www.tumgir.com Open in urlscan Pro
2606:4700:20::681a:d2d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.tumgir.com/
Effective URL:
https://www.tumgir.com/
Submission: On June 29 via manual (June 29th 2022, 1:36:22 am UTC) from AU — Scanned from US

Summary HTTP 194 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 48 IPs in 6 countries across 67 domains to perform 194 HTTP transactions. The main IP is 2606:4700:20::681a:d2d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tumgir.com. The Cisco Umbrella rank of the primary domain is 372354.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2022. Valid for: a year.

This is the only time www.tumgir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2606:4700:20:... 2606:4700:20::681a:d2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2008	15169 (GOOGLE) (GOOGLE)
5 5	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
25	192.0.77.3 192.0.77.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.192.100.18 54.192.100.18	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:21d... 2600:9000:21da:7800:6:2e3c:5fc0:21	16509 (AMAZON-02) (AMAZON-02)
1	65.8.49.110 65.8.49.110	16509 (AMAZON-02) (AMAZON-02)
8	104.126.112.161 104.126.112.161	16625 (AKAMAI-AS) (AKAMAI-AS)
2	44.195.137.121 44.195.137.121	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
8	2606:4700:303... 2606:4700:3030::ac43:dadd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	99.84.37.37 99.84.37.37	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700:303... 2606:4700:3037::ac43:c9ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:80f::200d	15169 (GOOGLE) (GOOGLE)
1	184.29.129.187 184.29.129.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2 17	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
8	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
16	3.140.30.91 3.140.30.91	16509 (AMAZON-02) (AMAZON-02)
3	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
7 7	23.22.86.116 23.22.86.116	14618 (AMAZON-AES) (AMAZON-AES)
5 5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	23.32.172.185 23.32.172.185	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.127.172.242 104.127.172.242	16625 (AKAMAI-AS) (AKAMAI-AS)
3	184.29.128.213 184.29.128.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
3 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
3 3	207.198.113.86 207.198.113.86	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
2 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
2 2	192.35.249.120 192.35.249.120	11742 (SPOTX-IAD) (SPOTX-IAD)
2	2607:f8b0:400... 2607:f8b0:4006:806::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:807::2006	15169 (GOOGLE) (GOOGLE)
1	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
8 11	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2 17	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
9 11	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 1	199.187.193.199 199.187.193.199	47043 (SMARTADSE...) (SMARTADSERVER)
1 1	193.122.128.135 193.122.128.135	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
7	104.36.115.109 104.36.115.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2 2	173.231.184.20 173.231.184.20	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	52.54.46.88 52.54.46.88	14618 (AMAZON-AES) (AMAZON-AES)
4 4	199.127.204.142 199.127.204.142	26120 (RHYTHMONE) (RHYTHMONE)
1 2	52.206.110.83 52.206.110.83	14618 (AMAZON-AES) (AMAZON-AES)
1 1	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	54.88.224.139 54.88.224.139	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700:440... 2606:4700:4400::6812:230b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	104.67.11.79 104.67.11.79	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 1	3.81.232.90 3.81.232.90	14618 (AMAZON-AES) (AMAZON-AES)
1	54.92.156.105 54.92.156.105	14618 (AMAZON-AES) (AMAZON-AES)
2	104.36.115.114 104.36.115.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	169.60.66.35 169.60.66.35	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
1 2	2600:1f18:4e9... 2600:1f18:4e9:5a02:eebc:c3b5:218:49cd	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
1	44.196.141.245 44.196.141.245	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.7.59.203 52.7.59.203	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2606:ae80:145... 2606:ae80:1451:24::730	26762 (CNVR-US-EAST) (CNVR-US-EAST)
1 1	68.67.161.182 68.67.161.182	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	14618 (AMAZON-AES) (AMAZON-AES)
3 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
1 2	4.78.226.233 4.78.226.233	3356 (LEVEL3) (LEVEL3)
1 1	45.35.192.162 45.35.192.162	40676 (AS40676) (AS40676)
1	52.92.178.185 52.92.178.185	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
1	2001:4998:14:... 2001:4998:14:800::1000	14777 (YAHOO) (YAHOO)
2 3	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
194	48

10 2606:4700:20::681a:d2d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.tumgir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.77.40 (San Francisco, United States) 5 redirects

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

api.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

64.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.100.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-100-18.ewr53.r.cloudfront.net

d18g6t7whf8ejf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21da:7800:6:2e3c:5fc0:21 (United States)

ASN16509 (AMAZON-02, US)

dmmzkfd82wayn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.8.49.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-49-110.ord52.r.cloudfront.net

video-serve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.126.112.161 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-161.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.195.137.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-137-121.compute-1.amazonaws.com

mefagetobri.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
happearedyn.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3030::ac43:dadd (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 99.84.37.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-37.ewr52.r.cloudfront.net

getherefwuk.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3037::ac43:c9ba (United States)

ASN13335 (CLOUDFLARENET, US)

ationsuchasr.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200d (New York, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.29.129.187 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-129-187.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.2.137 (United States) 2 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cks.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ck.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pl.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 3.140.30.91 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-140-30-91.us-east-2.compute.amazonaws.com

capi-tier-2-us-east-2.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::200a (New York, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.22.86.116 (Ashburn, United States) 7 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-86-116.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.114 (Brooklyn, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.172.185 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-172-185.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.29.128.213 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-128-213.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

i.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 207.198.113.86 (Herndon, United States) 3 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.197.56 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.35.249.120 (Ashburn, United States) 2 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:806::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::2006 (New York, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80f::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 69.173.151.100 (United States) 8 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.167.164.49 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 8.28.7.83 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.200.232.253 (Frederick, United States) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.80.66 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.199 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.128.135 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.231.184.20 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)
PTR: lga-cassandra-1.sys.adgear.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.46.88 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-46-88.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.127.204.142 (United States) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.206.110.83 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-110-83.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.88.224.139 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-224-139.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:230b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.67.11.79 (New York, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-67-11-79.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.81.232.90 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-81-232-90.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.92.156.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-156-105.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.60.66.35 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 23.42.3ca9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:4e9:5a02:eebc:c3b5:218:49cd (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.33.138 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.196.141.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-141-245.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.59.203 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-59-203.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:24::730 (United States) 2 redirects

ASN26762 (CNVR-US-EAST, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.161.182 (Brooklyn, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 4.78.226.233 (Irving, United States) 1 redirects

ASN3356 (LEVEL3, US)

pmp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.35.192.162 (United States) 1 redirects

ASN40676 (AS40676, US)

sync.resetdigital.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.178.185 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

webpick-cdn.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.177.54 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.125.22 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	connatix.com 2 redirects cd.connatix.com — Cisco Umbrella Rank: 3762 cds.connatix.com — Cisco Umbrella Rank: 3876 capi.connatix.com — Cisco Umbrella Rank: 4121 ins.connatix.com — Cisco Umbrella Rank: 5441 capi-tier-2-us-east-2.connatix.com — Cisco Umbrella Rank: 5283 vid.connatix.com — Cisco Umbrella Rank: 4773 cks.connatix.com — Cisco Umbrella Rank: 5405 img.connatix.com — Cisco Umbrella Rank: 4572 pl.connatix.com — Cisco Umbrella Rank: 7015 ck.connatix.com — Cisco Umbrella Rank: 6210	2 MB
30	pubmatic.com 2 redirects ads.pubmatic.com — Cisco Umbrella Rank: 488 image6.pubmatic.com — Cisco Umbrella Rank: 629 simage2.pubmatic.com — Cisco Umbrella Rank: 611 image2.pubmatic.com — Cisco Umbrella Rank: 865 image4.pubmatic.com — Cisco Umbrella Rank: 882 simage4.pubmatic.com Failed	36 KB
30	tumblr.com 5 redirects api.tumblr.com — Cisco Umbrella Rank: 32429 64.media.tumblr.com — Cisco Umbrella Rank: 13210	37 MB
14	rubiconproject.com 9 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1036 eus.rubiconproject.com — Cisco Umbrella Rank: 573 token.rubiconproject.com — Cisco Umbrella Rank: 711 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 993 pixel.rubiconproject.com — Cisco Umbrella Rank: 336	17 KB
14	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	158 KB
11	getherefwuk.xyz getherefwuk.xyz	12 KB
10	tumgir.com 1 redirects www.tumgir.com — Cisco Umbrella Rank: 372354	56 KB
9	ationsuchasr.xyz ationsuchasr.xyz	4 KB
8	freychang.fun freychang.fun — Cisco Umbrella Rank: 25689	403 KB
7	bidr.io 7 redirects match.prod.bidr.io — Cisco Umbrella Rank: 474	3 KB
7	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1484 m.addthis.com — Cisco Umbrella Rank: 1421 api-public.addthis.com — Cisco Umbrella Rank: 4298	219 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 286 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1274	5 KB
6	cloudfront.net d18g6t7whf8ejf.cloudfront.net dmmzkfd82wayn.cloudfront.net	177 KB
5	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 479 ups.analytics.yahoo.com — Cisco Umbrella Rank: 299 ads.yahoo.com — Cisco Umbrella Rank: 1058	3 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120	38 KB
5	adsrvr.org 5 redirects match.adsrvr.org — Cisco Umbrella Rank: 367	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71 imasdk.googleapis.com — Cisco Umbrella Rank: 425	739 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	2 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 540	2 KB
3	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
3	sitescout.com 3 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 587	2 KB
3	rlcdn.com 3 redirects id.rlcdn.com — Cisco Umbrella Rank: 635 idsync.rlcdn.com — Cisco Umbrella Rank: 321	842 B
3	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 408 ib.adnxs.com — Cisco Umbrella Rank: 244	3 KB
2	mxptint.net 1 redirects pmp.mxptint.net — Cisco Umbrella Rank: 5558	965 B
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 5069	752 B
2	dotomi.com 2 redirects pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3635	744 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1270 beacon.krxd.net — Cisco Umbrella Rank: 457	507 B
2	pippio.com 2 redirects pippio.com — Cisco Umbrella Rank: 809	718 B
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1004	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2209	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 790	1 KB
2	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1398	572 B
2	adgrx.com 2 redirects cm.adgrx.com — Cisco Umbrella Rank: 1459	1 KB
2	criteo.com 1 redirects dis.criteo.com — Cisco Umbrella Rank: 717 widget.us.criteo.com — Cisco Umbrella Rank: 16628	722 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 462	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 612	744 B
2	gstatic.com fonts.gstatic.com	32 KB
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 501	1 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 444	656 B
2	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1268	2 KB
2	google.com accounts.google.com — Cisco Umbrella Rank: 116
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 395	573 B
1	amazonaws.com webpick-cdn.s3.amazonaws.com — Cisco Umbrella Rank: 212078 Failed	3 KB
1	resetdigital.co 1 redirects sync.resetdigital.co — Cisco Umbrella Rank: 2597	485 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 443	543 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1030	522 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1200	35 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 801	518 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 851	659 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1301	674 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1121	633 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 753	615 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 922	222 B
1	technoratimedia.com 1 redirects sync.technoratimedia.com — Cisco Umbrella Rank: 1161	800 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 653	763 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 556	800 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	17 KB
1	ctnsnet.com 1 redirects i.ctnsnet.com — Cisco Umbrella Rank: 4280	454 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1711	680 B
1	happearedyn.xyz happearedyn.xyz	37 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 406	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 96
1	mefagetobri.top mefagetobri.top — Cisco Umbrella Rank: 542414	23 KB
1	video-serve.com video-serve.com — Cisco Umbrella Rank: 168794	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	28 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	40 KB
194	67

	Domain	Requested by
25	64.media.tumblr.com	www.tumgir.com
17	simage2.pubmatic.com	2 redirects ads.pubmatic.com
16	capi-tier-2-us-east-2.connatix.com	cd.connatix.com ads.pubmatic.com
11	cm.g.doubleclick.net	9 redirects eus.rubiconproject.com
11	getherefwuk.xyz	dmmzkfd82wayn.cloudfront.net d18g6t7whf8ejf.cloudfront.net mefagetobri.top
10	www.tumgir.com	1 redirects www.tumgir.com
9	ationsuchasr.xyz	www.tumgir.com d18g6t7whf8ejf.cloudfront.net
8	freychang.fun	dmmzkfd82wayn.cloudfront.net d18g6t7whf8ejf.cloudfront.net
7	image2.pubmatic.com	ads.pubmatic.com
7	match.prod.bidr.io	7 redirects
6	token.rubiconproject.com	5 redirects eus.rubiconproject.com
6	cks.connatix.com
6	vid.connatix.com	cd.connatix.com cds.connatix.com
5	pagead2.googlesyndication.com	srcdoc
5	match.adsrvr.org	5 redirects
5	api.tumblr.com	5 redirects
4	pixel.rubiconproject.com	2 redirects eus.rubiconproject.com
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	capi.connatix.com	cd.connatix.com eus.rubiconproject.com
4	cds.connatix.com	cd.connatix.com
4	dmmzkfd82wayn.cloudfront.net	www.tumgir.com getherefwuk.xyz
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	x.bidswitch.net	3 redirects
3	sync.1rx.io	3 redirects
3	c1.adform.net	2 redirects ads.pubmatic.com
3	pixel-sync.sitescout.com	3 redirects
3	ads.pubmatic.com	cd.connatix.com ads.pubmatic.com
3	securepubads.g.doubleclick.net	cd.connatix.com securepubads.g.doubleclick.net
3	api-public.addthis.com	s7.addthis.com
3	s7.addthis.com	www.tumgir.com s7.addthis.com
2	pmp.mxptint.net	1 redirects ads.pubmatic.com
2	pool.admedo.com	2 redirects
2	pubmatic-match.dotomi.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	image4.pubmatic.com	ads.pubmatic.com
2	pippio.com	2 redirects
2	px.owneriq.net	2 redirects
2	pm.w55c.net	2 redirects
2	beacon.lynx.cognitivlabs.com	1 redirects ads.pubmatic.com
2	cm.adgrx.com	2 redirects
2	sync.mathtag.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	sync.search.spotxchange.com	2 redirects
2	pixel.tapad.com	2 redirects
2	loadm.exelator.com	2 redirects
2	id.rlcdn.com	2 redirects
2	eus.rubiconproject.com	cd.connatix.com eus.rubiconproject.com
2	secure.adnxs.com	2 redirects
2	accounts.google.com	www.tumgir.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	d18g6t7whf8ejf.cloudfront.net	www.tumgir.com getherefwuk.xyz
1	ads.yahoo.com	eus.rubiconproject.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	webpick-cdn.s3.amazonaws.com	d18g6t7whf8ejf.cloudfront.net
1	ck.connatix.com	1 redirects
1	pixel-us-east.rubiconproject.com	1 redirects
1	sync.resetdigital.co	1 redirects
1	pixel.quantserve.com	1 redirects
1	ib.adnxs.com	1 redirects
1	sync.ipredictive.com	1 redirects
1	rtb.adentifi.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	um.simpli.fi	1 redirects
1	beacon.krxd.net	ads.pubmatic.com
1	usermatch.krxd.net	1 redirects
1	idsync.rlcdn.com	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	widget.us.criteo.com	ads.pubmatic.com
1	dis.criteo.com	1 redirects
1	match.deepintent.com	ads.pubmatic.com
1	sync.technoratimedia.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	bh.contextweb.com	1 redirects
1	pl.connatix.com	cd.connatix.com
1	image6.pubmatic.com	ads.pubmatic.com
1	s0.2mdn.net	imasdk.googleapis.com
1	img.connatix.com
1	i.ctnsnet.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	ins.connatix.com	cd.connatix.com
1	cd.connatix.com	1 redirects
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	happearedyn.xyz	mefagetobri.top
1	z.moatads.com	s7.addthis.com
1	www.facebook.com	www.tumgir.com
1	mefagetobri.top	www.tumgir.com
1	video-serve.com	www.tumgir.com
1	cdnjs.cloudflare.com	www.tumgir.com
1	www.googletagmanager.com	www.tumgir.com
1	fonts.googleapis.com	www.tumgir.com
0	simage4.pubmatic.com Failed	ads.pubmatic.com
194	99

This site contains links to these domains. Also see Links.

