff7768df5cc27f3688f4996

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
etag: "a67814d7f4a68002f0c5910ccbcf0fe4-1498089600-59cc1ea"
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="avatar_87c410b315d1_128.png"
content-length: 9690
x-nc: MISS ams 3
last-modified: Sat, 17 Oct 2020 19:51:19 GMT
server: nginx
date: Tue, 20 Oct 2020 15:17:22 GMT
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *

Redirect headers

date: Tue, 20 Oct 2020 15:17:22 GMT
server: openresty
x-cache-avatar: true
status: 302
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_87c410b315d1_128.png#_=_
x-rid: 46450945090560086441689110819118487982
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 tumblr_ornx02wvru1w8kf2ro1_500.jpg
64.media.tumblr.com/8893283086198e5afdcc094dc14c1c82/ 53 KB
53 KB 123ms
58ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/8893283086198e5afdcc094dc14c1c82/tumblr_ornx02wvru1w8kf2ro1_500.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d5649badf55425e6605f2582fcc5a7821bd354f93ea4a540f81470d39371e173

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:22 GMT
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_0471427e012164ca9072986c334b295d_6cce4546_500.jpg"
content-length: 53798
x-nc: HIT ams 3
last-modified: Sat, 21 Dec 2019 22:07:23 GMT
server: nginx
etag: "9c5ac2d5c3c4d8e170795a72e15ec419-1498089600-37c5a04"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 tumblr_owslkcTra11rnpavmo1_500.jpg
64.media.tumblr.com/776d4b2ccd1a7ab39f6c1d99d8e1fc5f/ 71 KB
72 KB 95ms
30ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/776d4b2ccd1a7ab39f6c1d99d8e1fc5f/tumblr_owslkcTra11rnpavmo1_500.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0a36a372ba715a0e5692cc195591470adc88756b6ab1f10e45934553778a7c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:22 GMT
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_b4b93ff2976dc60060742a2d28672c6c_374f2e66_500.jpg"
content-length: 72840
x-nc: HIT ams 3
last-modified: Mon, 28 Oct 2019 15:23:13 GMT
server: nginx
etag: "6167355458cbb27af0d61a9a301d2028-1498089600-37c5a04"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 333a139fc5a52829def1b2e0a4730d68190065b7.jpg
64.media.tumblr.com/f655c46b385797dd20b2c861ff7c3a2c/25355b71482d9380-bc/s640x960/ 83 KB
83 KB 111ms
46ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/f655c46b385797dd20b2c861ff7c3a2c/25355b71482d9380-bc/s640x960/333a139fc5a52829def1b2e0a4730d68190065b7.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d316f9a4c65c3b35ab9e41b3813898926a4c2f2bea97435ac4db480b27f64dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:22 GMT
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_f655c46b385797dd20b2c861ff7c3a2c_333a139f_640.jpg"
content-length: 85121
x-nc: HIT ams 7
last-modified: Tue, 06 Oct 2020 20:17:27 GMT
server: nginx
etag: "071e84df9c4bae94089d3eb4508793bb-1498089600-466e6de"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 448cb2371174a6b1890ae23c3e972ff03bf61b09.jpg
64.media.tumblr.com/a2d9cb5ad2420518c61a9018cfbb432d/ac296718d25aabe7-7f/s500x750/ 125 KB
126 KB 58ms
55ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/a2d9cb5ad2420518c61a9018cfbb432d/ac296718d25aabe7-7f/s500x750/448cb2371174a6b1890ae23c3e972ff03bf61b09.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4142b20599d38d79427fbd75f39898d90bbbab21aeda340f49347495ab29538a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:22 GMT
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_a2d9cb5ad2420518c61a9018cfbb432d_448cb237_500.jpg"
content-length: 128335
x-nc: HIT ams 7
last-modified: Tue, 22 Sep 2020 16:31:00 GMT
server: nginx
etag: "c37777d295cd0b814c5e89845e3908c7-1498089600-466e6de"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 tumblr_nuydqaFYK31qiy05do1_500.jpg
64.media.tumblr.com/ce34be6139781c002f65993b5e0242fa/ 94 KB
94 KB 59ms
57ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/ce34be6139781c002f65993b5e0242fa/tumblr_nuydqaFYK31qiy05do1_500.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

800ecc75dade85a24ada2d08aae7e3edbe43630a3857fd05a2401952d8821437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:22 GMT
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_15eb30934219ad14e17aacabad36d085_52149064_500.jpg"
content-length: 96410
x-nc: HIT ams 7
last-modified: Fri, 08 Nov 2019 09:48:41 GMT
server: nginx
etag: "331c5a62e4c78b80403e0570c0786cd5-1498089600-37c5a04"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 7f24454989e1561bea937a9a4c7f0ebbb6f1ee14.jpg
64.media.tumblr.com/803b8c968d965827c3b7372f569db49a/35f7fa1d9ad494c0-47/s640x960/ 47 KB
47 KB 59ms
56ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/803b8c968d965827c3b7372f569db49a/35f7fa1d9ad494c0-47/s640x960/7f24454989e1561bea937a9a4c7f0ebbb6f1ee14.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