Domain
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-09` - `2023-04-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.media.tumblr.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
video-serve.com Amazon	`2022-01-26` - `2023-02-24`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
mefagetobri.top R3	`2022-05-12` - `2022-08-10`	3 months	crt.sh
getherefwuk.xyz Amazon	`2022-06-22` - `2023-07-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-07` - `2022-07-06`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
happearedyn.xyz R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-25` - `2022-08-19`	3 months	crt.sh
beacon.lynx.cognitivlabs.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://www.tumgir.com/
Frame ID: 0C59136F8C01C92DB9BCCF97D45FD8AD
Requests: 96 HTTP requests in this frame

Frame: https://getherefwuk.xyz/Sm53MFcrDBRdaCtTFRYiOAJKFWUMS0V2MycDDVsxLlZFRzYzAFlTOyUbE1YlJQADHjkvGlICEQg8R2YYGCYQWxwjLx5iLQcdPF47CAovYmAuBTVYGzBeBXY9Llo0cwIIJTV1EAQJMmIRDQkAcT4EWhFdHh8kHkMnLzhDWRwzX0JjAA8FPFkNDA1FfWEELBRDMg5WDnQDAxw+czwsIw12OAc8GwYcCStSAhUPPQRAG3goPHEPCAkTdmZ7CiBpLQ89HFgeHiM7aTkuS0VyHC0WHlRkf18kdzt7D0RTYRMAExVlCCMPdScpXQdYBD04EFYfGy8UaBEkNyJAZAAqWgRnDC0+SRwzNyN8PQwcE1piMwoZXCYZXTFXMQI8JnwUelg8YgUjCgABPxkAFEAdM1YTaTkuS0VyHjJeHHw+DBovaAF7IiRHHAEtEEIOHwE1VB9/XSFeMzgLRGIYLlwDBzN7X0ZUA3oCP1kOeSRFdhwLNjUJNHs0R1NlLRYlaA5sBARfOTpTMVEuJTo/Qi4cPw
Frame ID: A8436267E8D47C5631E2AEA3DA84AAF6
Requests: 2 HTTP requests in this frame

Frame: https://getherefwuk.xyz/Ung4TmQzGlsjWzNFWmgRIBQFa1YUXQoIAD8VQiUCNkAKOQUrFhYtCD0NXCgWPRZMYAo3DB18Ijwsfx8cHz5pOCdjQW8vHjU2bh9VIR1uLSITP3I/IDkyXgEOKiJdBiERNnx/MgcpdXshNS4NCBM2O2obCyUbbh88CjxtJyUlD28DNxswfA8iKzRpDDAWL3o/IQQ5dgE3Hx1vCBNmNG0LIDYVficyECl7FCMDLG8IUCUxQAAnFC9idic5LW4UCioueRxRORluKh4UL2J2IWMQXRcKOjp5IC4qHlQcLhAVeiI1AzV5ADAlLWAYMTgzaRQFBSt6PjI8VVsIPmEMcw8DCABeIjUIL0I5UBEuCBg+NUF6DxMTTHIfXQc+bxRcE0lqGjQrNnYIJRgTdDkcFiBCJRQDKXZ8PgoAYAYTEE5dGDUaOXA+UQQAaQ0+FkB+GFUXFXIbIRYcVQhBYD5tNlwWIVUhNhY5fWgOIRdWPlkbOW42PTYZbzsSZjF7BQ
Frame ID: 230A867BB08DB144367648B77414FA88
Requests: 2 HTTP requests in this frame

Frame: https://getherefwuk.xyz/QkJ6dUYjIBkYeSN/GFMzMC5HUHQEZ0gzIi8vAB4gJnpIAic7LFQWKi03HhM0LSwOWygnNl9HAAMREB0JD3I/BRA7ACwTLHcQMRJzdyQNAXADcSgGEyhzGTk8LQQ4M3dyDixBcAAoMzoOKDIwPx4hCxszfiUIPEw8BBErHhFxDzkvPzYhNjRzcyA/AmNwACI2NnERLh0BDAEoIg9zE0slLnZ1LxsxLBQAJycOESAvJzUHMhM+GGdINwAsDEwwAi4jNgxzGg0vNy0nAx0SFHAQTjYOegYYRikmJCIzLScDHUARK3tCMQExAztHfgkkEQF1JCo8BwcaBwgmAm93HD8CcyY2MyEtEhJEfiYaKEACcAM7EXR6CRwdNTMLEQIsGnAoQSNwMTgWFRgQMCMcKSc7EjYUKzMdEHAhLRZ1MiAwHgM3CEtENAMTHkIFCnIeFhETDBwSEDoYO0R/BCw0QxU7eyw8AioQGwIDCiQNAXMKGjBNDigxNRYHZCgJGigyfzAbcyUkDkA1Bg
Frame ID: BA8A379BDF1A3C7D80C3FDEF2F21786C
Requests: 2 HTTP requests in this frame

Frame: https://getherefwuk.xyz/eFlyZncZOxELSBlkEEACCjVPQ0U+fEAgE0lhFVADTy4aAE8dMxRIFBQ2BwIRCjYcElkWPAZDRT4MK1U2SzonFTYwaBk+Ezo6KDNHACMkDT43CxxfMT8yIwM9Khc8PCIpMz8BIT8eGlI2NgECIDgRbCU3AAsvKg02KhEhCTk+LgI+Ox9pJiUcOi0zDiUuDTpfMTocEQM+Pm00MSUtLDA0GyIfMV8xOg8oKz0fLjk+H0g3MwoiPhdBUzkpGzgiEkgqOj4fQC82JxM9DzoKIzAyPDMSLhcwJEZBbiANOUkPOgojOmhGABEuPSQkMzYsJzM1KAtBXzwuCF8wNTMxPycgAAhKJB8yOjUiTj8IHCAyHR8gAzU9PQczIjk/NQ86IBEkEiIdCjAwNS0cHCUfDAokLhssH0MvJDEYCjwyExdFJzUQHzoPLj8PIzNEHTU8IjAtHx4wHDkbIzEhLwgKLDMdITM0IioYRyUbLR88VUIpCwoKNB4MJyA0ExhUDAQXNwJbJU0xIxMGEwwRIzpMKD8
Frame ID: 8E2B3D2AF388A765568F5EEAE2CFE5F7
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 74ED920B90984CF0EA6EDC7614215480
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: C954FD99EE9E3F4E90060684F8568972
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/168135/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Frame ID: 436EFF8333A29E1E46A32A99301EA5B2
Requests: 30 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Frame ID: 8BB44C2C22659758A33A3CE1FF2CAA71
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: B4BA4824AE969DB8A4C57BEEE8C864F2
Requests: 23 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.519.0_en.html
Frame ID: 4E7D9E703F382EE4B84DCB27D03BA38E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.519.0_en.html
Frame ID: BC30D15F7297F84AE65CD55B0AC2C6E4
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.519.0_en.html
Frame ID: B5F4F3CD3A5959942656A51D9B0B1CE3
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 291A9E12598890F4268B2B4AADA3F502
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F178CD2588C634F47E1BC2271C0F051A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5BF5643AE09914AA0003105D10525241
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F
Frame ID: 66947FA0E08554A1904982313544A064
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YruslAAMTWKxyQAj&gdpr=0&gdpr_consent=&_test=YruslAAMTWKxyQAj
Frame ID: AF0FEAD73D3C189C14935526B08091E2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a53262bb-ac94-4f00-acb7-dd9b21cd1075&gdpr=0&gdpr_consent=
Frame ID: F51E7E4D984D64397DB05FF00F9D0F04
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC5yk7Fd1kAABM89U-jVQ
Frame ID: D78786A4943D1DC3297272EF1E520BBF
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 9F3227363AA0FB7A00BB3066AA87BD1E
Requests: 1 HTTP requests in this frame

Frame: https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 4A579E88DCD564A95592D1DB84B3EC05
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e0bb5320-f74b-11ec-8627-7db5f9e4074a
Frame ID: 6E00BC62AB8CC899F80A022F1DF24D44
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OdU-jpCmQuJ2g3j4fUDx1WAJ9sQ
Frame ID: 4D083A13857B4E48CEAD46DE4659F5A1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-35be6133-d3b8-4120-badb-bb85a46dd2ad-005
Frame ID: 70C1FD54C8328027FDCA51A71EE3E30A
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F
Frame ID: 4B57003F3A21DF8EA09710F1FA31BCB5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=677758166672
Frame ID: 4034F406FA0DF4FBFBBCEC5C48D719CB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UMz1Jt9s1O6mCU5&gdpr=0&gdpr_consent=
Frame ID: 14B910F66AB5D1BD1DBC2DBC46C4297A
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 5EFEBF74D8CBECCE13B64C9B407D7C47
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7097529801471726076
Frame ID: C2BBDD48FFDBDF5D60482F3CC93C07FD
Requests: 1 HTTP requests in this frame

Frame: https://capi-tier-2-us-east-2.connatix.com/core/us?DemandPartner=2&UserId=1a4d948aad9346a081368570234b14e2&DemandPartnerName=Pubmatic&DemandPartnerUserId=DC17D2AB-97B0-4286-97F4-4AACA820BD9F
Frame ID: 5A9EFE83DF6A003E182A66E6BA24DEC8
Requests: 1 HTTP requests in this frame

Frame: https://webpick-cdn.s3.amazonaws.com/snapecaht.png
Frame ID: 355D8FA23755B46829F758DEAC9FDC25
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tumblr Online Web Viewer and Statistics | TumgirFacebookTwitterPrintEmailAddThisFacebookTwitterPrintEmailAddThis

Page URL History Show full URLs

http://www.tumgir.com/ HTTP 301
https://www.tumgir.com/ Page URL

Detected technologies

AddThis (Widgets) Expand

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

194
Requests

78 %
HTTPS

26 %
IPv6

67
Domains

99
Subdomains

48
IPs

6
Countries

41335 kB
Transfer

45336 kB
Size

122
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.tumgir.com/ HTTP 301
https://www.tumgir.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://api.tumblr.com/v2/blog/squidisco.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/086ca536bf49b016cb390fa13f7e73ee/00e849ea27def9c4-dc/s128x128u_c1/2d80ea194c35302741530cc44e0e4ca74ad2f61d.jpg

Request Chain 4

https://api.tumblr.com/v2/blog/hayden-christensen.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/896e1a0766c30d5e3cdc4de206d39aee/e5606052b443cea9-ff/s128x128u_c1/3796dc0a6b9609cc2fe17b02960a277c48fd7afb.png

Request Chain 5

https://api.tumblr.com/v2/blog/osanajimi.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_c7ca07d93ddd_128.png

Request Chain 6

https://api.tumblr.com/v2/blog/spideyxchelle.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_5b5dfe124180_128.png

Request Chain 7

https://api.tumblr.com/v2/blog/felipgust.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/73110c3e1318e2824a7ded89ddb3bff8/54b4fc1d12c3c48e-b0/s128x128u_c1/9196804da0004036bf5b525a7ebf7beeb31c54cb.png

Request Chain 83

https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 HTTP 302
https://cds.connatix.com/p/168135/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

Request Chain 98

https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3d1a4d948aad9346a081368570234b14e2%26pname%3dBeeswax%26api-tier%3d2%26uid%3d{userid} HTTP 303
https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D1a4d948aad9346a081368570234b14e2%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&_bee_ppp=1 HTTP 303
https://cks.connatix.com/cks?pid=15&ev=1a4d948aad9346a081368570234b14e2&pname=Beeswax&api-tier=2&uid=AAC5yk7Fd1kAABM89U-jVQ

Request Chain 99

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
https://cks.connatix.com/cks?pid=19&uid=90b809c5-c470-4ceb-a714-8fca09b7c515&ttl=1659058579

Request Chain 100

https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3d1a4d948aad9346a081368570234b14e2%26pname%3dAppNexus%26api-tier%3d2%26uid%3d%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcks.connatix.com%252fcks%253fpid%253d6%2526ev%253d1a4d948aad9346a081368570234b14e2%2526pname%253dAppNexus%2526api-tier%253d2%2526uid%253d%2524UID HTTP 302
https://cks.connatix.com/cks?pid=6&ev=1a4d948aad9346a081368570234b14e2&pname=AppNexus&api-tier=2&uid=409620087943476422

Request Chain 101

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Request Chain 103

https://i.ctnsnet.com/int/cm?exc=24&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d28%26ev%3d1a4d948aad9346a081368570234b14e2%26pname%3dCrimtan%26api-tier%3d2%26uid%3d%5Buser_id%5D HTTP 302
https://cks.connatix.com/cks?pid=28&ev=1a4d948aad9346a081368570234b14e2&pname=Crimtan&api-tier=2&uid=7636138d768944639601dc4e8b58de6f

Request Chain 104

https://id.rlcdn.com/712202.gif?cparams=1a4d948aad9346a081368570234b14e2 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCJPZ7pUGEgUI6AcQAEIASiAxYTRkOTQ4YWFkOTM0NmEwODEzNjg1NzAyMzRiMTRlMg HTTP 307
https://capi.connatix.com/core/us?UserId=1a4d948aad9346a081368570234b14e2&DemandPartnerUserId=&DemandPartnerName=LiveRamp&DemandPartner=27

Request Chain 105

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3d1a4d948aad9346a081368570234b14e2%26pname%3dCentro%26api-tier%3d2%26uid%3d{userId} HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3d1a4d948aad9346a081368570234b14e2%26pname%3dCentro%26api-tier%3d2%26uid%3d{userId} HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D1a4d948aad9346a081368570234b14e2%2526pname%253DCentro%2526api-tier%253D2%2526uid%253D7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553 HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D1a4d948aad9346a081368570234b14e2%2526pname%253DCentro%2526api-tier%253D2%2526uid%253D7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553&xl8blockcheck=1 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D1a4d948aad9346a081368570234b14e2%26pname%3DCentro%26api-tier%3D2%26uid%3D7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D1a4d948aad9346a081368570234b14e2%26pname%3DCentro%26api-tier%3D2%26uid%3D7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553 HTTP 302
https://cks.connatix.com/cks?pid=9&ev=1a4d948aad9346a081368570234b14e2&pname=Centro&api-tier=2&uid=7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553

Request Chain 106

https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d1a4d948aad9346a081368570234b14e2%26pname%3dSpotX%26api-tier%3d2%26uid%3d%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d1a4d948aad9346a081368570234b14e2%26pname%3dSpotX%26api-tier%3d2%26uid%3d%24SPOTX_USER_ID&__user_check__=1&sync_id=e0253f25-f74b-11ec-b46d-1d8d9dd30203 HTTP 302
https://cks.connatix.com/cks?pid=10&ev=1a4d948aad9346a081368570234b14e2&pname=SpotX&api-tier=2&uid=e0253eb0-f74b-11ec-b46d-1d8d9dd30203

Request Chain 135

https://c1.adform.net/serving/cookie/match?party=14&cid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F

Request Chain 136

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YruslAAMTWKxyQAj HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YruslAAMTWKxyQAj&gdpr=0&gdpr_consent=&_test=YruslAAMTWKxyQAj

Request Chain 137

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a53262bb-ac94-4f00-acb7-dd9b21cd1075&gdpr=0&gdpr_consent=

Request Chain 138

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDNXlrN0ZkMWtBQUJNODlVLWpWUQ&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDNXlrN0ZkMWtBQUJNODlVLWpWUQ&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&google_tc= HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC5yk7Fd1kAABM89U-jVQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC5yk7Fd1kAABM89U-jVQ&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC5yk7Fd1kAABM89U-jVQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1623104275053748381 HTTP 303
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAC5yk7Fd1kAABM89U-jVQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1623104275053748381%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 307
https://match.prod.bidr.io/cookie-sync?userid=1623104275053748381&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC5yk7Fd1kAABM89U-jVQ

Request Chain 140

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Request Chain 141

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e0bb5320-f74b-11ec-8627-7db5f9e4074a

Request Chain 142

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OdU-jpCmQuJ2g3j4fUDx1WAJ9sQ

Request Chain 143

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1656466580624 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3671689141 HTTP 302
https://sync.1rx.io/usersync/tradedesk/90b809c5-c470-4ceb-a714-8fca09b7c515 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-35be6133-d3b8-4120-badb-bb85a46dd2ad-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-35be6133-d3b8-4120-badb-bb85a46dd2ad-005 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-35be6133-d3b8-4120-badb-bb85a46dd2ad-005

Request Chain 144

https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=2e3d3697-d6d6-4d88-8d9b-8e2ff3ddf37c&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F

Request Chain 145

https://ums.acuityplatform.com/tum?umid=6 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=677758166672

Request Chain 146

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UMz1Jt9s1O6mCU5&gdpr=0&gdpr_consent=

Request Chain 147

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 148

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7097529801471726076&uid=Q7097529801471726076&ref=%2Fepm HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7097529801471726076

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3BfSq5ewQoaX9EqsqCC9nw%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3BfSq5ewQoaX9EqsqCC9nw%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 151

https://idsync.rlcdn.com/420486.gif?partner_uid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=895037120cd7159df264b414803d6280e3d350e07176ad653e9d45c0c9cbcb13791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4OTUwMzcxMjBjZDcxNTlkZjI2NGI0MTQ4MDNkNjI4MGUzZDM1MGUwNzE3NmFkNjUzZTlkNDVjMGM5Y2JjYjEzNzkxNDI2YjU0MTdkY2UyMRAAGgwIlNnulQYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4OTUwMzcxMjBjZDcxNTlkZjI2NGI0MTQ4MDNkNjI4MGUzZDM1MGUwNzE3NmFkNjUzZTlkNDVjMGM5Y2JjYjEzNzkxNDI2YjU0MTdkY2UyMRAAGgwIlNnulQYSBAgCEABCAEoA&google_gid=CAESEElTO9aZ41ZfY4_DFcGGcb8&google_cver=1 HTTP 307
https://usermatch.krxd.net/um/v2?partner=liveramp_identity HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity

Request Chain 152

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=787362bb-ac94-4500-be95-9984e8f13d86

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REMxN0QyQUItOTdCMC00Mjg2LTk3RjQtNEFBQ0E4MjBCRDlG&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REMxN0QyQUItOTdCMC00Mjg2LTk3RjQtNEFBQ0E4MjBCRDlG&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEODYRg8nrImcu4W3aI5JwiM&google_cver=1

Request Chain 155

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C254D54C989846B6955ACB9E778035DE

Request Chain 156

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2790922004803086933&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 157

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=90b809c5-c470-4ceb-a714-8fca09b7c515

Request Chain 159

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xe8QC99E2uVQYGKtD7tGxgwJj2wGTn8-~A&gdpr=0&gdpr_consent=

Request Chain 161

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e0c4bb6c-f74b-11ec-8a75-a5580f2578ca&gdpr=0&gdpr_consent=