32c9e2afb1104b439f07a33b3a5ba88daee8ee78de3020afc105f294bd2bfaa2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
etag: "3b9936c669c39e299c28a096f6d3faf7-1498089600-e29fe7c"
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_803b8c968d965827c3b7372f569db49a_7f244549_640.jpg"
content-length: 48155
x-nc: HIT ams 7
last-modified: Wed, 14 Oct 2020 10:59:41 GMT
server: nginx
date: Tue, 20 Oct 2020 15:17:22 GMT
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 22dc4150dbde4305fbca68500f3b753848a546ef.jpg
64.media.tumblr.com/16b0e2e841370d6ed00152e31dea3a60/35f7fa1d9ad494c0-3f/s640x960/ 15 KB
15 KB 56ms
54ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/16b0e2e841370d6ed00152e31dea3a60/35f7fa1d9ad494c0-3f/s640x960/22dc4150dbde4305fbca68500f3b753848a546ef.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ab4bc174af928a0bf74083a1236ad12f0bf11f6eadb6033ca5a16f242a5517c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:22 GMT
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_16b0e2e841370d6ed00152e31dea3a60_22dc4150_640.jpg"
content-length: 15217
x-nc: HIT ams 3
last-modified: Thu, 26 Sep 2019 00:25:26 GMT
server: nginx
etag: "79056d40712f68eeeca6f10cc62dfbb3-1498089600-37c5a04"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 642c3e340de1f6ebfdfd973ee19e338fa0a02fa6.jpg
64.media.tumblr.com/6aefd17e62fccdd227a869eaab501883/35f7fa1d9ad494c0-4d/s640x960/ 19 KB
19 KB 57ms
54ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/6aefd17e62fccdd227a869eaab501883/35f7fa1d9ad494c0-4d/s640x960/642c3e340de1f6ebfdfd973ee19e338fa0a02fa6.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8504dcb707c0ad694b99ce8138fa237e157b0e772bd57ca197d2a7d133ec3806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:22 GMT
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_6aefd17e62fccdd227a869eaab501883_642c3e34_640.jpg"
content-length: 19025
x-nc: HIT ams 6
last-modified: Thu, 26 Sep 2019 00:25:27 GMT
server: nginx
etag: "0b23671c1737ccee253ded7467818fb7-1498089600-37c5a04"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 15b4a702d84a7d93a9c22a1b88793dbcaa70a449.jpg
64.media.tumblr.com/72873b4a83a50920acbb8b55c0e22da2/35f7fa1d9ad494c0-d3/s640x960/ 30 KB
30 KB 58ms
56ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/72873b4a83a50920acbb8b55c0e22da2/35f7fa1d9ad494c0-d3/s640x960/15b4a702d84a7d93a9c22a1b88793dbcaa70a449.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4d9575fc331fa24142650ca3aa50ec5e7c5e10259005f9f9f4e9bf3b8880e7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:22 GMT
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_72873b4a83a50920acbb8b55c0e22da2_15b4a702_640.jpg"
content-length: 30758
x-nc: HIT ams 2
last-modified: Thu, 26 Sep 2019 00:25:27 GMT
server: nginx
etag: "2e45d910220b93192f6cbf9da5d5a07c-1498089600-37c5a04"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 faade0f7f58caa59027702b062890d749cc47098.png
64.media.tumblr.com/fc04aecb486cbc97d94e9ec05c0fc813/bf6ecac72a122d98-97/s500x750/ 509 KB
510 KB 58ms
56ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/fc04aecb486cbc97d94e9ec05c0fc813/bf6ecac72a122d98-97/s500x750/faade0f7f58caa59027702b062890d749cc47098.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a3ec9857408d33ab9d5b663cf609a7a687bf968f6389d81473c1b5e004361461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:22 GMT
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_fc04aecb486cbc97d94e9ec05c0fc813_faade0f7_500.png"
content-length: 521303
x-nc: HIT ams 1
last-modified: Mon, 10 Aug 2020 13:14:26 GMT
server: nginx
etag: "c43a5e167315c867d51ecd9a1495dab7-1498089600-466e6de"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 544724ca6309d6922ee1f7cabc9b6e880cc5e817.jpg
64.media.tumblr.com/cddce496a851bb7a8c57d6e9894554ec/5c0a11d82db2b963-52/s500x750/ 88 KB
88 KB 69ms
67ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/cddce496a851bb7a8c57d6e9894554ec/5c0a11d82db2b963-52/s500x750/544724ca6309d6922ee1f7cabc9b6e880cc5e817.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2a751f19cd03ceed42fdf5634031ffd6cf96c4f282c13613c5ef66f7a23b521a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:22 GMT
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_cddce496a851bb7a8c57d6e9894554ec_544724ca_500.jpg"
content-length: 90073
x-nc: HIT ams 1
last-modified: Wed, 27 May 2020 00:26:04 GMT
server: nginx
etag: "dafab8bf38b2fab23451a24c12235976-1498089600-c05dc94"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 f2affa568af886a17e10933ba504f3f225251bb1.jpg
64.media.tumblr.com/d5ba78bf87f513e668ccdfb7d2747955/8a1b6177ec3bbe08-2d/s500x750/ 70 KB
70 KB 69ms
67ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/d5ba78bf87f513e668ccdfb7d2747955/8a1b6177ec3bbe08-2d/s500x750/f2affa568af886a17e10933ba504f3f225251bb1.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

51b81914be34975d66afb97a01d3294558ac740aa811e68f6dc13eb4ab3e0ae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:22 GMT
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_d5ba78bf87f513e668ccdfb7d2747955_f2affa56_500.jpg"
content-length: 71250
x-nc: HIT ams 4
last-modified: Thu, 03 Sep 2020 14:18:43 GMT
server: nginx
etag: "ecb22b2b3142108a4627f34c617c3971-1498089600-b3558ba"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 222ebbe7b198b6f6f53c097124de73390a0f82d4.jpg
64.media.tumblr.com/d75f91c6ffa3db7d8dcfc5d217d914da/869207c68cdb09d3-3f/s500x750/ 103 KB
103 KB 69ms
67ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/d75f91c6ffa3db7d8dcfc5d217d914da/869207c68cdb09d3-3f/s500x750/222ebbe7b198b6f6f53c097124de73390a0f82d4.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

86ec137fd2ada1764a063312d066166e81082edd674e640bd193548835601f18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:22 GMT
x-frames: 1
status: 200
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_d75f91c6ffa3db7d8dcfc5d217d914da_222ebbe7_500.jpg"
content-length: 105603
x-nc: HIT ams 5
last-modified: Fri, 17 Apr 2020 14:43:44 GMT
server: nginx
etag: "9991da2c02d1c7e2c670a09c7424ce90-1498089600-37c5a04"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H/1.1 200
OK vendor.5c572aefbaf65749e849.js Show response
www.tumgir.com/js/ 124 KB
48 KB 210ms
210ms Script
application/javascript 159.203.91.122
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/js/vendor.5c572aefbaf65749e849.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.91.122 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3eaa906bc7acf08a6e50c88cade1eaa882dfccf772a83a2824542eb147ec027e

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 20 Oct 2020 15:17:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Oct 2019 22:57:58 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5da64ef6-1ee2e"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK blog.29fd4786c455066d4321.js Show response
www.tumgir.com/js/ 4 KB
2 KB 341ms
112ms Script
application/javascript 159.203.91.122
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/js/blog.29fd4786c455066d4321.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.91.122 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5489730cac32e72f91d4b11b4de1659c1a73fa080db495a66e2b0f9120c82ada

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 20 Oct 2020 15:17:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Oct 2019 22:57:58 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5da64ef6-1014"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK sw.js Show response
www.tumgir.com/ 103 KB
46 KB 443ms
210ms Script
application/javascript 159.203.91.122
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/sw.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.91.122 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: db1878ea8ebc62b3df8d8c846f63e09e66bab7d18114d987f7895e5454bcc3c6

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 20 Oct 2020 15:17:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Mar 2020 13:55:50 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5e70d6e6-19b64"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 / Show response
d18g6t7whf8ejf.cloudfront.net/ 165 KB
53 KB 315ms
224ms Script
text/plain 52.222.177.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852975
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.177.202 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-177-202.ham50.r.cloudfront.net
Software: /
Resource Hash: 7b0c67159d1d60e616dd8e41b770d6423acc5661eae9725b3c61bcb52bce3ed7

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Oct 2020 15:17:22 GMT
content-encoding: gzip
x-amz-cf-pop: HAM50-C1
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 54283
via: 1.1 e626e3045304034f7160fd4e5f8b6fcf.cloudfront.net (CloudFront)
x-amz-cf-id: v0gpXwWDI4C8gIT4SgVqtspDKKT7ZT11kgvz7Ae7PkWm9QayxrKplg==

GET
H2 200 / Show response
d18g6t7whf8ejf.cloudfront.net/ 95 KB
35 KB 287ms
197ms Script
text/plain 52.222.177.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.177.202 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-177-202.ham50.r.cloudfront.net
Software: /
Resource Hash: 70ae3f1bafa2d75833c9c345cbfcce17ca5e6f8dc7c368b76c3cee7fd4085148

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Oct 2020 15:17:22 GMT
content-encoding: gzip
x-amz-cf-pop: HAM50-C1
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 35574
via: 1.1 e626e3045304034f7160fd4e5f8b6fcf.cloudfront.net (CloudFront)
x-amz-cf-id: nwY8xnYu8dAtHTPSoM8X8ZIAFTNjo43I2s7Np0g4PF9aghv3oSIdag==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 103ms
35ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Tue, 20 Oct 2020 15:17:22 GMT
x-host: s7.addthis.com
content-length: 116324
x-akamai-path-stats: [3:141006:4294965290],[3:138018:4294830278],[3:145538:4294827758],[3:138797:4294822499],[3:138203:4294829093],[3:138904:4294827392],[3:138596:4294829700],[3:142152:4294828144],[3:143957:4294820339],[3:142119:4294826177],[3:137818:4294830478]

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 5277
date: Tue, 20 Oct 2020 13:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Tue, 20 Oct 2020 15:49:25 GMT

GET
H/1.1 200
OK Roboto-Regular.woff2
www.tumgir.com/fonts/Roboto/ 63 KB
63 KB 429ms
208ms Font
application/octet-stream 159.203.91.122
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/fonts/Roboto/Roboto-Regular.woff2
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/css/style.c926fbb71c3aaabe09fb.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.91.122 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 364103bc6bf5b67d5297c758dd3f07ebdcb05f33d36291cb6d0549fb51e78659

Request headers

Origin: https://www.tumgir.com
Referer: https://www.tumgir.com/css/style.c926fbb71c3aaabe09fb.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 20 Oct 2020 15:17:22 GMT
Last-Modified: Fri, 05 Apr 2019 21:33:32 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ca7c9ac-fcf0"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64752

GET
H/1.1 200
OK Roboto-Bold.woff2
www.tumgir.com/fonts/Roboto/ 63 KB
64 KB 431ms
209ms Font
application/octet-stream 159.203.91.122
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/fonts/Roboto/Roboto-Bold.woff2
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/css/style.c926fbb71c3aaabe09fb.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.91.122 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: de6f62c798f4ded375ac0963d17d281254a91029a44209f3b9c68d4d4ec514ed