Request Chain 162

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=57aaa1643ae6122b&is_secure=true&networkId=17100&version=1&nuid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGc64TGIinaAMebFSlAAAAAAA&expiration=1656552980&nuid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 163

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=409620087943476422&gdpr=0&gdpr_consent=

Request Chain 164

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7UDAELoRm0b2FsNK7kaPSu9DxxP2QcZH7xdJIllQ

Request Chain 165

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553&gdpr=0&gdpr_consent=

Request Chain 166

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=98322d3e-0cd0-44bf-8f02-dc19e9e9c5e4 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=98322d3e-0cd0-44bf-8f02-dc19e9e9c5e4 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ebf51bb9-504a-4878-941d-04516558a64f&user_group=1&ssp=pubmatic&bsw_param=98322d3e-0cd0-44bf-8f02-dc19e9e9c5e4 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=98322d3e-0cd0-44bf-8f02-dc19e9e9c5e4&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 167

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_F235032B_BD7893B8&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
https://pmp.mxptint.net/sn.ashx?ak=1

Request Chain 168

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3336694346221387876

Request Chain 169

https://sync.resetdigital.co:10001/csync/pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000B713F060FB

Request Chain 170

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&khaos=L4YXFLEG-17-EHWY HTTP 302
https://ck.connatix.com/cks?pid=11&uid=L4YXFLEG-17-EHWY HTTP 302
https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L4YXFLEG-17-EHWY&UserId=

Request Chain 181

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4YXFLEG-17-EHWY

Request Chain 182

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRZWEZMRUctMTctRUhXWQ==

Request Chain 183

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=B_uQt8atSPCqkMhz7DhxeA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=B_uQt8atSPCqkMhz7DhxeA

Request Chain 184

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmE1NTNhODk3NTViOTVmNzJmZTNmYWIzNzhmNzcyMmU4YWVhYWM4Zg

Request Chain 185

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4YXFLEG-17-EHWY&sigv=1&esig=2~23c68b3cc86d7d3ca3bd3a160dcc23ee857f716e

Request Chain 186

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=90b809c5-c470-4ceb-a714-8fca09b7c515&gdpr=0&gdpr_consent=&expires=30

Request Chain 187

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/_vMAEaWDArGBHzuIbhS8rsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1018268943162677173

Request Chain 188

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2TwJ-SqfSYKXewI1ZPCiwA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2TwJ-SqfSYKXewI1ZPCiwA

194 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tumgir.com/
Redirect Chain

http://www.tumgir.com/
https://www.tumgir.com/

33 KB
7 KB

127ms
75ms

Document
text/html

2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b998032e0d9fc0843cd11e5c663ea67f35a2075fc820f5342aa5a514292b4534

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 722aee252e0b8c3f-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 29 Jun 2022 01:36:16 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pidQ7cxG1aj68fCXdNBsa9lnQ2WF271c2d0SUmDKsf2jcEbauqTvJnT4I73msM%2FwuHvtYRaofO%2Bv%2BoBJxdJLiNSuVS%2BZ7pS84b2YMKNyOcbYVYElpsur6SRAFBN1NM%2B3%2Bv8Xee3h18XlfWOu"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 722aee245891e6d4-EWR
Connection: keep-alive
Content-Type: text/html
Date: Wed, 29 Jun 2022 01:36:16 GMT
Location: https://www.tumgir.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ai38zDXLFoNyvD1qMSNqc%2FqDb4PzfNmPHTmrr6BWi9ChfPaIwwtuANiOPfWesZW2yk4tLBkelGdmxDrYN%2FlqGflAyLrSEEOcqXMflT18beZnKqP0I5%2FaUuiQO%2FxMpTYuzFCNKNmG%2BaVesrHS"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 98ms
50ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 00:38:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 29 Jun 2022 01:36:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Jun 2022 01:36:16 GMT

GET
H2 200 styles.css
www.tumgir.com/static/css/ 25 KB
6 KB 59ms
59ms Stylesheet
text/css 2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/css/styles.css
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 900c7b714900f91c891f0c028ae56f1cb0fae5bc5dcefaa9faaab784d6d3704e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
content-encoding: br
etag: W/"6264-180d8fc082c"
cf-cache-status: EXPIRED
last-modified: Wed, 18 May 2022 21:03:57 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dq%2FOlWfXP7UdKNGfs6sgAwCT1hlYa3Gu3TtiNPYu%2BnQ8uA3bBpbJa4Lmyut556%2BrO9l9avfsg3gypDW7paJvqvOfm4TvKl7hjreszZUaq2kG%2FepEw8HS0J9T46ic5Vu0oRqE%2BkxQymlDi5%2Bx"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 722aee25bf838c3f-EWR

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 101ms
45ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134279593-1

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a4d096c6873db0c7b5ecbe20c5142ada665cfb16b139b030ee387e394c7e6199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40335
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Jun 2022 01:36:16 GMT

GET
H2

200

2d80ea194c35302741530cc44e0e4ca74ad2f61d.jpg
64.media.tumblr.com/086ca536bf49b016cb390fa13f7e73ee/00e849ea27def9c4-dc/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/squidisco.tumblr.com/avatar/128
https://64.media.tumblr.com/086ca536bf49b016cb390fa13f7e73ee/00e849ea27def9c4-dc/s128x128u_c1/2d80ea194c35302741530cc44e0e4ca74ad2f61d.jpg

5 KB
5 KB

56ms
55ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/086ca536bf49b016cb390fa13f7e73ee/00e849ea27def9c4-dc/s128x128u_c1/2d80ea194c35302741530cc44e0e4ca74ad2f61d.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

25f0aa3b9d77161c1bcf7ffa7d61078b71de5aa6b87dac38657989aa080a320e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_086ca536bf49b016cb390fa13f7e73ee_2d80ea19_128.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=27.0
content-length: 5038
x-nc: HIT ewr 3
last-modified: Tue, 02 Nov 2021 14:07:36 GMT
server: nginx
etag: "f1fbc88a2ee7fe177921b098a318dbf5-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

Redirect headers

date: Wed, 29 Jun 2022 01:36:16 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/086ca536bf49b016cb390fa13f7e73ee/00e849ea27def9c4-dc/s128x128u_c1/2d80ea194c35302741530cc44e0e4ca74ad2f61d.jpg
x-rid: c8c4c6b00cc6b0e81a88b57e2d43b6ca
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

3796dc0a6b9609cc2fe17b02960a277c48fd7afb.png
64.media.tumblr.com/896e1a0766c30d5e3cdc4de206d39aee/e5606052b443cea9-ff/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/hayden-christensen.tumblr.com/avatar/128
https://64.media.tumblr.com/896e1a0766c30d5e3cdc4de206d39aee/e5606052b443cea9-ff/s128x128u_c1/3796dc0a6b9609cc2fe17b02960a277c48fd7afb.png

12 KB
12 KB

32ms
31ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/896e1a0766c30d5e3cdc4de206d39aee/e5606052b443cea9-ff/s128x128u_c1/3796dc0a6b9609cc2fe17b02960a277c48fd7afb.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5bb20b7e42a681a6968e43e8156e1af4d16d065f70338982d3b6df231897313d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_896e1a0766c30d5e3cdc4de206d39aee_3796dc0a_128.png"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 11993
x-nc: HIT ewr 2
last-modified: Mon, 24 Jan 2022 07:58:54 GMT
server: nginx
etag: "5722aab233aba4720a5390afe9be9568-1498089600-9c7a3ee"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

Redirect headers

date: Wed, 29 Jun 2022 01:36:16 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/896e1a0766c30d5e3cdc4de206d39aee/e5606052b443cea9-ff/s128x128u_c1/3796dc0a6b9609cc2fe17b02960a277c48fd7afb.png
x-rid: 18d9d23c5d8e9bebacf402849830be93
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

avatar_c7ca07d93ddd_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/osanajimi.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_c7ca07d93ddd_128.png

42 KB
42 KB

87ms
87ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_c7ca07d93ddd_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ba317752a0648602e1d36caa97e9afdc2b08fe671ff9e9f1ba8d5becce8cb30b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="avatar_c7ca07d93ddd_128.png"
server-timing: dc;desc=ewr, cache;desc=MISS;dur=58.0
content-length: 42655
x-nc: MISS ewr 6
last-modified: Sat, 12 Dec 2020 20:20:37 GMT
server: nginx
etag: "310690938e4309fe01f04c0da7baf0a5-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *

Redirect headers

date: Wed, 29 Jun 2022 01:36:16 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_c7ca07d93ddd_128.png
x-rid: e9f6750ae83955372092b038dc07c5b2
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

avatar_5b5dfe124180_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/spideyxchelle.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_5b5dfe124180_128.png

32 KB
32 KB

41ms
41ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_5b5dfe124180_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fa99ca6c61398ca19f99a093a3ce1f3ef4bf10287ddff7da72146d6ab58fa109

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="avatar_5b5dfe124180_128.png"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 32514
x-nc: HIT ewr 6
last-modified: Wed, 16 Dec 2020 20:58:16 GMT
server: nginx
etag: "ebaf4614bd4bee2819b20735ab47d65e-1498089600-81b500b"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *

Redirect headers

date: Wed, 29 Jun 2022 01:36:16 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_5b5dfe124180_128.png
x-rid: fd39ae77d243a35ea5027b44f3c489df
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

9196804da0004036bf5b525a7ebf7beeb31c54cb.png
64.media.tumblr.com/73110c3e1318e2824a7ded89ddb3bff8/54b4fc1d12c3c48e-b0/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/felipgust.tumblr.com/avatar/128
https://64.media.tumblr.com/73110c3e1318e2824a7ded89ddb3bff8/54b4fc1d12c3c48e-b0/s128x128u_c1/9196804da0004036bf5b525a7ebf7beeb31c54cb.png

27 KB
27 KB

32ms
32ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/73110c3e1318e2824a7ded89ddb3bff8/54b4fc1d12c3c48e-b0/s128x128u_c1/9196804da0004036bf5b525a7ebf7beeb31c54cb.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0eceeb508126e42057713e87d4ac6628276b4800a4753791e752270aa0d41f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_73110c3e1318e2824a7ded89ddb3bff8_9196804d_128.png"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 27212
x-nc: HIT ewr 8
last-modified: Thu, 31 Mar 2022 15:36:34 GMT
server: nginx
etag: "6d4d67a2dda8ae710757c3cd24bb3e56-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

Redirect headers

date: Wed, 29 Jun 2022 01:36:16 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/73110c3e1318e2824a7ded89ddb3bff8/54b4fc1d12c3c48e-b0/s128x128u_c1/9196804da0004036bf5b525a7ebf7beeb31c54cb.png
x-rid: e01f221da64a86374e598380d1f7315d
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 012a2e8412a075d7616475e3c7401762337bb426.jpg
64.media.tumblr.com/5d37690db638420afc0f3b7b85d7aa04/b6ebbbc30e807d16-b9/s540x810/ 91 KB
91 KB 112ms
53ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/5d37690db638420afc0f3b7b85d7aa04/b6ebbbc30e807d16-b9/s540x810/012a2e8412a075d7616475e3c7401762337bb426.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

327cfddc5c6d7db8b989366b6e110f7cef836b26e321cc86c3a4f42dbd740f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_5d37690db638420afc0f3b7b85d7aa04_012a2e84_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 93131
x-nc: HIT ewr 4
last-modified: Sun, 19 Jun 2022 13:36:45 GMT
server: nginx
etag: "7e91051480e5263ed231bb657bed35eb-1498089600-c37e747"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 6d0200f125f09375d6c3e0b90eed4eef74c8a564.jpg
64.media.tumblr.com/eeb2fb3b1c47159a98a5c1dcb1356650/1d871f93962fd59a-d4/s540x810/ 139 KB
139 KB 112ms
53ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/eeb2fb3b1c47159a98a5c1dcb1356650/1d871f93962fd59a-d4/s540x810/6d0200f125f09375d6c3e0b90eed4eef74c8a564.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2beb257d9e3282772efbda7c6e29e1b7350cde5f76e9d466775a02e018e09d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_eeb2fb3b1c47159a98a5c1dcb1356650_6d0200f1_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 141832
x-nc: HIT ewr 5
last-modified: Wed, 22 Jun 2022 17:28:43 GMT
server: nginx
etag: "66a6be782065edbe855b0e10280b5cdb-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 8e77e39654ba349a94896259b8e4c5e0fe0dd2cc.jpg
64.media.tumblr.com/f50c77dbca6a5c24948ae93afc177999/1d871f93962fd59a-37/s540x810/ 157 KB
157 KB 102ms
52ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/f50c77dbca6a5c24948ae93afc177999/1d871f93962fd59a-37/s540x810/8e77e39654ba349a94896259b8e4c5e0fe0dd2cc.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ac7173edd955f521584e264d4edc089a6d46cb5b763d0368ab890de1d95b9bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_f50c77dbca6a5c24948ae93afc177999_8e77e396_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 160472
x-nc: HIT ewr 3
last-modified: Wed, 22 Jun 2022 17:31:11 GMT
server: nginx
etag: "0bef6f5047281156fb48aa23a12bd3b6-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 9970f417c1e9cde4233b1166a49c75ff5f8740d8.jpg
64.media.tumblr.com/07e8a2b1b2bdbf877d5925d97065acb3/1d871f93962fd59a-27/s540x810/ 142 KB
142 KB 68ms
52ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/07e8a2b1b2bdbf877d5925d97065acb3/1d871f93962fd59a-27/s540x810/9970f417c1e9cde4233b1166a49c75ff5f8740d8.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

20ae5299fcd9d1a6f4b69aeb293a4642bd943675ae4a945044172e2864921ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_07e8a2b1b2bdbf877d5925d97065acb3_9970f417_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 144980
x-nc: HIT ewr 6
last-modified: Wed, 22 Jun 2022 17:27:53 GMT
server: nginx
etag: "df2d775fa3383305e38f157e64c66103-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 9034b1f81ecef814a8a728a3f46658f7b4c38ea0.jpg
64.media.tumblr.com/cc791863f0a9165a74e874478f86f76b/1d871f93962fd59a-76/s540x810/ 120 KB
121 KB 70ms
54ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/cc791863f0a9165a74e874478f86f76b/1d871f93962fd59a-76/s540x810/9034b1f81ecef814a8a728a3f46658f7b4c38ea0.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6bd0f8429df606a5c0d5bbc3c3aed321b4e4b8ba6e4f941ee11cc41934eea20a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_cc791863f0a9165a74e874478f86f76b_9034b1f8_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 123093
x-nc: HIT ewr 6
last-modified: Wed, 22 Jun 2022 17:27:56 GMT
server: nginx
etag: "ccd49a06a4ac51baf9df5b686e14d20d-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 f11da2320ee6e68bfd80146bf42d5fdd82f017db.jpg
64.media.tumblr.com/8711e8bed7603fbf9e25bfce01d4db9b/1d871f93962fd59a-ce/s540x810/ 145 KB
145 KB 61ms
46ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/8711e8bed7603fbf9e25bfce01d4db9b/1d871f93962fd59a-ce/s540x810/f11da2320ee6e68bfd80146bf42d5fdd82f017db.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

311a8de0a5bea29ecb6d90ef4c59de9914aaf46a4a1c02762ecd1d2fc6a60567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_8711e8bed7603fbf9e25bfce01d4db9b_f11da232_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=0.0
content-length: 148119
x-nc: HIT ewr 3
last-modified: Wed, 22 Jun 2022 17:27:51 GMT
server: nginx
etag: "4d9c8c2b171c2475e89152560f9ac840-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 0d7611d2ac2e5bc5aab6e67690e0856cf2a4d05a.jpg
64.media.tumblr.com/1ead788240dad999d1ef400f7d6d1585/1d871f93962fd59a-e3/s540x810/ 181 KB
181 KB 62ms
53ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/1ead788240dad999d1ef400f7d6d1585/1d871f93962fd59a-e3/s540x810/0d7611d2ac2e5bc5aab6e67690e0856cf2a4d05a.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fbbebfc051183c3a22abfcdff1ffb9d7ada173f06d2ee9bdb47cf668d6f6c234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_1ead788240dad999d1ef400f7d6d1585_0d7611d2_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 184879
x-nc: HIT ewr 2
last-modified: Wed, 22 Jun 2022 17:27:46 GMT
server: nginx
etag: "31cbcc2fa186eb0fbefcb43ddaaf9e63-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 89d410d28b29bb325dd6b00a68c9380318f39893.jpg
64.media.tumblr.com/2c01baca8be627f9bafd900fde6096cd/1d871f93962fd59a-6d/s540x810/ 180 KB
181 KB 62ms
53ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/2c01baca8be627f9bafd900fde6096cd/1d871f93962fd59a-6d/s540x810/89d410d28b29bb325dd6b00a68c9380318f39893.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6f384b9cc1dca6dc92831e67907e5f549cde8489c0e5cd2a4db7916cc1f507d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_2c01baca8be627f9bafd900fde6096cd_89d410d2_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=2.0
content-length: 184570
x-nc: HIT ewr 8
last-modified: Wed, 22 Jun 2022 17:27:48 GMT
server: nginx
etag: "e5c6180d2d428d1b3bc0b0da0e006531-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 c1c60c6ce92deb5dcc036158454ed10aa682c7c5.jpg
64.media.tumblr.com/412043ef232246e34bc5fb036fc0c06e/1d871f93962fd59a-b4/s540x810/ 139 KB
140 KB 32ms
21ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/412043ef232246e34bc5fb036fc0c06e/1d871f93962fd59a-b4/s540x810/c1c60c6ce92deb5dcc036158454ed10aa682c7c5.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