Request headers

Origin: https://www.tumgir.com
Referer: https://www.tumgir.com/css/style.c926fbb71c3aaabe09fb.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 20 Oct 2020 15:17:22 GMT
Last-Modified: Fri, 05 Apr 2019 21:33:32 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ca7c9ac-fd24"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64804

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
428 B 39ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1821126264&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumgir.com%2Ffavoredbyspring&ul=en-us&de=UTF-8&dt=favoredbyspring%20-%20Over%20the%20moon%20Tumblr%20Blog%20%7C%20Tumgir&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1858171605&gjid=1085970565&cid=939208261.1603207042&tid=UA-134279593-1&_gid=1728216043.1603207042&_r=1&_slc=1&z=1854846291

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Oct 2020 15:17:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bkpmSW4VaBU%2BMRs4CmtUTCISPR4dcElmGRk9SD0bAy0PO0ANJQtmHRlkDDpMQmgVJAhMcFdlTBorARYHCmhca1ZafFF4XkxmRDobDBUPLVxMcER%2FDFwsU31YXGdRKwpXZ1J%2BXQ1nXn0PC2cDKwteeAAsXA17AntMEw Show response
othernedm.info/ 38 KB
16 KB 381ms
125ms Script
application/javascript 54.237.125.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://othernedm.info/bkpmSW4VaBU%2BMRs4CmtUTCISPR4dcElmGRk9SD0bAy0PO0ANJQtmHRlkDDpMQmgVJAhMcFdlTBorARYHCmhca1ZafFF4XkxmRDobDBUPLVxMcER%2FDFwsU31YXGdRKwpXZ1J%2BXQ1nXn0PC2cDKwteeAAsXA17AntMEw
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.237.125.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-125-12.compute-1.amazonaws.com
Software: / Express
Resource Hash: 2725daba3283482bed7d3f12fa01e307c7c35f649354d081d9ad13d17b7978b1

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"961d-9xe6NuLwac5QnNQxa12cPBRYrfc"
status: 200
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H2 204 utx Show response
endriawoolr.top/ 0
414 B 309ms
229ms XHR
text/plain 13.227.156.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://endriawoolr.top/utx?cb=vOimBahCkv3O&top=www.tumgir.com&tid=852975
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852975
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.156.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-156-95.muc51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Oct 2020 15:17:24 GMT
via: 1.1 1ce2e02518867b6d4fdccf32e95ab8e4.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: MUC51-C1
status: 204
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: jcfCFFc6-BCu9DzejKG17JOhfpjzX11oIxgtowkx421nxvH78G-Gpg==

GET
H2 200 DnNsHABweEYCJXsBVzo9AXV2HSYOY2wYbyhCWj05f15EagUvY1kgfxhH
endriawoolr.top/NVNJQjFUMSovDlRuK2RERz90ZwNzdnsEVQRrLnRFAiQhJAlQOS9sUlk8PCZXRzwnNh9bNj1nA3MpGhp/WgF4LUB9EhAqa2FjKAZ5RTovB3dnMA57R3IBOi1/cT8GAEtvOQsQBQMYMC4UBxUCEARdHyMPaWMLH3p7ZxoOC3ZRJQ8laF4Jeipnd... Frame 8C59 0
0 189ms
135ms Document
text/html 13.227.156.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://endriawoolr.top/NVNJQjFUMSovDlRuK2RERz90ZwNzdnsEVQRrLnRFAiQhJAlQOS9sUlk8PCZXRzwnNh9bNj1nA3MpGhp/WgF4LUB9EhAqa2FjKAZ5RTovB3dnMA57R3IBOi1/cT8GAEtvOQsQBQMYMC4UBxUCEARdHyMPaWMLH3p7ZxoOC3ZRJQ8laF4JeipndgAEdlVwNwYPSFo+DgRkBBogdlB3ABwxfU0KBBtiDTwdJWRaGgoDV3cQE2cDczYzFFVUBDkxYGM7PwxIUgIIEVpAGS4DcGw+Ig5nWSN6D0hWGw0RRRBhDycBeBUDKF1GAh8lXn4EMQBmcWpscHdQYwcYVUIFfRBLGDcwIQNNER4BaEQcG3p/eBdxMHZ0FjMkAkZiERpjQQl5AFRsPiF3ZkIePw5YZDUdGmRvMQwEaH4pBCt3XmJ4I1gBBAo7RgQKDxhQUSkiKnBkMDgSA00RBSwIRQl5DHZWYT13YHAJMSMDTREeBmACHzELUHk9cHV/Y2J5IGZREhEvdEM3CyZTURQiLXdjJ2xwc3obCBppTAU/DnNsHABweEYCJXsBVzo9AXV2HSYOY2wYbyhCWj05f15EagUvY1kgfxhH
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852975
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.156.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-156-95.muc51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