03110beb6abcd02594f3f7eed1846b9ae2143deef097b31183fefb40db40706d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_412043ef232246e34bc5fb036fc0c06e_c1c60c6c_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 142496
x-nc: HIT ewr 7
last-modified: Wed, 22 Jun 2022 17:27:50 GMT
server: nginx
etag: "d96a8de0564ce1370bd076269fdf09e7-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 835926be91c3e008781143f708f5a2fb48aaf338.jpg
64.media.tumblr.com/bf9d2c13e49f229047bd5d8587168e7b/1d871f93962fd59a-df/s540x810/ 169 KB
169 KB 62ms
52ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/bf9d2c13e49f229047bd5d8587168e7b/1d871f93962fd59a-df/s540x810/835926be91c3e008781143f708f5a2fb48aaf338.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

41ca21faccf2519361a6ed815be56e020a35259fccbb09c8508ca5484464d86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_bf9d2c13e49f229047bd5d8587168e7b_835926be_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 172752
x-nc: HIT ewr 2
last-modified: Wed, 22 Jun 2022 17:27:44 GMT
server: nginx
etag: "6af2f582c158378a20c0a0bfb0f0d543-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 6863cfbdc56785407a3897f3dd8d508c9334dcc3.pnj
64.media.tumblr.com/eea3112a8a932e95fb0727eaa82c22cc/f5bf7d68875b38a3-10/s540x810/ 86 KB
86 KB 61ms
51ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/eea3112a8a932e95fb0727eaa82c22cc/f5bf7d68875b38a3-10/s540x810/6863cfbdc56785407a3897f3dd8d508c9334dcc3.pnj

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

319bf7de36f854814b0ee39e6c21a29a1eb39b6cdcd322b2682a285b7988600e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_eea3112a8a932e95fb0727eaa82c22cc_6863cfbd_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=2.0
content-length: 88176
x-nc: HIT ewr 4
last-modified: Mon, 06 Jun 2022 06:48:43 GMT
server: nginx
etag: "38398803679d36a2eff490486407fa74-1503417600-9c7a3ee"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 d236f3dc085a704a29963319dc5bbf5503fe038b.jpg
64.media.tumblr.com/db76e744ddfb3c9b8d620c0c91612156/db67516e16724b92-f5/s540x810/ 72 KB
72 KB 43ms
42ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/db76e744ddfb3c9b8d620c0c91612156/db67516e16724b92-f5/s540x810/d236f3dc085a704a29963319dc5bbf5503fe038b.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9fd2dc059fb430967c1a800b8c2668bd1f9712bafc679422a5e591ded6cf615c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_db76e744ddfb3c9b8d620c0c91612156_d236f3dc_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 73344
x-nc: HIT ewr 8
last-modified: Tue, 21 Jun 2022 00:02:54 GMT
server: nginx
etag: "27dbfa1b4d3ebfa741d8191ba1c8e72e-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 8b60863781cb518eb3c3154cd7aaa5e2fdcaab6c.jpg
64.media.tumblr.com/1b03b54ffbb1935de1b6056eed4b8735/771dd0f7246946c7-37/s540x810/ 100 KB
100 KB 44ms
43ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/1b03b54ffbb1935de1b6056eed4b8735/771dd0f7246946c7-37/s540x810/8b60863781cb518eb3c3154cd7aaa5e2fdcaab6c.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

55c6a8bb3e7f5d82556cf5f60582551500d3636d27a934ac0276b3f97b1243e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_1b03b54ffbb1935de1b6056eed4b8735_8b608637_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 102462
x-nc: HIT ewr 6
last-modified: Fri, 17 Jun 2022 18:31:45 GMT
server: nginx
etag: "b8c81f65c46263ec2aa425c2c120fc88-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 374807b2fe632c808cc4b44c088f00e83727d667.jpg
64.media.tumblr.com/7b2588758ad3012fd2e3fd8ebf51388a/771dd0f7246946c7-8b/s540x810/ 101 KB
101 KB 44ms
44ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/7b2588758ad3012fd2e3fd8ebf51388a/771dd0f7246946c7-8b/s540x810/374807b2fe632c808cc4b44c088f00e83727d667.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7953d2db63b6eddf80a14cdacb808b77dab26af6e4f74111406a77103ecce104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_7b2588758ad3012fd2e3fd8ebf51388a_374807b2_540.jpg"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=1.0
content-length: 103619
x-nc: HIT ewr 2
last-modified: Fri, 17 Jun 2022 18:31:21 GMT
server: nginx
etag: "f6bdb36046eb5ed1878e806937492c12-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 796e5f5fbd3ac39123264a868a66cc358933b625.gifv
64.media.tumblr.com/e34bda08e4df5b410bc4eaa0776ef76e/6b3070e5b6c8283d-62/s540x810/ 7 MB
8 MB 46ms
45ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/e34bda08e4df5b410bc4eaa0776ef76e/6b3070e5b6c8283d-62/s540x810/796e5f5fbd3ac39123264a868a66cc358933b625.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

36a8078ea18c620ffb677cdc00c3633a96a21474308b3b5a4c629bda589c73e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
strict-transport-security: max-age=31536000; preload
vary: Accept
content-disposition: inline; filename="tumblr_e34bda08e4df5b410bc4eaa0776ef76e_796e5f5f_540.webp"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=2.0
content-length: 7862420
x-nc: HIT ewr 1
last-modified: Mon, 13 Jun 2022 01:19:29 GMT
server: nginx
etag: "8675d3f91b921b435ec9c156132ee8c4-1523937600-5586581"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 31e70076fed3eefaf703dc5ecc942baeba0d8f16.gifv
64.media.tumblr.com/df075834b86e480a907cc61dbfcac459/d5ce0d60f452931e-72/s540x810/ 7 MB
7 MB 45ms
45ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/df075834b86e480a907cc61dbfcac459/d5ce0d60f452931e-72/s540x810/31e70076fed3eefaf703dc5ecc942baeba0d8f16.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f6bc1ef96a4cd5c8d1396d3b70b0057f9ac96e6069b94878442b486a07019988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
strict-transport-security: max-age=31536000; preload
vary: Accept
content-disposition: inline; filename="tumblr_df075834b86e480a907cc61dbfcac459_31e70076_540.webp"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=2.0
content-length: 6946890
x-nc: HIT ewr 2
last-modified: Mon, 20 Jun 2022 15:26:42 GMT
server: nginx
etag: "6904a61a89c7ca8337588b6604ffb863-1523937600-c37e747"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 a3d51c3c699cb320048f555204c0407e387a5304.gifv
64.media.tumblr.com/e61da5a833ab606924274b3d3ce04c96/d5ce0d60f452931e-7c/s540x810/ 4 MB
4 MB 53ms
52ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/e61da5a833ab606924274b3d3ce04c96/d5ce0d60f452931e-7c/s540x810/a3d51c3c699cb320048f555204c0407e387a5304.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cb3301f514b46f0fb12543f46e39b84e24cda90e5ccbc36f1f38ef525c26953e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
strict-transport-security: max-age=31536000; preload
vary: Accept
content-disposition: inline; filename="tumblr_e61da5a833ab606924274b3d3ce04c96_a3d51c3c_540.webp"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=3.0
content-length: 4532854
x-nc: HIT ewr 1
last-modified: Mon, 20 Jun 2022 15:23:06 GMT
server: nginx
etag: "eb3ba95f837712dcb3292f1633f360a8-1523937600-c37e747"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1cc31a49ed4bfbc903c505fa2a96a737ea67512c.gifv
64.media.tumblr.com/7431e9123de16af4c4044f6389ee0276/d5ce0d60f452931e-9b/s540x810/ 7 MB
7 MB 45ms
44ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/7431e9123de16af4c4044f6389ee0276/d5ce0d60f452931e-9b/s540x810/1cc31a49ed4bfbc903c505fa2a96a737ea67512c.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e883078351cfa3a3f6bdd1fc7b4cd669c3f5f5c792e5d6f7af1d2cbdfe705b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
strict-transport-security: max-age=31536000; preload
vary: Accept
content-disposition: inline; filename="tumblr_7431e9123de16af4c4044f6389ee0276_1cc31a49_540.webp"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=2.0
content-length: 7102240
x-nc: HIT ewr 5
last-modified: Mon, 20 Jun 2022 15:21:30 GMT
server: nginx
etag: "959e94207ab6123d20e91bcb368b3ef8-1523937600-c37e747"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 a65959e1925999f70ba609f7ada299b134a41ade.gifv
64.media.tumblr.com/42132e0b636d1d207d859deaa59e42d1/d5ce0d60f452931e-d6/s540x810/ 5 MB
5 MB 45ms
44ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/42132e0b636d1d207d859deaa59e42d1/d5ce0d60f452931e-d6/s540x810/a65959e1925999f70ba609f7ada299b134a41ade.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a65c7e19914e8f1f72a4e12526ad08b66c6b557395e5f1abdd48afd62ab84b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
strict-transport-security: max-age=31536000; preload
vary: Accept
content-disposition: inline; filename="tumblr_42132e0b636d1d207d859deaa59e42d1_a65959e1_540.webp"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=2.0
content-length: 5450886
x-nc: HIT ewr 7
last-modified: Mon, 20 Jun 2022 15:24:03 GMT
server: nginx
etag: "8b70cfe35d731de7cc1a6171f1484074-1523937600-c37e747"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 72be468c5fc623c7dc52442a59dc741163f4a32d.gifv
64.media.tumblr.com/d474ecd5e8e228b17e72cc904ab0644f/d5ce0d60f452931e-e7/s540x810/ 5 MB
5 MB 45ms
44ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/d474ecd5e8e228b17e72cc904ab0644f/d5ce0d60f452931e-e7/s540x810/72be468c5fc623c7dc52442a59dc741163f4a32d.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0a7531d4aee24e054affe400e825101c79b13084c67c85535b751cc9bc7e9dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
strict-transport-security: max-age=31536000; preload
vary: Accept
content-disposition: inline; filename="tumblr_d474ecd5e8e228b17e72cc904ab0644f_72be468c_540.webp"
server-timing: dc;desc=ewr, cache;desc=HIT;dur=2.0
content-length: 4739496
x-nc: HIT ewr 7
last-modified: Mon, 20 Jun 2022 15:22:52 GMT
server: nginx
etag: "4432c46f44e643e0aedefee34eade2dc-1523937600-c37e747"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 48ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13320795
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
timing-allow-origin: *
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukLfXDrvc145JerBITw%2FIpNq4nGrc63AWu0xSnm%2Fx1QNxwqIGkvNJVepUVkp8IdVZX9tda2B%2BznOp3tj9U9%2FabnadXrZ5jdaaBX7NZ9hcv0LNTUU2NLiZ%2BGO2aRTo%2FnpxFiR%2FR80nvE3bO3cOgMmQKxD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 722aee263f6ed15b-BUF
expires: Mon, 19 Jun 2023 01:36:16 GMT

GET
H2 200 navbar.js Show response
www.tumgir.com/static/js/ 469 B
535 B 45ms
45ms Script
application/javascript 2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/navbar.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ae1b9abbb61470260e103684bbd81cc23d3e69a1e9db92ef899dd539e0c9da15

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
content-encoding: br
etag: W/"1d5-1801fba49fc"
cf-cache-status: EXPIRED
last-modified: Tue, 12 Apr 2022 21:42:23 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZLaQZ%2Fo9opzzcMz5ZOJw3L6GGDPjc%2FTI5UlBoclFrBZ%2F8ffo4coZbxxl8dEYICv8GiMHIWtZ5%2B%2FzXcKcENbv3utOA8TihFwH1oflayfMLGqt8hXJjqZKrQoZnZIMQBnFq5bZLowyV0MXE9P"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 722aee2648dd8c3f-EWR

GET
H2 200 sticky-sidebar.js Show response
www.tumgir.com/static/js/ 2 KB
1 KB 70ms
65ms Script
application/javascript 2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/sticky-sidebar.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: aefa123ab4be4509c6970cb9a064c1031ed5ec6fae270e7c256b7a0826fa21f6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
content-encoding: br
etag: W/"7e3-1801fba2972"
cf-cache-status: EXPIRED
last-modified: Tue, 12 Apr 2022 21:42:15 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53FhJ4SmYbE1fK1GCwfVfgBSQzFzLUJPhiQ3rhQL8E1C7Yr793iPzDnqTyXnCDbcGIWmtkTjXOFvR3DQ7jupNGW4%2B5yCrLKxij%2FIGSRUD3JjQv7b8HlEMaxj%2B9Z%2B4iq%2BP5QaFBeOBBC17kYj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 722aee2659018c3f-EWR

GET
H2 200 home.js Show response
www.tumgir.com/static/js/ 1 KB
943 B 100ms
94ms Script
application/javascript 2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/home.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 814344b7031d06949266d1f52badb1e0cd092f28151939ab6e001d919c2d65c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
content-encoding: br
etag: W/"597-18029f64ec7"
cf-cache-status: EXPIRED
last-modified: Thu, 14 Apr 2022 21:24:09 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AppAy8lZgYvVurKOJqdEoSm1aqA9ImGL2e9C7o0q4Ns8HY0cMmkk44hMoITi5F%2BBe8il7ESpB8tuKSG8mpHqH1LVrPDBDqn9HVaJMUBH7KEuhGhh%2BSqWFuShK5tTgTx7diVcaSQMMyfCZxH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 722aee2659038c3f-EWR

GET
H2 200 notes.js Show response
www.tumgir.com/static/js/ 554 B
580 B 54ms
48ms Script
application/javascript 2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/notes.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 38afa5312f73d7da48d60d1cbe85b5a3df8855e750db714661c1456d510904e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
content-encoding: br
etag: W/"22a-1801fba38d4"
cf-cache-status: EXPIRED
last-modified: Tue, 12 Apr 2022 21:42:19 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IluM%2B3z8bNLB1LoR%2BLWrjE76%2Fa4fJ0dyqLq8Nvk6LIQgT1a7rHsXZmL0Yg2Za%2FS%2BfEkPe1WSXGvXWyFrjycThynUKsrpn9%2FjC8h1K5M1euU%2FoFxOOkyi0jTOD9Vpos7S31vNKElbMpCZKgny"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 722aee2659048c3f-EWR

GET
H2 200 visit-blog.js Show response
www.tumgir.com/static/js/ 216 B
458 B 50ms
44ms Script
application/javascript 2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/visit-blog.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 941f15f07a74b953e617b4af9d43ab4c19fbf92695b4865b4acf10887cdb74e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
content-encoding: br
etag: W/"d8-1801fba390b"
cf-cache-status: EXPIRED
last-modified: Tue, 12 Apr 2022 21:42:19 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8P5jzENiIe3lwTwpOM7hU7ijFfvU412WCOl6RZ5KD9QEadGewCL7%2BvqWoPngoPZHqKb%2BArCCTqUgg7b%2FkfmGe1tcmMtleM3I1Ekx2QcC0VW4My%2FAXr08gAusTlTFC%2Ba%2BGNrDgw%2FKpYwiful%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 722aee2659058c3f-EWR

GET
H2 200 explore-tagged-posts.js Show response
www.tumgir.com/static/js/ 224 B
440 B 68ms
63ms Script
application/javascript 2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/explore-tagged-posts.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2545317458fe2e54e3e67d5f14b69913cd8fa0182ccb4031cd413f7819217808

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
content-encoding: br
etag: W/"e0-1801fba4773"
cf-cache-status: EXPIRED
last-modified: Tue, 12 Apr 2022 21:42:23 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yx8I7NO1hGRXar3%2B%2FON8LMvA2H8EPp%2BtVvny7CRCmnEVDqKfcD9Z8WiJhLXAQLPZzKB9RGvdt76%2BEPPOpr788WQuU1u%2B2MwcdMeDcQcTAYqjyK3dTglWTTBbiWem%2FKPtuFPuZSIaDE63Ldpk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 722aee2659078c3f-EWR

GET
H2 200 sw.js Show response
www.tumgir.com/ 100 KB
38 KB 38ms
36ms Script
application/javascript 2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/sw.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8c382d76b7f3c936b789e587ff26a8383cb504a1b7c7f6183f80a45d2a464c9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3019338
x-powered-by: Express
last-modified: Sun, 13 Mar 2022 22:02:35 GMT
server: cloudflare
etag: W/"190ed-17f854dffbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BkQs237lBT5DqpXhGplGz6hgjh5ckaGKp7E0TQCqP%2B8uqmJRxuP6%2Fv8XehhOGchV1LbOry0wgNczeJlsACK9oUG7YqsAx5uojZMfFPL6yRj%2FeE%2Bwe4XOpYzY7rCt%2F1I6xWb3anuPH1JztpJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 722aee2659088c3f-EWR
expires: Sun, 09 Apr 2023 17:38:52 GMT

GET
H2 200 / Show response
d18g6t7whf8ejf.cloudfront.net/ 253 KB
78 KB 196ms
120ms Script
text/plain 54.192.100.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.100.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-100-18.ewr53.r.cloudfront.net
Software: /
Resource Hash: 4b47d0eccb7e8539b24b4072e66f245e9e9760231a3fe936a002b067be2ba209

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:16 GMT
content-encoding: gzip
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 79266
via: 1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-id: Hu1pecLpkwcC6Kvihj9VDmo6KifPKllwFCW2I_tfmF00JSyDFt7tkQ==