:method: GET
:authority: endriawoolr.top
:scheme: https
:path: /NVNJQjFUMSovDlRuK2RERz90ZwNzdnsEVQRrLnRFAiQhJAlQOS9sUlk8PCZXRzwnNh9bNj1nA3MpGhp/WgF4LUB9EhAqa2FjKAZ5RTovB3dnMA57R3IBOi1/cT8GAEtvOQsQBQMYMC4UBxUCEARdHyMPaWMLH3p7ZxoOC3ZRJQ8laF4JeipndgAEdlVwNwYPSFo+DgRkBBogdlB3ABwxfU0KBBtiDTwdJWRaGgoDV3cQE2cDczYzFFVUBDkxYGM7PwxIUgIIEVpAGS4DcGw+Ig5nWSN6D0hWGw0RRRBhDycBeBUDKF1GAh8lXn4EMQBmcWpscHdQYwcYVUIFfRBLGDcwIQNNER4BaEQcG3p/eBdxMHZ0FjMkAkZiERpjQQl5AFRsPiF3ZkIePw5YZDUdGmRvMQwEaH4pBCt3XmJ4I1gBBAo7RgQKDxhQUSkiKnBkMDgSA00RBSwIRQl5DHZWYT13YHAJMSMDTREeBmACHzELUHk9cHV/Y2J5IGZREhEvdEM3CyZTURQiLXdjJ2xwc3obCBppTAU/DnNsHABweEYCJXsBVzo9AXV2HSYOY2wYbyhCWj05f15EagUvY1kgfxhH
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/favoredbyspring
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tumgir.com/favoredbyspring

Response headers

status: 200
content-type: text/html
content-length: 1268
date: Tue, 20 Oct 2020 15:17:24 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 1ce2e02518867b6d4fdccf32e95ab8e4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC51-C1
x-amz-cf-id: ROoWvF8p634dYhTqzarLHnhRxvhxGRM6yo5cD2gEoB3ci9U7f9bCaw==

GET
H2 204 utx Show response
endriawoolr.top/ 0
414 B 267ms
230ms XHR
text/plain 13.227.156.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://endriawoolr.top/utx?cb=bsnrHzirH4HS&top=www.tumgir.com&tid=852974
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.156.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-156-95.muc51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Oct 2020 15:17:24 GMT
via: 1.1 1ce2e02518867b6d4fdccf32e95ab8e4.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: MUC51-C1
status: 204
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: Rx12Yond0W1OPCcQha-2cCHglLqQjmncPdzmuD6_Yiv0qdSrjhqkaQ==

GET
H2 200 FEtwDAhjAVMhGAcfflh8UBdaUSwCCRNbDFQ+f18BWw5EIAlzDFcoMl8cWBF6VC5kHxpcGhADOV4XRlQlBxh1UDxQCH0M
endriawoolr.top/eTZpSjEYVAonDhgLC2xEC1pUbwM/E1sMVUgODnxFTkEBLAkcXA9kUhVZHC5XC1kHPh8XUx1vAz9HPCFdNWECJUkzXzxyVSpvDgYDHU8zeUUAVDF/ATBMDnt7OnxZAHYORCwScEB5EzlrNXFZP3w9bFkvaQ5bJDNSCmxbPQIzTwEkVEpnBgZLE... Frame 1C86 0
0 160ms
135ms Document
text/html 13.227.156.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://endriawoolr.top/eTZpSjEYVAonDhgLC2xEC1pUbwM/E1sMVUgODnxFTkEBLAkcXA9kUhVZHC5XC1kHPh8XUx1vAz9HPCFdNWECJUkzXzxyVSpvDgYDHU8zeUUAVDF/ATBMDnt7OnxZAHYORCwScEB5EzlrNXFZP3w9bFkvaQ5bJDNSCmxbPQIzTwEkVEpnBgZLEQUzJwlcBC8BWCwDDQ4FSXoDKUcwXDg8fxQOTHhzNgUKbwM/fAMPSzNcXSVTFFEkEAMdAQ95WRBvOhMGMmIaJGEDY1wFXAECLg0IHlM6AwEpXAomUxReXxpIHlkPeVkQfAMiFEtwDA14AVQEIgcgBQIfUEoCJyx2VHxMeHcccSAlfgBZBARLTUMmCXROZj5/Xj1xDXxXMWRcEHYBAwgneEx/PXICM1gNfXIxD10TWCxfJBkISlNaOQg1TCwjezF4HxN5ElkkIFZAfCp/FEtwDAhjAVMhGAcfflh8UBdaUSwCCRNbDFQ+f18BWw5EIAlzDFcoMl8cWBF6VC5kHxpcGhADOV4XRlQlBxh1UDxQCH0M
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.156.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-156-95.muc51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

:method: GET
:authority: endriawoolr.top
:scheme: https
:path: /eTZpSjEYVAonDhgLC2xEC1pUbwM/E1sMVUgODnxFTkEBLAkcXA9kUhVZHC5XC1kHPh8XUx1vAz9HPCFdNWECJUkzXzxyVSpvDgYDHU8zeUUAVDF/ATBMDnt7OnxZAHYORCwScEB5EzlrNXFZP3w9bFkvaQ5bJDNSCmxbPQIzTwEkVEpnBgZLEQUzJwlcBC8BWCwDDQ4FSXoDKUcwXDg8fxQOTHhzNgUKbwM/fAMPSzNcXSVTFFEkEAMdAQ95WRBvOhMGMmIaJGEDY1wFXAECLg0IHlM6AwEpXAomUxReXxpIHlkPeVkQfAMiFEtwDA14AVQEIgcgBQIfUEoCJyx2VHxMeHcccSAlfgBZBARLTUMmCXROZj5/Xj1xDXxXMWRcEHYBAwgneEx/PXICM1gNfXIxD10TWCxfJBkISlNaOQg1TCwjezF4HxN5ElkkIFZAfCp/FEtwDAhjAVMhGAcfflh8UBdaUSwCCRNbDFQ+f18BWw5EIAlzDFcoMl8cWBF6VC5kHxpcGhADOV4XRlQlBxh1UDxQCH0M
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/favoredbyspring
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tumgir.com/favoredbyspring

Response headers

status: 200
content-type: text/html
content-length: 1224
date: Tue, 20 Oct 2020 15:17:24 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 1ce2e02518867b6d4fdccf32e95ab8e4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC51-C1
x-amz-cf-id: XiJi1KIW9SIaJg-4FocQpOmfUJwxFvkiW0JR1KzuAN0feFBTITvnRQ==

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 98ms
32ms Script
application/x-javascript 95.101.185.246
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:24 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 3DA20F33DFB043F4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=63668
accept-ranges: bytes
content-length: 948
x-amz-id-2: g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5c61e9923da745ae/ 1 KB
691 B 77ms
74ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5c61e9923da745ae/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b1407278f2000cc72b2c477790dd5b22eb51167d6dafc9ddc1c31b81b12a3434

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:24 GMT
content-encoding: gzip
etag: 1208431126--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=40, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 515

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 178ms
176ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5f8eff84867c50de&bkl=0&bl=1&pdt=1287&sid=5f8eff84867c50de&pub=ra-5c61e9923da745ae&rev=v8.28.7-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tumgir.com&fp=favoredbyspring&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1603207044564&jsl=1&uvs=5f8eff8464c69b5d000&skipb=1&callback=addthis.cbs.jsonp__274585019252429060
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0c0b1d45ea3d6605db5b86653c2dd5e32c5254697305527380152bb152ea69e6

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Tue, 20 Oct 2020 15:17:24 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 5C39 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 0FE7 0
0 53ms
52ms Document
text/html 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/favoredbyspring
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tumgir.com/favoredbyspring

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 20 Oct 2020 15:17:24 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 layers.33f5b85045a5f2308467.js Show response
s7.addthis.com/static/ 263 KB
76 KB 38ms
38ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.33f5b85045a5f2308467.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Tue, 20 Oct 2020 15:17:24 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77540

GET
H2 200 / Show response
graph.facebook.com/ 228 B
615 B 66ms
50ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=http%3A%2F%2Fwww.tumgir.com%2Ffavoredbyspring&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_910k0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

02666c4cc30f12c56c185c7e720f6ef179b921583049fbfa8f720fab272dfa0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
status: 200
x-fb-rev: 1002851056
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 171
pragma: no-cache
x-fb-debug: RzLmpcfBvAoLGFkbeOsM51fv/aBurPl8vYQrwfzCpDD8EehGyB79rQ5Az7WlK8U3ADn88dMeIv7gcb/PWcBcgQ==
x-fb-trace-id: DPWpRHElmWu
date: Tue, 20 Oct 2020 15:17:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: ALlQISXezjaoMmIOiU0qGfM
cache-control: no-store
facebook-api-version: v3.1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 84 B
311 B 192ms
124ms Script
application/javascript 151.101.112.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.tumgir.com%2Ffavoredbyspring&callback=window._ate.cbs.rcb_fvm10

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0340bfbddf7382dd92004025b3e70ace1a61f84d68ab51cbdaedc556697869d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
status: 200
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 3
accept-ranges: none
x-pinterest-rid: 7237257045620104
expires: Tue, 20 Oct 2020 15:32:24 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
292 B 1013ms
1009ms Script
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tumgir.com%2Ffavoredbyspring&callback=_ate.cbs.rcb_iaik0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

5eac828b4e198f57b6ed5a10b2f93fde5861c4aa67b6150e15e9c0bb48508116

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.tumgir.com/favoredbyspring
last-modified: Tue, 20 Oct 2020 15:17:25 GMT
server: nginx/1.15.8
date: Tue, 20 Oct 2020 15:17:25 GMT
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 / Show response
graph.facebook.com/ 228 B
324 B 65ms
51ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.tumgir.com%2Ffavoredbyspring&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_28y90

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

add276058859b75262c436967c0f2ae4cbf6ebd86b7528a0491a79c8df588f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
status: 200
x-fb-rev: 1002851056
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 170
pragma: no-cache
x-fb-debug: u/JpKdYjeK6Rr+dvavlGAukrcaEPx6oPjFetCZ/eSKzQDkhT/+ZMjIDNJ20tvtwWOcq64HIXmrUZKrKpOn6KoA==
x-fb-trace-id: AcJhboSMMQ4
date: Tue, 20 Oct 2020 15:17:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AU2t59SLClI8xda5RC47ECQ
cache-control: no-store
facebook-api-version: v3.1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 85 B
149 B 193ms
125ms Script
application/javascript 151.101.112.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.tumgir.com%2Ffavoredbyspring&callback=window._ate.cbs.rcb_4uoo0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

51f3524665ad414e566c2a0793de05795fbedc225d3907334f9fd7e2f420fa9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
status: 200
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 2
accept-ranges: none
x-pinterest-rid: 9543618301725204
expires: Tue, 20 Oct 2020 15:32:24 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
292 B 208ms
205ms Script
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tumgir.com%2Ffavoredbyspring&callback=_ate.cbs.rcb_d1bg0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