GET
H2 200 / Show response
dmmzkfd82wayn.cloudfront.net/ 293 KB
96 KB 198ms
120ms Script
text/plain 2600:9000:21da:7800:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:7800:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 25b34ba303bfb03c53d820d485b9a62db13f96405767e267b25cfab7034aedd5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:16 GMT
content-encoding: gzip
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 97915
via: 1.1 95a7b3c60127f88f316c1c042cf353c2.cloudfront.net (CloudFront)
x-amz-cf-id: lL38PW-xg4h7cvMhDNtc0ctrd1z0L1d6H7lMqE_tptsoSMmHmeKpbw==

GET
H2 200 vidjs Show response
video-serve.com/ 1 KB
1 KB 129ms
54ms Script
application/json 65.8.49.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video-serve.com/vidjs?tid=947040
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.49.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-49-110.ord52.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: cc5b52f2199694e4c1785d9231fd52d4140118eb8133d9303cb7d1bdffb231f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:16 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: ORD52-C3
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-type: application/json
content-length: 694
via: 1.1 badab051f20260e92b32c4e484de4db8.cloudfront.net (CloudFront)
x-amz-cf-id: f-CNoPLVZhQpTs6G3R2LMFjAPlSz8djp39pHz7RJ9kVWzxih6C87PQ==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 233ms
60ms Script
application/javascript 104.126.112.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.112.161 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-161.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 29 Jun 2022 01:36:16 GMT
x-host: s7.addthis.com
content-length: 116379

GET
H2 200 QmhhS0s5ShI8FDcaDWlxYAAVPzsxUk5kPDUfTz8%2BLw8IOWUhBwxkODVGCzhpbkoSJi1gUlBnaTEFF2lxYFxPe2luShUqLB0BBWlxYFBVfXxzWENnaTEdAxQiJlpDcWlyUAR%2BeHJZA2ZzI11ZZn8mWFNmKXcNAmZ9dwlZfn90DgMuKnRKHA Show response
mefagetobri.top/ 56 KB
23 KB 110ms
33ms Script
application/javascript 44.195.137.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mefagetobri.top/QmhhS0s5ShI8FDcaDWlxYAAVPzsxUk5kPDUfTz8%2BLw8IOWUhBwxkODVGCzhpbkoSJi1gUlBnaTEFF2lxYFxPe2luShUqLB0BBWlxYFBVfXxzWENnaTEdAxQiJlpDcWlyUAR%2BeHJZA2ZzI11ZZn8mWFNmKXcNAmZ9dwlZfn90DgMuKnRKHA
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-137-121.compute-1.amazonaws.com
Software: / Express
Resource Hash: 5490e137a56afd4f93c0eee6ef99899efdb829d8b9fabf8baa669badf48c546a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"e0f8-Vz5EqeUr1XnSDeppfr6/quLo++U"
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 72ms
21ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134279593-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2389
date: Wed, 29 Jun 2022 00:56:27 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 29 Jun 2022 02:56:27 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 45ms
43ms XHR
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1210031067&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumgir.com%2F&ul=en-us&de=UTF-8&dt=Tumblr%20Online%20Web%20Viewer%20and%20Statistics%20%7C%20Tumgir&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1521155742&gjid=1090535591&cid=1947690519.1656466577&tid=UA-134279593-1&_gid=1367683839.1656466577&_r=1&gtm=2ou6r0&z=1785040376

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumgir.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
101 KB 97ms
33ms Fetch
binary/octet-stream 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4330
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Jun 2022 00:24:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbZ2hVDdp01hcGsUEl7%2BvY9sKSyPlR0wapLnk5qqUeZf2UeT%2FCcYR8H27MRkmoxCQ7DdDSDRN%2F3ZhliMZYgff9V%2FvoXlf8KuLTEqKHFO13OZrIxnPsrw%2FdGxePb39jogYjRq5bDK%2FpzkwPfJ"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.tumgir.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 722aee28bc188cc6-EWR
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 26 B
379 B 120ms
56ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 653536251eaa98d6348d2839afc61e980db2d2588b9a642deb50604d4bca038d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLXTxJUxksVeQqWOAxBKq3PMRH9N2bBZtmRozq71C6JEyUXViszCaeJ%2BBumEKiOyIbaz3CMAKjfg6fDv788yMweTqtkV9qHyukCj3RtDOy1nWTS0KUMeoZrkH8mQxxJD8UcQk7dB1%2FTqMuvr"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 722aee28bc1c8cc6-EWR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
getherefwuk.xyz/ 0
491 B 135ms
32ms XHR
text/plain 99.84.37.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://getherefwuk.xyz/utx?cb=Z5lzNJ8gjF52&top=www.tumgir.com&tid=921528
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-37.ewr52.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:16 GMT
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: 5BV8gmONiNemnaAULht_L7QVNwl8WSSVTTZoaDb1T5wvVB9QFJYK5w==

GET
H2 200 Qi4cPw Show response
getherefwuk.xyz/Sm53MFcrDBRdaCtTFRYiOAJKFWUMS0V2MycDDVsxLlZFRzYzAFlTOyUbE1YlJQADHjkvGlICEQg8R2YYGCYQWxwjLx5iLQcdPF47CAovYmAuBTVYGzBeBXY9Llo0cwIIJTV1EAQJMmIRDQkAcT4EWhFdHh8kHkMnLzhDWRwzX0JjAA8FPFkND... Frame A843 3 KB
2 KB 105ms
38ms Document
text/html 99.84.37.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://getherefwuk.xyz/Sm53MFcrDBRdaCtTFRYiOAJKFWUMS0V2MycDDVsxLlZFRzYzAFlTOyUbE1YlJQADHjkvGlICEQg8R2YYGCYQWxwjLx5iLQcdPF47CAovYmAuBTVYGzBeBXY9Llo0cwIIJTV1EAQJMmIRDQkAcT4EWhFdHh8kHkMnLzhDWRwzX0JjAA8FPFkNDA1FfWEELBRDMg5WDnQDAxw+czwsIw12OAc8GwYcCStSAhUPPQRAG3goPHEPCAkTdmZ7CiBpLQ89HFgeHiM7aTkuS0VyHC0WHlRkf18kdzt7D0RTYRMAExVlCCMPdScpXQdYBD04EFYfGy8UaBEkNyJAZAAqWgRnDC0+SRwzNyN8PQwcE1piMwoZXCYZXTFXMQI8JnwUelg8YgUjCgABPxkAFEAdM1YTaTkuS0VyHjJeHHw+DBovaAF7IiRHHAEtEEIOHwE1VB9/XSFeMzgLRGIYLlwDBzN7X0ZUA3oCP1kOeSRFdhwLNjUJNHs0R1NlLRYlaA5sBARfOTpTMVEuJTo/Qi4cPw
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-37.ewr52.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 86d28f05adc6b685d284fb725bfbe9790f65f4b29a0bcb9d8e744cbe45f21bc8

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1227
content-type: text/html
date: Wed, 29 Jun 2022 01:36:16 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
x-amz-cf-id: BmEcuEoHJ_NMjVcRLb_JjOs_3hUWDLgyGfHyy7DEFtGYNCMixBXViw==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H2 200 IQQ5dgE3Hx1vCBNmNG0LIDYVficyECl7FCMDLG8IUCUxQAAnFC9idic5LW4UCioueRxRORluKh4UL2J2IWMQXRcKOjp5IC4qHlQcLhAVeiI1AzV5ADAlLWAYMTgzaRQFBSt6PjI8VVsIPmEMcw8DCABeIjUIL0I5UBEuCBg+NUF6DxMTTHIfXQc+bxRcE0lqGjQrN... Show response
getherefwuk.xyz/Ung4TmQzGlsjWzNFWmgRIBQFa1YUXQoIAD8VQiUCNkAKOQUrFhYtCD0NXCgWPRZMYAo3DB18Ijwsfx8cHz5pOCdjQW8vHjU2bh9VIR1uLSITP3I/IDkyXgEOKiJdBiERNnx/MgcpdXshNS4NCBM2O2obCyUbbh88CjxtJyUlD28DNxswfA8iK... Frame 230A 3 KB
2 KB 1713ms
1659ms Document
text/html 99.84.37.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://getherefwuk.xyz/Ung4TmQzGlsjWzNFWmgRIBQFa1YUXQoIAD8VQiUCNkAKOQUrFhYtCD0NXCgWPRZMYAo3DB18Ijwsfx8cHz5pOCdjQW8vHjU2bh9VIR1uLSITP3I/IDkyXgEOKiJdBiERNnx/MgcpdXshNS4NCBM2O2obCyUbbh88CjxtJyUlD28DNxswfA8iKzRpDDAWL3o/IQQ5dgE3Hx1vCBNmNG0LIDYVficyECl7FCMDLG8IUCUxQAAnFC9idic5LW4UCioueRxRORluKh4UL2J2IWMQXRcKOjp5IC4qHlQcLhAVeiI1AzV5ADAlLWAYMTgzaRQFBSt6PjI8VVsIPmEMcw8DCABeIjUIL0I5UBEuCBg+NUF6DxMTTHIfXQc+bxRcE0lqGjQrNnYIJRgTdDkcFiBCJRQDKXZ8PgoAYAYTEE5dGDUaOXA+UQQAaQ0+FkB+GFUXFXIbIRYcVQhBYD5tNlwWIVUhNhY5fWgOIRdWPlkbOW42PTYZbzsSZjF7BQ
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-37.ewr52.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: d419f70aa630431c3a65a1e513fbaea6f9ea8eebf818464cec64698f521a4117

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1220
content-type: text/html
date: Wed, 29 Jun 2022 01:36:18 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
x-amz-cf-id: 8FJfWQyITDD1RpR0zn5Tpp4-RNm6M31jUOGH0Wy4Z_czagkwot-6ww==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 67ms
56ms Fetch
binary/octet-stream 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4330
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Jun 2022 00:24:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmOvZiLfhdH4SBFLAVrRM3%2BILG6KGY%2Ba00SjJ0PnRe5%2FdaFSF2OvjHkYr1yO6BQNoFrUWvm8WTMDju2nC1X8HSPYuzuXSL%2FpZbN7uTMpAkxcl%2BYLrd086QKBMkaLjStQrrzBxatGysEpn5xd"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.tumgir.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 722aee28bc228cc6-EWR
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
367 B 67ms
57ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1021ef1d8c44f5edfb7f43bb321a89c125a401fe7b798f72e387b25fb249edb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLF5aeDZnY2EtoaYa4g%2FSpotkvMINYf3n1lqpF0oG4o5C%2B1lgfbRvJYX%2FaWsf3MbtPS7oUb4klATGxCTiA%2Fvpwch8FFjui4PN2aTAzSVVS4L5Xn%2FN6IbFLvOabJ3z%2F1cOoTF5aMgQFafaz%2Bj"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 722aee28bc1f8cc6-EWR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
getherefwuk.xyz/ 0
490 B 84ms
33ms XHR
text/plain 99.84.37.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://getherefwuk.xyz/utx?cb=sdrJNmWXbPgJ&top=www.tumgir.com&tid=853405
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-37.ewr52.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:16 GMT
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: 3ecKy2Nu-OLO_SZA5bfRJKI-sDSlgEV2H5wtg9cIxLCAZeDuWTUD2g==

GET
H2 200 BCw0QxU7eyw8AioQGwIDCiQNAXMKGjBNDigxNRYHZCgJGigyfzAbcyUkDkA1Bg Show response
getherefwuk.xyz/QkJ6dUYjIBkYeSN/GFMzMC5HUHQEZ0gzIi8vAB4gJnpIAic7LFQWKi03HhM0LSwOWygnNl9HAAMREB0JD3I/BRA7ACwTLHcQMRJzdyQNAXADcSgGEyhzGTk8LQQ4M3dyDixBcAAoMzoOKDIwPx4hCxszfiUIPEw8BBErHhFxDzkvPzYhNjRzc... Frame BA8A 3 KB
2 KB 95ms
58ms Document
text/html 99.84.37.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://getherefwuk.xyz/QkJ6dUYjIBkYeSN/GFMzMC5HUHQEZ0gzIi8vAB4gJnpIAic7LFQWKi03HhM0LSwOWygnNl9HAAMREB0JD3I/BRA7ACwTLHcQMRJzdyQNAXADcSgGEyhzGTk8LQQ4M3dyDixBcAAoMzoOKDIwPx4hCxszfiUIPEw8BBErHhFxDzkvPzYhNjRzcyA/AmNwACI2NnERLh0BDAEoIg9zE0slLnZ1LxsxLBQAJycOESAvJzUHMhM+GGdINwAsDEwwAi4jNgxzGg0vNy0nAx0SFHAQTjYOegYYRikmJCIzLScDHUARK3tCMQExAztHfgkkEQF1JCo8BwcaBwgmAm93HD8CcyY2MyEtEhJEfiYaKEACcAM7EXR6CRwdNTMLEQIsGnAoQSNwMTgWFRgQMCMcKSc7EjYUKzMdEHAhLRZ1MiAwHgM3CEtENAMTHkIFCnIeFhETDBwSEDoYO0R/BCw0QxU7eyw8AioQGwIDCiQNAXMKGjBNDigxNRYHZCgJGigyfzAbcyUkDkA1Bg
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-37.ewr52.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 6d6956c023ba3773c9edee297ac63d9d799dc7b462add47ddbc872588fb24c3d

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1226
content-type: text/html
date: Wed, 29 Jun 2022 01:36:16 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
x-amz-cf-id: niAXpCyjXSpeNHeBrUcT77TSRh4WeMSKlMv7eQvucIbuIxHwDb78iw==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H2 204 Gx5aT3lDT1VObQITA0t6VAkTFz8HCVpHbRsUARl2VAxaR2VBTklEfFxLQQN2Q1wTBioVR1ZQOwYOC0t6RE9RQn1ET1BAfUpM
ationsuchasr.xyz/emd2S3JVWBU4Ty0yQ3ojSjEELxk8VBJ5S0k1GDtAGC8sDBEiKlA/ 0
493 B 108ms
44ms Image
text/plain 2606:4700:3037::ac43:c9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ationsuchasr.xyz/emd2S3JVWBU4Ty0yQ3ojSjEELxk8VBJ5S0k1GDtAGC8sDBEiKlA/Gx5aT3lDT1VObQITA0t6VAkTFz8HCVpHbRsUARl2VAxaR2VBTklEfFxLQQN2Q1wTBioVR1ZQOwYOC0t6RE9RQn1ET1BAfUpM
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piP54978Q%2B5J0747LvT%2F3gE8ABJBQGY%2Fh07PPsms8xOIbq94fwGbm4Iqgg0K4K6pQPlb%2B2g7IWSVHlY8Og9dBNht10B7mCmA0tUhX2Pi%2BJWolpWRXTzsXl76Br0e7mlneBqNh2v1H4WNKVxJ9X6Y"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 722aee29280d8c23-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 231ms
170ms Image
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 154ms
91ms Image
text/html 2607:f8b0:4006:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200d New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 269ms
206ms Image
text/html 2607:f8b0:4006:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200d New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 204 Njd2dVEZCBUGbGNbGj0ebmURFz9zficyC0VTAQ0UbGAaUGNwczM8d0JeEkhpAwRCRWcQRx8RbAcPUAYlV0MDBmwHER8bN1kKUANsBxlGW2AYBVAAbAcRAgUwUQpHUyFCQxpIYAACQEFnAAJBQ2YEBg
ationsuchasr.xyz/ 0
269 B 149ms
86ms Image
text/plain 2606:4700:3037::ac43:c9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ationsuchasr.xyz/Njd2dVEZCBUGbGNbGj0ebmURFz9zficyC0VTAQ0UbGAaUGNwczM8d0JeEkhpAwRCRWcQRx8RbAcPUAYlV0MDBmwHER8bN1kKUANsBxlGW2AYBVAAbAcRAgUwUQpHUyFCQxpIYAACQEFnAAJBQ2YEBg
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFJlcMEe2BdnDgZCGaNstE5o%2B6VPSOmL4eaSjZsRaIhM0gktF3w%2BjOM6R%2B2J%2FYN64vf%2BR%2BZW4G%2FzqvLlOOiSzx%2FMbr%2FA5kzSBZ792fw3Ng9Q4LsarvQdxDT%2FpiPbJCOkcyAtT2nsk8S4Tp%2BMxxMJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 722aee2928108c23-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 TWZwdnhiWRMFRRgNPiYhIQoZExZ0PhExMnsANiAJLAgmU0oPM0IZXjkPFEtAeFVERk1rFhkSRX9fVgUMLBIFBUV8QBkYHiJbVgBFfEhAWE11SEJQDXBXVgIILAFNR149EgQaRXxQRUBMe1BFQU56VUY
ationsuchasr.xyz/ 0
263 B 120ms
57ms Image
text/plain 2606:4700:3037::ac43:c9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ationsuchasr.xyz/TWZwdnhiWRMFRRgNPiYhIQoZExZ0PhExMnsANiAJLAgmU0oPM0IZXjkPFEtAeFVERk1rFhkSRX9fVgUMLBIFBUV8QBkYHiJbVgBFfEhAWE11SEJQDXBXVgIILAFNR149EgQaRXxQRUBMe1BFQU56VUY
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NrnSuG4OZXC98bXHaXbnlN9VNwuVNxNZeI5VLx4Pub4KNEJTXMtN%2BfO6UCUQBrPIYimCIpfYe0sE9LLAqbZlql%2BGoB9j5FH55Ko5bINA%2BYUHrKPK59OGy%2F5GRA%2F8AaIMzWMnOxKKfa5W57zvU20"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 722aee29280f8c23-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 335ms
33ms Fetch
binary/octet-stream 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:17 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4331
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Jun 2022 00:24:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRvrV%2Bd%2B0C0CPWYdpoBZU7gJ7%2BfZrNClaSuBcyrqGF%2FNh6MrZZUPtQhXNyUAV%2BaBsb26EOStpZokAAVceYZe5HRyRuDpHENqxA3Ou8IUL0wNDxSxYq2phCciq3Haz8HCzaTlJmSKhLsQpoH6"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.tumgir.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 722aee2b1a0c8cc6-EWR
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
365 B 356ms
55ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1021ef1d8c44f5edfb7f43bb321a89c125a401fe7b798f72e387b25fb249edb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvL2180duBNvwLS2o32vDhSwhmiWbSV1P6xRp%2BspgJJuki3pV4ig%2FVuvenF9nyTMwEErsi1%2B8MehVuf1ULK5pnOFy6HdelWOdl6VYg%2FvcU%2BwMjR1TebFaUQL9IWYrwui8KLtOOf%2F3uG1RlKT"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 722aee2b1a0e8cc6-EWR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
getherefwuk.xyz/ 0
489 B 61ms
60ms XHR
text/plain 99.84.37.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://getherefwuk.xyz/utx?cb=JvKlI4hL14ef&top=www.tumgir.com&tid=852974
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-37.ewr52.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:16 GMT
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: nrScPuPT8IJtXfA50outR9O7-HOGaNhNn_K7YisaG3WM9fPT-WlB5Q==