25ce42445270f509b7be64a0c73d2749f63618112cc1450f5ce5aea5fc6b4b6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.tumgir.com/favoredbyspring
last-modified: Tue, 20 Oct 2020 15:17:24 GMT
server: nginx/1.15.8
date: Tue, 20 Oct 2020 15:17:24 GMT
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 popunder.gif
nsidereturn.club/ 35 B
368 B 205ms
130ms Image
image/gif 99.86.2.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nsidereturn.club/popunder.gif
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/favoredbyspring
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-32.fra6.r.cloudfront.net
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Tue, 20 Oct 2020 15:17:25 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
status: 200
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
content-length: 58
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-id: DJDpmZtWX2b_FjF3U-TnnJFAhyIrmyQh9UKh4Xb_KtiGQWQBVU420A==

GET
H2 200 floater Show response
endriawoolr.top/ 5 KB
3 KB 650ms
650ms XHR
text/plain 13.227.156.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://endriawoolr.top/floater?tid=852974&red=1&cs=Tk1UUW5%2Fe2c3DC14ZGBbe35jY15%2B&abt=0&v=0.5.52.1&sm=83&k=over%20moon%20explore%20with%20restrictions%20modern%20design%20best%20experience%20tumblr%20blog%20tumgir&sts=0&prn=0&emb=0&fs=1&aa=td3&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww.tumgir.com%2Ffavoredbyspring&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F83.0.4103.61%20safari%2F537.36&tzd=2&uloc=&if=0&_tUNb=1603207045177&crc=1
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.156.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-156-95.muc51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: b7ee8e2692608978abb732b7bbfb7797e7da0aaa2097ad3c991b6c3928d1af40

Request headers

Referer: https://www.tumgir.com/favoredbyspring
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Oct 2020 15:17:25 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: MUC51-C1
status: 200
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: text/plain
content-length: 2828
via: 1.1 1ce2e02518867b6d4fdccf32e95ab8e4.cloudfront.net (CloudFront)
x-amz-cf-id: 0xVS1-cpvGPpc4zmasw-KIiE9QFv4drjnLZf3UpiSy87uagnEIsbqA==

GET getImage
ngp4.intnotif.club/adServe/wpnFeed/ 0
0

GET
H2

200

9174ab3ac4e83931e76281a9773fa2f08a39cce63e890e30fff3817773f513d7.png
www.ssaimg.com/~lDwrnvAdJts/ Frame 0E9E
Redirect Chain

https://ngp4.intnotif.club/adServe/wpnFeed/getImage?ai=BNdG0VyVM1Gu5zTofLxYwlt248FJq917Hy1WQF77YQqEqPUJWXM0RNGbZDOZtxltoukKvnHAyRcMnqwi_8T7NKx_kfbd4fxPoq5j2_ioPXD8SRrDshmUeZ9tJVU0tWTVt7qEDjWGmxuMm6...
https://www.ssaimg.com/~lDwrnvAdJts/9174ab3ac4e83931e76281a9773fa2f08a39cce63e890e30fff3817773f513d7.png

4 KB
4 KB

96ms
31ms

Image
image/png

94.31.29.131
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ssaimg.com/~lDwrnvAdJts/9174ab3ac4e83931e76281a9773fa2f08a39cce63e890e30fff3817773f513d7.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.131 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.131.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 9174ab3ac4e83931e76281a9773fa2f08a39cce63e890e30fff3817773f513d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:17:28 GMT
last-modified: Thu, 01 Oct 2020 11:38:48 GMT
server: NetDNA-cache/2.2
etag: "5f75bfc8-102d"
x-cache: HIT
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 4141

Redirect headers

status: 302
date: Tue, 20 Oct 2020 15:17:28 GMT
server: nginx
access-control-allow-origin: *
content-length: 0
location: https://www.ssaimg.com/~lDwrnvAdJts/9174ab3ac4e83931e76281a9773fa2f08a39cce63e890e30fff3817773f513d7.png
access-control-allow-methods: POST

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: ngp4.intnotif.club
URL: https://ngp4.intnotif.club/adServe/wpnFeed/getImage?ai=BNdG0VyVM1Gu5zTofLxYwlt248FJq917Hy1WQF77YQqEqPUJWXM0RNGbZDOZtxltoukKvnHAyRcMnqwi_8T7NKx_kfbd4fxPoq5j2_ioPXD8SRrDshmUeZ9tJVU0tWTVt7qEDjWGmxuMm63paH6Hd3sR61bUShznUArlYAR-beEUTsIlbJx8MlIhQVtJGJDJoe22Om4jEBLVBc9OfjpeyvkRVCywS_Jg0L9KYcex8iBfEi_dw-XGx7Awo8h51rjW1elXWEBINGeVrXeWUtKEKS5sKuSq92AfoDXjYvczZuwmx8V67OnosLq24wyLJbsOf9xurF1wL5UXshoHf66ZQfLUakIrvlxIbbzyyGQTyZDH4niqbP7svVv39NOsLHl8uk1yhBCHvH18tFa8M9evRBj6A7F6eFPBS0V2PkxrzhNT3pxNEcHCIppKNW8hJ2h4M_RoViYgjdJzfTDAasNq5KgKXmJLBoxDvkX9dKv-noB4405IFX6R6wozeYbpgkILQ_f6CDHEAYeCsAQMqUl0Lm_fIVhiajvNvIDvYpBXcVJj30acqVzszGyvWo5elBrOnRNQiwAqYuvLK0CF86GPvOOcLzGERWTc