GET
H2 200 NQ86IBEkEiIdCjAwNS0cHCUfDAokLhssH0MvJDEYCjwyExdFJzUQHzoPLj8PIzNEHTU8IjAtHx4wHDkbIzEhLwgKLDMdITM0IioYRyUbLR88VUIpCwoKNB4MJyA0ExhUDAQXNwJbJU0xIxMGEwwRIzpMKD8 Show response
getherefwuk.xyz/eFlyZncZOxELSBlkEEACCjVPQ0U+fEAgE0lhFVADTy4aAE8dMxRIFBQ2BwIRCjYcElkWPAZDRT4MK1U2SzonFTYwaBk+Ezo6KDNHACMkDT43CxxfMT8yIwM9Khc8PCIpMz8BIT8eGlI2NgECIDgRbCU3AAsvKg02KhEhCTk+LgI+Ox9pJiUcO... Frame 8E2B 3 KB
2 KB 53ms
53ms Document
text/html 99.84.37.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://getherefwuk.xyz/eFlyZncZOxELSBlkEEACCjVPQ0U+fEAgE0lhFVADTy4aAE8dMxRIFBQ2BwIRCjYcElkWPAZDRT4MK1U2SzonFTYwaBk+Ezo6KDNHACMkDT43CxxfMT8yIwM9Khc8PCIpMz8BIT8eGlI2NgECIDgRbCU3AAsvKg02KhEhCTk+LgI+Ox9pJiUcOi0zDiUuDTpfMTocEQM+Pm00MSUtLDA0GyIfMV8xOg8oKz0fLjk+H0g3MwoiPhdBUzkpGzgiEkgqOj4fQC82JxM9DzoKIzAyPDMSLhcwJEZBbiANOUkPOgojOmhGABEuPSQkMzYsJzM1KAtBXzwuCF8wNTMxPycgAAhKJB8yOjUiTj8IHCAyHR8gAzU9PQczIjk/NQ86IBEkEiIdCjAwNS0cHCUfDAokLhssH0MvJDEYCjwyExdFJzUQHzoPLj8PIzNEHTU8IjAtHx4wHDkbIzEhLwgKLDMdITM0IioYRyUbLR88VUIpCwoKNB4MJyA0ExhUDAQXNwJbJU0xIxMGEwwRIzpMKD8
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-37.ewr52.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 61963183a18ebeb68aeada41ce4e420eabc42df4b02db46818512d20222646d7

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1234
content-type: text/html
date: Wed, 29 Jun 2022 01:36:16 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
x-amz-cf-id: CKMthH_I9CdyR8GoPDYIrkWVtpDZ_AsK4UNSGnJUd7dARs6XUE_YAg==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 332ms
31ms Fetch
binary/octet-stream 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:17 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4331
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Jun 2022 00:24:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9N4m6dQ4BfqwXi8kEHvQT015eVHDDmbEx2nMivnZEJhjJqHDIzsutehCrRrgK6fhYbMKLsox23cp6vDceFLMExIt0owQi1lgDwr10ZBMf%2FaZbl09oKry9yasw78XbjP0S%2F2X2K3TJKo%2Bs9k"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.tumgir.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 722aee2b3a708cc6-EWR
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
314 B 356ms
56ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1021ef1d8c44f5edfb7f43bb321a89c125a401fe7b798f72e387b25fb249edb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swl%2BXPg9UrWmsWayjt%2BZTO1v0DXV0thCFnWkh5V%2B%2FD82kAYZBZ%2FdQW9IZZOLsWr1F8nJ5aBO1fZ5WM%2FsHqS6o6iGTkjdi6xN1l%2FP3Zf150xayedpICNWCLSGT%2FHGCLex4A6rgpiYIYAFCrXl"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 722aee2b3a758cc6-EWR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
getherefwuk.xyz/ 0
490 B 53ms
52ms XHR
text/plain 99.84.37.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://getherefwuk.xyz/utx?cb=vrdEmKinz8yq&top=www.tumgir.com&tid=853405
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-37.ewr52.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:16 GMT
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: tcNlJLUrqU83ugj0KQHlPeqNVZ9aw3GfjlcevJVpsk9UVbm9Y-L8aQ==

GET
H2 204 IzcPH3YTHS5vaFJGc2VkQQQjNm1URmwhJAYAPyFtVlIjPDYISWwkbVdacnxoSUZsJ21WUj4iMQBJe3QgEwAmb2FRQXxmZlFBfWRoVUQ
ationsuchasr.xyz/SlJQZ3RlbTMUSRAHGR47AhgzBBMfEwNWInoRN1IwHxo/ 0
256 B 41ms
40ms Image
text/plain 2606:4700:3037::ac43:c9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ationsuchasr.xyz/SlJQZ3RlbTMUSRAHGR47AhgzBBMfEwNWInoRN1IwHxo/IzcPH3YTHS5vaFJGc2VkQQQjNm1URmwhJAYAPyFtVlIjPDYISWwkbVdacnxoSUZsJ21WUj4iMQBJe3QgEwAmb2FRQXxmZlFBfWRoVUQ
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnYHbrtJ0hciNEV510y2Sel1k2MPfOGpSmGyF0ep94TCMT5oXF15XYyDLjctxvi6nYRwPPOB4DOJ8t1xvlkilp%2FdeDgjwv2B6MucPK%2FLXdjYi0VB1S6J7qf6ZhW5eJd8gmzAunAC4rx1dyU%2FfmmU"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 722aee2968948c23-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 WjJ2RWF1DRU2XD9nQjIzDlY3IwY+CzIuDW5xPggmDnovBwULa1AxCD4PTnBTYwVCYxEzVkt2U3xBAiQVL0FLd1FqBVAsDzxdS3dHLA9Ga1l0Clh3Ry8PR2MVKlMReFB8QgIxDWcDQHBXbgRAcFZsCkR3
ationsuchasr.xyz/ 0
256 B 40ms
39ms Image
text/plain 2606:4700:3037::ac43:c9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ationsuchasr.xyz/WjJ2RWF1DRU2XD9nQjIzDlY3IwY+CzIuDW5xPggmDnovBwULa1AxCD4PTnBTYwVCYxEzVkt2U3xBAiQVL0FLd1FqBVAsDzxdS3dHLA9Ga1l0Clh3Ry8PR2MVKlMReFB8QgIxDWcDQHBXbgRAcFZsCkR3
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xcubm4LXVoF95lgcwbV%2BVmlbAOTxUssowqGpfkfrZDfFM8ZEpAo0HWd2ldrLIAsyIsj1YIzvXOKo%2FV21Fj7BlvkVW9yG1BpUH4mfSLAF7VGdfLhobsgnRznqqzAzs6LUaTREXu5aTv4fiq5gIM4"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 722aee2968958c23-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 96ms
23ms Script
application/x-javascript 184.29.129.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.29.129.187 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-129-187.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:16 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: C303B71F141B61E5
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=29695
accept-ranges: bytes
content-length: 948
x-amz-id-2: 7pAaKEdoMJa/ikZep7mvjWEMsvbZ4+R8C+sgB4yo2oTBotb6fMHwF6xyll++Pe0mVwcDgfKEU0M=

GET
H2 204 utx Show response
getherefwuk.xyz/ 0
491 B 44ms
44ms XHR
text/plain 99.84.37.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://getherefwuk.xyz/utx?tid=846710&top=www.tumgir.com&cb=c2q7nHA6eGhj
Requested by: Host: mefagetobri.top
URL: https://mefagetobri.top/QmhhS0s5ShI8FDcaDWlxYAAVPzsxUk5kPDUfTz8%2BLw8IOWUhBwxkODVGCzhpbkoSJi1gUlBnaTEFF2lxYFxPe2luShUqLB0BBWlxYFBVfXxzWENnaTEdAxQiJlpDcWlyUAR%2BeHJZA2ZzI11ZZn8mWFNmKXcNAmZ9dwlZfn90DgMuKnRKHA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-37.ewr52.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:17 GMT
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: II8tTY_VFFESVbLenJN-BgStXmFBdVW-CUlaEitQZtNSPqJ9bKgmBA==

GET
H2 200 BR0VORHgkKiAiRzMsKnlBdXR7dkBhLz0rFjd4CCUBKBEGNgERFGgwAiN4fmIUJispeV4iKy15SWEkKiZFc2M6NBcseD8yDTIrICkfMzFoMRl6KCE+ESspL2FKAXBgdF11dWYzESkhITMLYnd+Kgxid351SGl1a3c6Ynd+MxEpc3phSwVgfHQAcXFnYUp3JD-40FCI... Show response
dmmzkfd82wayn.cloudfront.net/ Frame A843 950 B
935 B 94ms
92ms Script
text/plain 2600:9000:21da:7800:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/BR0VORHgkKiAiRzMsKnlBdXR7dkBhLz0rFjd4CCUBKBEGNgERFGgwAiN4fmIUJispeV4iKy15SWEkKiZFc2M6NBcseD8yDTIrICkfMzFoMRl6KCE+ESspL2FKAXBgdF11dWYzESkhITMLYnd+Kgxid351SGl1a3c6Ynd+MxEpc3phSwVgfHQAcXFnYUp3JD-40FCIyKyYTLjFrdj5ydnlqS3FgfHRQLC06KRRidw1hSncpJy8dYnd+Ix0kLiFtXXV1LSwKKCgrYUoBdH53Vndre3ROd2t7d111dT0lHiY3J2FKAXB9c1Z0c2gxRXY
Requested by: Host: getherefwuk.xyz
URL: https://getherefwuk.xyz/Sm53MFcrDBRdaCtTFRYiOAJKFWUMS0V2MycDDVsxLlZFRzYzAFlTOyUbE1YlJQADHjkvGlICEQg8R2YYGCYQWxwjLx5iLQcdPF47CAovYmAuBTVYGzBeBXY9Llo0cwIIJTV1EAQJMmIRDQkAcT4EWhFdHh8kHkMnLzhDWRwzX0JjAA8FPFkNDA1FfWEELBRDMg5WDnQDAxw+czwsIw12OAc8GwYcCStSAhUPPQRAG3goPHEPCAkTdmZ7CiBpLQ89HFgeHiM7aTkuS0VyHC0WHlRkf18kdzt7D0RTYRMAExVlCCMPdScpXQdYBD04EFYfGy8UaBEkNyJAZAAqWgRnDC0+SRwzNyN8PQwcE1piMwoZXCYZXTFXMQI8JnwUelg8YgUjCgABPxkAFEAdM1YTaTkuS0VyHjJeHHw+DBovaAF7IiRHHAEtEEIOHwE1VB9/XSFeMzgLRGIYLlwDBzN7X0ZUA3oCP1kOeSRFdhwLNjUJNHs0R1NlLRYlaA5sBARfOTpTMVEuJTo/Qi4cPw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:7800:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac9c7387c32ced659809337df61d63c10f4c1ae0ade00da9a17fd48da0fe0e38

Request headers

accept-language: en-US,en;q=0.9
Referer: https://getherefwuk.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:17 GMT
content-encoding: gzip
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 659
via: 1.1 95a7b3c60127f88f316c1c042cf353c2.cloudfront.net (CloudFront)
x-amz-cf-id: 9CM9aL3_UA8kV93vyy7JUk54_YNnjn1rnncc2thvaXPtOLqEfahWLg==

GET
H2 200 ASjhOM0EpVyBVfj5RKg55fwt6A3RsUj1cLzoFBF10LV46BjIOHjpJJXcIaF8gJF9zFSQkW3MCZytcLA51bEw+XCp3SThGNCRWI1Q1Ph47UnwnVzRaLSZZawEHfxZ+FnN6EDlaLy5XOUBkeAggR2R4CH8Db3odfXFkeAg5Wi98DGsAA28Kfkt3fhFrAXErSD-5fJD1... Show response
dmmzkfd82wayn.cloudfront.net/ Frame BA8A 577 B
709 B 106ms
104ms Script
text/plain 2600:9000:21da:7800:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/ASjhOM0EpVyBVfj5RKg55fwt6A3RsUj1cLzoFBF10LV46BjIOHjpJJXcIaF8gJF9zFSQkW3MCZytcLA51bEw+XCp3SThGNCRWI1Q1Ph47UnwnVzRaLSZZawEHfxZ+FnN6EDlaLy5XOUBkeAggR2R4CH8Db3odfXFkeAg5Wi98DGsAA28Kfkt3fhFrAXErSD-5fJD1dLFgoPh18dXR5D2AAd28KfhsqIkwjX2R4e2sBcSZRJVZkeAgpViIhV2cWc3pbJkEuJ11rAQd7CH0dcWQNfgVxZA19FnN6Sy9VIDhRawEHfwt5HXJ8HjsOcA
Requested by: Host: getherefwuk.xyz
URL: https://getherefwuk.xyz/QkJ6dUYjIBkYeSN/GFMzMC5HUHQEZ0gzIi8vAB4gJnpIAic7LFQWKi03HhM0LSwOWygnNl9HAAMREB0JD3I/BRA7ACwTLHcQMRJzdyQNAXADcSgGEyhzGTk8LQQ4M3dyDixBcAAoMzoOKDIwPx4hCxszfiUIPEw8BBErHhFxDzkvPzYhNjRzcyA/AmNwACI2NnERLh0BDAEoIg9zE0slLnZ1LxsxLBQAJycOESAvJzUHMhM+GGdINwAsDEwwAi4jNgxzGg0vNy0nAx0SFHAQTjYOegYYRikmJCIzLScDHUARK3tCMQExAztHfgkkEQF1JCo8BwcaBwgmAm93HD8CcyY2MyEtEhJEfiYaKEACcAM7EXR6CRwdNTMLEQIsGnAoQSNwMTgWFRgQMCMcKSc7EjYUKzMdEHAhLRZ1MiAwHgM3CEtENAMTHkIFCnIeFhETDBwSEDoYO0R/BCw0QxU7eyw8AioQGwIDCiQNAXMKGjBNDigxNRYHZCgJGigyfzAbcyUkDkA1Bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:7800:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: becd54293c72fac547b949dc3c2393dd3a2db749f1eaecf278836971d9d2ed5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://getherefwuk.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:17 GMT
content-encoding: gzip
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 432
via: 1.1 95a7b3c60127f88f316c1c042cf353c2.cloudfront.net (CloudFront)
x-amz-cf-id: 1qgRuvxg0u7oXpOaOI_LaplznWgGaMEYSo_Gd4pzAZnUHygIcxNW-w==

GET
H2 200 UY3A3cUsAH1kXdBcZU0xzVkIORn9FGkQeJRNNZUQjMgVGGh4ANXpFOi5WQwsvXkARHSoNFwpXLg0TCkBtAhRVTH9FBEceIF4FWRUuBRlZFC9FBVZMJgwKXh0nAlUFN35NQBJDe0sHXh8vDAdEVHlTHkNUeVNBB197RkN1VHlTB14ffVdVBDNuUUBPR39KVQ-VBKhM... Show response
d18g6t7whf8ejf.cloudfront.net/ Frame 8E2B 418 B
618 B 110ms
109ms Script
text/plain 54.192.100.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/UY3A3cUsAH1kXdBcZU0xzVkIORn9FGkQeJRNNZUQjMgVGGh4ANXpFOi5WQwsvXkARHSoNFwpXLg0TCkBtAhRVTH9FBEceIF4FWRUuBRlZFC9FBVZMJgwKXh0nAlUFN35NQBJDe0sHXh8vDAdEVHlTHkNUeVNBB197RkN1VHlTB14ffVdVBDNuUUBPR39KVQ-VBKhMAWxQ8BhJcGD9GQnFEeFReBEduUUAfGiMXHVtUeSBVBUEnChtSVHlTF1ISIAxZEkN7ABhFHiYGVQU3elNDGUFlVkABQWVWQxJDexARURA5ClUFN35QRxlCfUUFCkA
Requested by: Host: getherefwuk.xyz
URL: https://getherefwuk.xyz/eFlyZncZOxELSBlkEEACCjVPQ0U+fEAgE0lhFVADTy4aAE8dMxRIFBQ2BwIRCjYcElkWPAZDRT4MK1U2SzonFTYwaBk+Ezo6KDNHACMkDT43CxxfMT8yIwM9Khc8PCIpMz8BIT8eGlI2NgECIDgRbCU3AAsvKg02KhEhCTk+LgI+Ox9pJiUcOi0zDiUuDTpfMTocEQM+Pm00MSUtLDA0GyIfMV8xOg8oKz0fLjk+H0g3MwoiPhdBUzkpGzgiEkgqOj4fQC82JxM9DzoKIzAyPDMSLhcwJEZBbiANOUkPOgojOmhGABEuPSQkMzYsJzM1KAtBXzwuCF8wNTMxPycgAAhKJB8yOjUiTj8IHCAyHR8gAzU9PQczIjk/NQ86IBEkEiIdCjAwNS0cHCUfDAokLhssH0MvJDEYCjwyExdFJzUQHzoPLj8PIzNEHTU8IjAtHx4wHDkbIzEhLwgKLDMdITM0IioYRyUbLR88VUIpCwoKNB4MJyA0ExhUDAQXNwJbJU0xIxMGEwwRIzpMKD8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.100.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-100-18.ewr53.r.cloudfront.net
Software: /
Resource Hash: f922ed58b7136d72b7f6321a6375f86a7972bbefd54fc949201cb3a7ce91a70b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://getherefwuk.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:17 GMT
content-encoding: gzip
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 341
via: 1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-id: v01b-4Kme26lcl9TfL8L48L7k5W9kj0DQFxvXLBoZkfAhS31Yu3bNQ==