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64.media.tumblr.com
api-public.addthis.com
api.tumblr.com
d18g6t7whf8ejf.cloudfront.net
endriawoolr.top
graph.facebook.com
m.addthis.com
ngp4.intnotif.club
nsidereturn.club
othernedm.info
s7.addthis.com
v1.addthisedge.com
widgets.pinterest.com
www.google-analytics.com
www.ssaimg.com
www.tumgir.com
z.moatads.com
ngp4.intnotif.club
s7.addthis.com
13.227.156.95
151.101.112.84
152.199.21.147
159.203.91.122
173.192.101.24
192.0.77.3
23.210.248.44
2a00:1450:4001:808::200e
2a03:2880:f01c:800e:face:b00c:0:2
52.222.177.202
54.237.125.12
94.31.29.131
95.101.185.246
99.86.2.32
02666c4cc30f12c56c185c7e720f6ef179b921583049fbfa8f720fab272dfa0c
0340bfbddf7382dd92004025b3e70ace1a61f84d68ab51cbdaedc556697869d4
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0a36a372ba715a0e5692cc195591470adc88756b6ab1f10e45934553778a7c5a
0c0b1d45ea3d6605db5b86653c2dd5e32c5254697305527380152bb152ea69e6
1267f33b4469782803b06e9b3f6027c7e457732adb735e4364104119f39d8f43
137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be
1a378851bff280753b92fd25a7321651d6203c346d7d5e37e7e31ed0a96be77f
25ce42445270f509b7be64a0c73d2749f63618112cc1450f5ce5aea5fc6b4b6a
2725daba3283482bed7d3f12fa01e307c7c35f649354d081d9ad13d17b7978b1
272ea7a4b9f2ac3caaece88a971ee01e230ce3aa39a832e70b649385b20e3888
2a751f19cd03ceed42fdf5634031ffd6cf96c4f282c13613c5ef66f7a23b521a
32c9e2afb1104b439f07a33b3a5ba88daee8ee78de3020afc105f294bd2bfaa2
364103bc6bf5b67d5297c758dd3f07ebdcb05f33d36291cb6d0549fb51e78659
3eaa906bc7acf08a6e50c88cade1eaa882dfccf772a83a2824542eb147ec027e
4142b20599d38d79427fbd75f39898d90bbbab21aeda340f49347495ab29538a
4858013f46551faa26a8bd17a38cd248fb991478585515524c12a08b995e2a5c
4d9575fc331fa24142650ca3aa50ec5e7c5e10259005f9f9f4e9bf3b8880e7d4
51b81914be34975d66afb97a01d3294558ac740aa811e68f6dc13eb4ab3e0ae3
51f3524665ad414e566c2a0793de05795fbedc225d3907334f9fd7e2f420fa9c
5489730cac32e72f91d4b11b4de1659c1a73fa080db495a66e2b0f9120c82ada
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5eac828b4e198f57b6ed5a10b2f93fde5861c4aa67b6150e15e9c0bb48508116
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
70ae3f1bafa2d75833c9c345cbfcce17ca5e6f8dc7c368b76c3cee7fd4085148
74da081db1ee79e5b2fe8be79c858e941d374f60d4b960a51fbfa04d97688016
7b0c67159d1d60e616dd8e41b770d6423acc5661eae9725b3c61bcb52bce3ed7
800ecc75dade85a24ada2d08aae7e3edbe43630a3857fd05a2401952d8821437
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c1ed5544fff50adcf95d42e970a0a39047c3369ff7768df5cc27f3688f4996
8504dcb707c0ad694b99ce8138fa237e157b0e772bd57ca197d2a7d133ec3806
86ec137fd2ada1764a063312d066166e81082edd674e640bd193548835601f18
9174ab3ac4e83931e76281a9773fa2f08a39cce63e890e30fff3817773f513d7
952d86528f522cb3d3672245163abd5f0df9ac5e8a8d95acbe7ddb3132f82306
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a3ec9857408d33ab9d5b663cf609a7a687bf968f6389d81473c1b5e004361461
ab4bc174af928a0bf74083a1236ad12f0bf11f6eadb6033ca5a16f242a5517c3
add276058859b75262c436967c0f2ae4cbf6ebd86b7528a0491a79c8df588f1f
b1407278f2000cc72b2c477790dd5b22eb51167d6dafc9ddc1c31b81b12a3434
b7ee8e2692608978abb732b7bbfb7797e7da0aaa2097ad3c991b6c3928d1af40
d316f9a4c65c3b35ab9e41b3813898926a4c2f2bea97435ac4db480b27f64dd1
d5649badf55425e6605f2582fcc5a7821bd354f93ea4a540f81470d39371e173
db1878ea8ebc62b3df8d8c846f63e09e66bab7d18114d987f7895e5454bcc3c6
de6f62c798f4ded375ac0963d17d281254a91029a44209f3b9c68d4d4ec514ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
f9fc0c5c616d7b576a1527ad68274f344eaad3811165cd2a124a41935f1d76da

www.tumgir.com Open in urlscan Pro 159.203.91.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

52 Requests

96 %HTTPS

14 %IPv6

14 Domains

17 Subdomains

13 IPs

6 Countries

1955 kBTransfer

2767 kBSize

0 Cookies

20 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tumgir.com Open in urlscan Pro
159.203.91.122 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

96 %
HTTPS

14 %
IPv6

14
Domains

17
Subdomains

13
IPs

6
Countries

1955 kB
Transfer

2767 kB
Size

0
Cookies

52 HTTP transactions
1 data transactions