GET
H3 204 ClxaQHIBXFpePkIKCUV7FBsaDCYPWlhNfAZdWE19BVpfQQ
ationsuchasr.xyz/a254SjJEURs5DyYpABNhPCM7HHUTVy0baD0PSwhjKTgqOFdaO14+Ww9TQXgDXlxAbEICCkV7FBgaGT5HGFNLegJaSBEkVARTSHoCWkgOdwNFXUxkAFxASWxHVl9IegtSX0x/ 0
513 B 73ms
45ms Image
text/plain 2606:4700:3037::ac43:c9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ationsuchasr.xyz/a254SjJEURs5DyYpABNhPCM7HHUTVy0baD0PSwhjKTgqOFdaO14+Ww9TQXgDXlxAbEICCkV7FBgaGT5HGFNLegJaSBEkVARTSHoCWkgOdwNFXUxkAFxASWxHVl9IegtSX0x/ClxaQHIBXFpePkIKCUV7FBsaDCYPWlhNfAZdWE19BVpfQQ
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pz%2F4hu%2FgpJciFYWK2qaqzTkDYxEIRM87GzuVvgVEKmj0gt8%2B3N%2BsybKYTtGVNyhDg36m%2FWiIUhmsNulsc5dwk3dRFT0JwuwHLLhaFUJwqrZWEWbaivad3cj9HwLN%2BsGL8Pt%2Fbohsp%2Bu4xbJQ9aH"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 722aee2b3a3e18f6-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 / Show response
happearedyn.xyz/ 0
37 B 98ms
26ms XHR
text/plain 44.195.137.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://happearedyn.xyz/
Requested by: Host: mefagetobri.top
URL: https://mefagetobri.top/QmhhS0s5ShI8FDcaDWlxYAAVPzsxUk5kPDUfTz8%2BLw8IOWUhBwxkODVGCzhpbkoSJi1gUlBnaTEFF2lxYFxPe2luShUqLB0BBWlxYFBVfXxzWENnaTEdAxQiJlpDcWlyUAR%2BeHJZA2ZzI11ZZn8mWFNmKXcNAmZ9dwlZfn90DgMuKnRKHA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-137-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
content-length: 0

GET
H3 200 popunder.gif
ationsuchasr.xyz/ 35 B
603 B 39ms
39ms Image
image/gif 2606:4700:3037::ac43:c9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ationsuchasr.xyz/popunder.gif
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: public
date: Wed, 29 Jun 2022 01:36:17 GMT
cf-cache-status: HIT
last-modified: Sat, 25 Jun 2022 23:42:00 GMT
server: cloudflare
age: 266057
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oObEKh7F8vX%2FiUxfKZJyhwyXKG8APSM9cXN9CB8zlXA%2BZ0gKVb7EFLnG%2BtQz4CD5E1QCK6U92XxEZplp3pE%2Bjy%2FNj0s%2BaJlx4phY3SSU0USoRpH9xXT%2FLBjOrX6ZE3MvbhR2MmdS%2FG%2B0DT%2BfoayW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 722aee2f9b0518f6-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 GxQQLD07KF5MRyUyJgUgBihfTwEKFFpRQFFJUF1TExkDVEZRVhQdFBcFFFRHU0BQTxwNFghUR0UGWllbW15fR0dFBVpYRVNJXlhBVkhQXU1bQ1BdUxcABg5IUlYXHQEPTVZfQFVEUV9AVEdfUUY
ationsuchasr.xyz/dWNwZ2laXBMUVDg3Ngs6IFc5Jj8/ 0
473 B 44ms
44ms Ping
text/plain 2606:4700:3037::ac43:c9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ationsuchasr.xyz/dWNwZ2laXBMUVDg3Ngs6IFc5Jj8/GxQQLD07KF5MRyUyJgUgBihfTwEKFFpRQFFJUF1TExkDVEZRVhQdFBcFFFRHU0BQTxwNFghUR0UGWllbW15fR0dFBVpYRVNJXlhBVkhQXU1bQ1BdUxcABg5IUlYXHQEPTVZfQFVEUV9AVEdfUUY
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EcrAuBKp%2FbzSK1SvgqWa2YIlq1OE%2BsHK1k7DGuQBQKooQ4tSblYEiNvXZqbnUA2Ov5jHaIrYHBbdM4i6B9k7DGHhWjKoFxqk2kHed24zk8u%2BD%2BFkjzsrE8NJwp1HekG4X%2BHHLB9Betf93ps11En"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 722aee2fdbca18f6-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 floater Show response
getherefwuk.xyz/ 2 KB
2 KB 341ms
340ms XHR
text/plain 99.84.37.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://getherefwuk.xyz/floater?cs=NVNBaWwMY3ZRVQVleV9dAGtwWV0&abt=0&red=1&sm=83&k=tumblr%20tumgir&v=0.8.8.2&sts=0&prn=0&emb=0&tid=852974&u=1009914587488374&agec=1656466576&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=124.68827930174562&ref=https%3A%2F%2Fwww.tumgir.com%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F103.0.5060.53%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td1_oi1_&_JbY9=1656466577884&crc=1
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-37.ewr52.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 7deac1eb3d2cd5e765c9d0af8aaff58127d71863860882a8daafab049d6349b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:18 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: text/plain
content-length: 1088
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
x-amz-cf-id: VOMnYc7ElItP70cj5GM2snjyxnd6hlTS_opNGsQywZpZOPwiHhJ9Jw==

GET
H2 200 multi Show response
getherefwuk.xyz/ 3 KB
2 KB 37ms
36ms XHR
text/plain 99.84.37.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://getherefwuk.xyz/multi?cs=RVRCeDJ1bXJNA3VtcU8BfWJzSQE&abt=0&red=1&sm=76&k=tumblr%20tumgir&v=1.0.58.2&sts=2&prn=0&emb=0&tid=853405&u=1009914587488374&agec=1656466576&fs=1&mbkb=124.68827930174562&ref=https%3A%2F%2Fwww.tumgir.com%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F103.0.5060.53%20safari%2F537.36&tzd=0&uloc=&if=0&_uuAD=1656466577886&crc=1
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-37.ewr52.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 73c45a61dc3968d0fcd2c2adac2f91602947713056187058b12893917220a9cb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:17 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: text/plain
content-length: 1391
via: 1.1 f312575ded1ce209349107064ef185be.cloudfront.net (CloudFront)
x-amz-cf-id: HXMoUjZ6vljpwcZsbHX7RBba_s5mjjevRcTzyJKzck-8kxqSnLy-oQ==

GET
H2 200 Ux8DYmoRDAE Show response
dmmzkfd82wayn.cloudfront.net/nTGQxMFQvC19WazgNVQ1seVcFAGJqDkJfOjxZeHECND1VUQM5EgV5FwdCRUowcVQXXDUiAwwWMSIHDAFyLQBTDWBqEVANOSMeWFw4LUEDdmFiVBQCZGQTWF4wIxNCFWZ8CkUVZnxVAR5kaVdzFWZ8E1heYnhBAnJxflRJBmB... Frame 230A 186 B
463 B 106ms
105ms Script
text/plain 2600:9000:21da:7800:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/nTGQxMFQvC19WazgNVQ1seVcFAGJqDkJfOjxZeHECND1VUQM5EgV5FwdCRUowcVQXXDUiAwwWMSIHDAFyLQBTDWBqEVANOSMeWFw4LUEDdmFiVBQCZGQTWF4wIxNCFWZ8CkUVZnxVAR5kaVdzFWZ8E1heYnhBAnJxflRJBmBlQQMANTwUXVUjKQZaWSBpVn-cFZ3tKAgZxflQZWzw4CV0VZg9BAwA4JQ9UFWZ8A1RTPyNNFAJkLwxDXzkpQQN2ZXxXHwB6eVQHAHp5VxQCZD8FV1EmJUEDdmF/Ux8DYmoRDAE
Requested by: Host: getherefwuk.xyz
URL: https://getherefwuk.xyz/Ung4TmQzGlsjWzNFWmgRIBQFa1YUXQoIAD8VQiUCNkAKOQUrFhYtCD0NXCgWPRZMYAo3DB18Ijwsfx8cHz5pOCdjQW8vHjU2bh9VIR1uLSITP3I/IDkyXgEOKiJdBiERNnx/MgcpdXshNS4NCBM2O2obCyUbbh88CjxtJyUlD28DNxswfA8iKzRpDDAWL3o/IQQ5dgE3Hx1vCBNmNG0LIDYVficyECl7FCMDLG8IUCUxQAAnFC9idic5LW4UCioueRxRORluKh4UL2J2IWMQXRcKOjp5IC4qHlQcLhAVeiI1AzV5ADAlLWAYMTgzaRQFBSt6PjI8VVsIPmEMcw8DCABeIjUIL0I5UBEuCBg+NUF6DxMTTHIfXQc+bxRcE0lqGjQrNnYIJRgTdDkcFiBCJRQDKXZ8PgoAYAYTEE5dGDUaOXA+UQQAaQ0+FkB+GFUXFXIbIRYcVQhBYD5tNlwWIVUhNhY5fWgOIRdWPlkbOW42PTYZbzsSZjF7BQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:7800:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1639283f9933ad5ca266246576dbbfc9fe38d5b672e4a217fe52f1cf6f2f3f52

Request headers

accept-language: en-US,en;q=0.9
Referer: https://getherefwuk.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:18 GMT
content-encoding: gzip
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 185
via: 1.1 95a7b3c60127f88f316c1c042cf353c2.cloudfront.net (CloudFront)
x-amz-cf-id: TiE-Oac7BNW0-ENTfWOba6Njzyq4WL-XnXEcvKBZeOE2q7bNqcCEPA==

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-6103d59079bcdcec/ 1 KB
680 B 141ms
139ms Script
application/javascript 104.126.112.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-6103d59079bcdcec/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-161.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e552184493eea74a53b11e52b6e6eec9c35d90cece6592d9bdf6cf1090ad8c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:18 GMT
content-encoding: gzip
etag: 706338575--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=38, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 504

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 101 B
2 KB 233ms
216ms Script
application/javascript 104.126.112.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=62bbac90ecd2093b&bkl=0&bl=1&pdt=245&sid=62bbac90ecd2093b&pub=ra-6103d59079bcdcec&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tumgir.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1656466578584&jsl=1&uvs=62bbac908c8efccc000&skipb=1&callback=addthis.cbs.jsonp__38723099609738540
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-161.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 347e1208b2f3973756b05682a8d0a72dac53ef24c79c334d35e7548256c45be4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:18 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
p3p: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
content-length: 101
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 74ED 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame C954 71 KB
26 KB 74ms
73ms Document
text/html 104.126.112.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.112.161 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-161.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Wed, 29 Jun 2022 01:36:18 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2

200

connatix.player.js Show response
cds.connatix.com/p/168135/ Frame 436E
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
https://cds.connatix.com/p/168135/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

1 MB
266 KB

45ms
22ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/168135/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4282a8de2182c98f4ea239ee9681dbb91cf59f6811aa94f8a286877d4d7f00ba

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: br
last-modified: Tue, 28 Jun 2022 17:40:20 GMT
age: 26556
etag: "f328a6239508ced0ebf1647b7f1daa1b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 271928

Redirect headers

location: https://cds.connatix.com/p/168135/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
date: Wed, 29 Jun 2022 01:36:18 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
H2 200 si
capi.connatix.com/tr/ 0
67 B 106ms
103ms Image
application/json 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=4774eef9-309c-40d8-8dc1-bf70e43e9987&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400
content-type: application/json

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 31ms
31ms Script
application/javascript 104.126.112.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.112.161 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-161.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 29 Jun 2022 01:36:19 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
255 B 145ms
119ms XHR
application/json 104.126.112.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tumgir.com%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.112.161 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-161.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.tumgir.com/
last-modified: Wed, 29 Jun 2022 01:00:00 GMT
server: nginx/1.15.8
date: Wed, 29 Jun 2022 01:36:19 GMT
content-type: application/json
access-control-allow-origin: https://www.tumgir.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
285 B 150ms
124ms Script
application/json 104.126.112.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tumgir.com%2F&callback=_ate.cbs.rcb_67ce0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.112.161 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-161.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

165238b8651e2b03bd048d2381866df08cb01bcc0ab4e9c6443ccbed19f54889

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.tumgir.com/
last-modified: Wed, 29 Jun 2022 01:36:19 GMT
server: nginx/1.15.8
date: Wed, 29 Jun 2022 01:36:19 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
285 B 154ms
128ms Script
application/json 104.126.112.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tumgir.com%2F&callback=_ate.cbs.rcb_2da10

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.112.161 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-161.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ea423d28639a7f818a20ac4af5efbda648296b0e23320cb8bfe1cb5b9d5076bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.tumgir.com/
last-modified: Wed, 29 Jun 2022 01:36:19 GMT
server: nginx/1.15.8
date: Wed, 29 Jun 2022 01:36:19 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/168135/ Frame 436E 0
47 KB 25ms
25ms Other
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/168135/hls.5b3b785f487abbe00eee.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: br
last-modified: Tue, 28 Jun 2022 17:40:20 GMT
age: 26556
etag: "182f65d040bfb9544bd8f71472475672"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48258

GET
H2 200 player.css
cds.connatix.com/p/168135/ 58 KB
9 KB 25ms
25ms Stylesheet
text/css 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/168135/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6b40f0d5cfa95c272e1a5a6c2ad7b9089ad07d3e938ea0f9f0693ab7f6a175e6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: br
last-modified: Tue, 28 Jun 2022 17:40:20 GMT
age: 26557
etag: "b07e9f868d1c559a08538d3b52f384bc"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 8890

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame 436E 74 KB
38 KB 107ms
107ms XHR
application/x-protobuf 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=168135&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 267bdbf461259f210cc0eed5384dd34030e07d6caacec7a3be9f7ce28d4ac8a5

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-max-age: 86400
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 insights.bin Show response
ins.connatix.com/c5112af1abfe0587ddf93309349ef99a/ Frame 436E 36 B
292 B 81ms
23ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/c5112af1abfe0587ddf93309349ef99a/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b92cb6b44cf533b7e5ffc29b4e542b12a3f6c12c106dac6a8884a574214c947f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: gzip
last-modified: Mon, 28 Mar 2022 15:32:44 GMT
age: 1273125
etag: "bb779e99d9ab70cbc408a7c2616a8eb3"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 56

POST
H/1.1 200
OK sr Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 436E 0
315 B 166ms
36ms XHR
application/x-protobuf 3.140.30.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=168135&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.30.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-30-91.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 107ms
47ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

sffe /

Resource Hash

e857717740a0d9d544899040de8791fac0a58b4d0259a1ceefc1c371ad3376a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28066
x-xss-protection: 0
server: sffe
etag: "1258 / 764 of 1000 / last-modified: 1656454075"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 29 Jun 2022 01:36:19 GMT

GET
H2 200 2_media.bin Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/6f94eccd-43d0-4879-931d-52a41a6ef84d/ Frame 436E 291 B
346 B 31ms
21ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/6f94eccd-43d0-4879-931d-52a41a6ef84d/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6bbd1a523e0c04fceea302f84a2156d02bae8209d7cb54a8479f3d2182910ff4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 02:29:06 GMT
age: 40547
etag: "490381953e0c6146f233a37d5367ead8"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 255

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 436E 372 KB
125 KB 119ms
68ms Script
text/javascript 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bc857b4d0e88a228918bffcd18989a34eb6458bcde621e8ab7ef8754c6a0f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126826
x-xss-protection: 0
expires: Wed, 29 Jun 2022 01:36:19 GMT

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3d1a4d948aad9346a081368570234b14e2%26pname%3dBeeswax%26api-tier%3d2%26uid%3d{userid}
https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D1a4d948aad9346a081368570234b14e2%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&_...
https://cks.connatix.com/cks?pid=15&ev=1a4d948aad9346a081368570234b14e2&pname=Beeswax&api-tier=2&uid=AAC5yk7Fd1kAABM89U-jVQ

132 B
166 B

25ms
23ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=15&ev=1a4d948aad9346a081368570234b14e2&pname=Beeswax&api-tier=2&uid=AAC5yk7Fd1kAABM89U-jVQ
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bd0b53038a53c25295979986a12c0a643dc7de4003638c76353a195a685a633a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 132
retry-after: 0

Redirect headers

location: https://cks.connatix.com/cks?pid=15&ev=1a4d948aad9346a081368570234b14e2&pname=Beeswax&api-tier=2&uid=AAC5yk7Fd1kAABM89U-jVQ
Date: Wed, 29 Jun 2022 01:36:19 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1
https://cks.connatix.com/cks?pid=19&uid=90b809c5-c470-4ceb-a714-8fca09b7c515&ttl=1659058579

146 B
180 B

41ms
22ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=19&uid=90b809c5-c470-4ceb-a714-8fca09b7c515&ttl=1659058579
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f5dc12db38b05eec75846808484f88ab26763ccf37e982f34cb5b706348f4b28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 146
retry-after: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:19 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cks.connatix.com/cks?pid=19&uid=90b809c5-c470-4ceb-a714-8fca09b7c515&ttl=1659058579
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 213

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3d1a4d948aad9346a081368570234b14e2%26pname%3dAppNexus%26api-tier%3d2%26uid%3d%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcks.connatix.com%252fcks%253fpid%253d6%2526ev%253d1a4d948aad9346a081368570234b14e2%2526pname%253dAppNexus%2526api-tier%253d2%2526uid%...
https://cks.connatix.com/cks?pid=6&ev=1a4d948aad9346a081368570234b14e2&pname=AppNexus&api-tier=2&uid=409620087943476422

127 B
161 B

22ms
21ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=6&ev=1a4d948aad9346a081368570234b14e2&pname=AppNexus&api-tier=2&uid=409620087943476422
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 610240ec4bbd96029f12c0199a107525fe54364a2bb88949ac332f331992c8a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 127
retry-after: 0

Redirect headers

Pragma: no-cache
Date: Wed, 29 Jun 2022 01:36:19 GMT
X-Proxy-Origin: 96.9.246.196; 96.9.246.196; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2da65d64-9aac-4740-9c60-f44687760459
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cks.connatix.com/cks?pid=6&ev=1a4d948aad9346a081368570234b14e2&pname=AppNexus&api-tier=2&uid=409620087943476422
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 8BB4
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

281 B
554 B

81ms
21ms

Document
text/html

104.127.172.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-172-242.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 29 Jun 2022 01:36:19 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 29 Jun 2022 01:36:19 GMT
location: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
server: AkamaiGHost

GET
H2 200 userSync.js Show response
ads.pubmatic.com/AdServer/js/ Frame 436E 7 KB
3 KB 97ms
22ms Script
text/javascript 184.29.128.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-128-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:14 GMT
server: Apache
etag: "1300709-1af3-5c4c7cca9e573"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=115121
accept-ranges: bytes
content-type: text/javascript
content-length: 2267
expires: Thu, 30 Jun 2022 09:35:00 GMT

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://i.ctnsnet.com/int/cm?exc=24&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d28%26ev%3d1a4d948aad9346a081368570234b14e2%26pname%3dCrimtan%26api-tier%3d2%26uid%3d%5Buser_id%5D
https://cks.connatix.com/cks?pid=28&ev=1a4d948aad9346a081368570234b14e2&pname=Crimtan&api-tier=2&uid=7636138d768944639601dc4e8b58de6f

142 B
203 B

48ms
21ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=28&ev=1a4d948aad9346a081368570234b14e2&pname=Crimtan&api-tier=2&uid=7636138d768944639601dc4e8b58de6f
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3a3891d42f545ddf0d07a36ec61811fb5a678ae63e133e1123258ef0ca6fd68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 142
retry-after: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:18 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cks.connatix.com/cks?pid=28&ev=1a4d948aad9346a081368570234b14e2&pname=Crimtan&api-tier=2&uid=7636138d768944639601dc4e8b58de6f
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

us Show response
capi.connatix.com/core/
Redirect Chain

https://id.rlcdn.com/712202.gif?cparams=1a4d948aad9346a081368570234b14e2
https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCJPZ7pUGEgUI6AcQAEIASiAxYTRkOTQ4YWFkOTM0NmEwODEzNjg1NzAyMzRiMTRlMg
https://capi.connatix.com/core/us?UserId=1a4d948aad9346a081368570234b14e2&DemandPartnerUserId=&DemandPartnerName=LiveRamp&DemandPartner=27

0
28 B

64ms
54ms

Script
application/json

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/us?UserId=1a4d948aad9346a081368570234b14e2&DemandPartnerUserId=&DemandPartnerName=LiveRamp&DemandPartner=27
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400
content-type: application/json

Redirect headers

date: Wed, 29 Jun 2022 01:36:19 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://capi.connatix.com/core/us?UserId=1a4d948aad9346a081368570234b14e2&DemandPartnerUserId=&DemandPartnerName=LiveRamp&DemandPartner=27
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3d1a4d948aad9346a081368570234b14e2%26pname%3dCentro%26api-tier%3d2%26uid%3d{userId}
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3d1a4d948aad9346a081368570234b14e2%26pname%3dCentro%26api-tier%3d2%26uid%3...
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D24...
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D24...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D1a4d948...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D1...
https://cks.connatix.com/cks?pid=9&ev=1a4d948aad9346a081368570234b14e2&pname=Centro&api-tier=2&uid=7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553

159 B
250 B

23ms
23ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=9&ev=1a4d948aad9346a081368570234b14e2&pname=Centro&api-tier=2&uid=7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0892e2064d3f3239362117ca70d83dac006614d89527e143a73f7f5c67fbc89d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 159
retry-after: 0

Redirect headers

location: https://cks.connatix.com/cks?pid=9&ev=1a4d948aad9346a081368570234b14e2&pname=Centro&api-tier=2&uid=7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553
date: Wed, 29 Jun 2022 01:36:20 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d1a4d948aad9346a081368570234b14e2%26pname%3dSpotX%26api-tier%3d2%26uid%3d%24SPOTX...
https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d1a4d948aad9346a081368570234b14e2%26pname%3dSpotX%26api-tier%3d2%26uid%3d%24SPOTX...
https://cks.connatix.com/cks?pid=10&ev=1a4d948aad9346a081368570234b14e2&pname=SpotX&api-tier=2&uid=e0253eb0-f74b-11ec-b46d-1d8d9dd30203

146 B
180 B

21ms
21ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=10&ev=1a4d948aad9346a081368570234b14e2&pname=SpotX&api-tier=2&uid=e0253eb0-f74b-11ec-b46d-1d8d9dd30203
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2d3ce6d9f65b60e72b131c9b265c377ce25c68993496eede3dac484806270f18

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 146
retry-after: 0

Redirect headers

Date: Wed, 29 Jun 2022 01:36:19 GMT
Server: nginx
Location: https://cks.connatix.com/cks?pid=10&ev=1a4d948aad9346a081368570234b14e2&pname=SpotX&api-tier=2&uid=e0253eb0-f74b-11ec-b46d-1d8d9dd30203
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 117
Connection: keep-alive
Content-Length: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 77ms
20ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumgir.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:35:49 GMT
x-content-type-options: nosniff
age: 540030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 19:35:49 GMT

GET
H2 200 hls.5b3b785f487abbe00eee.js Show response
cds.connatix.com/p/168135/ Frame 436E 162 KB
47 KB 25ms
24ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/168135/hls.5b3b785f487abbe00eee.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: br
last-modified: Tue, 28 Jun 2022 17:40:20 GMT
age: 26557
etag: "182f65d040bfb9544bd8f71472475672"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48258

GET
H3 200 pubads_impl_2022062301.js Show response
securepubads.g.doubleclick.net/gpt/ 374 KB
127 KB 66ms
20ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

sffe /

Resource Hash

d74b590fcc8d9c451b2ecba1c0e5bae3a1d00db30130e8da00c454e066fa8dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 21:33:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130467
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 08:36:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Jun 2023 21:33:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 232 B
158 B 94ms
50ms XHR
application/json 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.tumgir.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

a28530fa36dd40eff2e8c7ac146a26b181eb38a5604119ffb6acfedba1ca12f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
expires: Wed, 29 Jun 2022 01:36:19 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B4BA 15 KB
6 KB 24ms
22ms Document
text/html 184.29.128.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-128-213.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=104986
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 29 Jun 2022 01:36:19 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 30 Jun 2022 06:46:05 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 81ms
39ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumgir.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:31:57 GMT
x-content-type-options: nosniff
age: 540262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 19:31:57 GMT

POST
H/1.1 200
OK g Show response
capi-tier-2-us-east-2.connatix.com/rtb/ Frame 436E 4 KB
3 KB 419ms
308ms XHR
application/x-protobuf 3.140.30.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=168135&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.30.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-30-91.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: c2d20416b85386fa83baeaef7fdb13850c3b1e035a6fd536bcc71992e762cf84

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2753

GET
H2 200 1_th.jpg
img.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/6f94eccd-43d0-4879-931d-52a41a6ef84d/ 12 KB
11 KB 36ms
25ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/6f94eccd-43d0-4879-931d-52a41a6ef84d/1_th.jpg?crop=522:293,smart&width=522&height=293&format=jpeg&quality=60&fit=crop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6216c129e482b3df22086796df32fcc96c07b56a7306f7faa641def0f91d4d8a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: br
age: 48845
etag: "wZ9Wh9I5xNrR3k6MIEQzvbidOgYSwXfzzEYflhisE7g"
access-control-max-age: 86400
fastly-io-info: ifsz=85915 idim=2560x1440 ifmt=jpeg ofsz=11776 odim=522x293 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 11334

GET
H3 200 bridge3.519.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4E7D 633 KB
204 KB 65ms
21ms Document
text/html 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.519.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23279b70cc075a69239a1a0b47d9e2354c8a2e5debe828fee80aa8a84dc721d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 112950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209290
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 18:13:49 GMT
expires: Tue, 27 Jun 2023 18:13:49 GMT
last-modified: Tue, 14 Jun 2022 17:19:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 436E 44 KB
17 KB 108ms
45ms Script
text/javascript 2607:f8b0:4006:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 01:36:19 GMT

GET
H3 200 bridge3.519.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame BC30 633 KB
204 KB 24ms
22ms Document
text/html 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.519.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23279b70cc075a69239a1a0b47d9e2354c8a2e5debe828fee80aa8a84dc721d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 112950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209290
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 18:13:49 GMT
expires: Tue, 27 Jun 2023 18:13:49 GMT
last-modified: Tue, 14 Jun 2022 17:19:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.519.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B5F4 633 KB
204 KB 30ms
30ms Document
text/html 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.519.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23279b70cc075a69239a1a0b47d9e2354c8a2e5debe828fee80aa8a84dc721d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 112950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209290
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 18:13:49 GMT
expires: Tue, 27 Jun 2023 18:13:49 GMT
last-modified: Tue, 14 Jun 2022 17:19:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 playlist.m3u8 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/6f94eccd-43d0-4879-931d-52a41a6ef84d/ Frame 436E 309 B
271 B 22ms
21ms XHR
application/x-mpegurl 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/6f94eccd-43d0-4879-931d-52a41a6ef84d/playlist.m3u8
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/168135/hls.5b3b785f487abbe00eee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 02:29:05 GMT
age: 48835
etag: "8a966507b13615ecdc1330a4bc9dcfe1"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 164

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B4BA 5 KB
6 KB 101ms
25ms Script
text/html 8.28.7.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33678325&p=156592&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1ed6602c686178b732ac93d1d0239acf2c20e6323ebce9d63d4117232c4127cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8BB4 31 KB
10 KB 22ms
22ms Script
text/html 104.127.172.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-172-242.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ba1a3e239df55d239676024265dd20bbb592496b3debcd6fd37655dd1b6d1b5d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 01:36:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 17:17:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=71883
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9457
Expires: Wed, 29 Jun 2022 21:34:22 GMT

POST
H/1.1 200
OK us Show response
capi-tier-2-us-east-2.connatix.com/core/ Frame 436E 0
315 B 106ms
36ms XHR
application/x-protobuf 3.140.30.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/core/us?v=168135
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.30.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-30-91.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK us Show response
capi-tier-2-us-east-2.connatix.com/core/ Frame 436E 0
315 B 106ms
36ms XHR
application/x-protobuf 3.140.30.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/core/us?v=168135
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.30.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-30-91.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 291A 37 KB
13 KB 84ms
23ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 00:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 29 Jun 2022 01:39:35 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F178 37 KB
13 KB 75ms
25ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 00:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 29 Jun 2022 01:39:35 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5BF5 37 KB
13 KB 68ms
44ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 00:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 29 Jun 2022 01:39:35 GMT

POST
H/1.1 200
OK us Show response
capi-tier-2-us-east-2.connatix.com/core/ Frame 436E 0
315 B 37ms
36ms XHR
application/x-protobuf 3.140.30.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/core/us?v=168135
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.30.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-30-91.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 0.m3u8 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/6f94eccd-43d0-4879-931d-52a41a6ef84d/ Frame 436E 662 B
352 B 24ms
23ms XHR
application/x-mpegurl 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/6f94eccd-43d0-4879-931d-52a41a6ef84d/0.m3u8
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/168135/hls.5b3b785f487abbe00eee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 893b040540b571981c251472dbf4598b3281fa747df32d438fbce592738f8b36

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 02:29:05 GMT
age: 48835
etag: "8bcc196e34bdc6ddbc1979cabd0be2dc"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 267

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 8BB4 284 B
934 B 127ms
29ms Image
image/jpg 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 20e8391fc78a9019eb67dba4b22f0ac2
Content-Type: image/jpg

POST
H2 202 / Show response
pl.connatix.com/ Frame 436E 2 B
166 B 125ms
99ms XHR
application/json 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pl.connatix.com/
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
via: 1.1 varnish
x-timer: S1656466580.298867,VS0,VE77
x-served-by: cache-ewr18180-EWR
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2
x-cache-hits: 0

POST
H/1.1 200
OK us Show response
capi-tier-2-us-east-2.connatix.com/core/ Frame 436E 0
315 B 38ms
38ms XHR
application/x-protobuf 3.140.30.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/core/us?v=168135
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.30.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-30-91.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK us Show response
capi-tier-2-us-east-2.connatix.com/core/ Frame 436E 0
315 B 38ms
38ms XHR
application/x-protobuf 3.140.30.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/core/us?v=168135
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.30.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-30-91.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi-tier-2-us-east-2.connatix.com/rtb/ Frame 436E 330 B
551 B 67ms
66ms XHR
application/x-protobuf 3.140.30.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=168135&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.30.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-30-91.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: d083d90289717e6f5b02235a23d8f96334a4a943b4ee646eba334bcaef55c84b

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 255

GET
DATA 200
OK truncated
/ Frame B5F4 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 6694
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F

35 B
477 B

25ms
25ms

Document
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Wed, 29 Jun 2022 01:36:20 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Wed, 29 Jun 2022 01:36:20 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AF0F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YruslAAMTWKxyQAj&gdpr=0&gdpr_consent=&_test=YruslAAMTWKxyQAj

1 B
240 B

96ms
29ms

Document
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YruslAAMTWKxyQAj&gdpr=0&gdpr_consent=&_test=YruslAAMTWKxyQAj
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Wed, 29 Jun 2022 01:36:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Wed, 29 Jun 2022 01:36:20 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YruslAAMTWKxyQAj&gdpr=0&gdpr_consent=&_test=YruslAAMTWKxyQAj
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-ewr18182-EWR
x-timer: S1656466581.582841,VS0,VE0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F51E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a53262bb-ac94-4f00-acb7-dd9b21cd1075&gdpr=0&gdpr_consent=

42 B
324 B

31ms
30ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a53262bb-ac94-4f00-acb7-dd9b21cd1075&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 29 Jun 2022 01:36:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Wed, 29 Jun 2022 01:36:20 GMT
Expires: Wed, 29 Jun 2022 01:36:19 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4475 c1dc35a master ord-pixel-x56 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a53262bb-ac94-4f00-acb7-dd9b21cd1075&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame D787
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDNXlrN0ZkMWtBQUJNODlVLWpWUQ&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDNXlrN0ZkMWtBQUJNODlVLWpWUQ&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC5yk7Fd1kAABM89U-jVQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partne...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC5yk7Fd1kAABM89U-jVQ&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC5yk7Fd1kAABM89U-jVQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpm%26bee_sync_curr...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1623104275053748381
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAC5yk7Fd1kAABM89U-jVQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1623104275053748381%26bee_sync_partners%3Dpm%26bee_sy...
https://match.prod.bidr.io/cookie-sync?userid=1623104275053748381&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC5yk7Fd1kAABM89U-jVQ

42 B
278 B

36ms
36ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC5yk7Fd1kAABM89U-jVQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 29 Jun 2022 01:36:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 29 Jun 2022 01:36:21 GMT
Server: nginx
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC5yk7Fd1kAABM89U-jVQ
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 9F32 0
222 B 122ms
29ms Document
image/gif 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 0
content-type: image/gif
date: Wed, 29 Jun 2022 01:36:20 GMT
p3p: policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server: c

GET
H2

200

usersync.aspx Show response
widget.us.criteo.com/dis/ Frame 4A57
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybac...

43 B
363 B

247ms
27ms

Document
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 01:36:20 GMT
expires: Wed, 29 Jun 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 200405
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

Redirect headers

content-length: 0
date: Wed, 29 Jun 2022 01:36:20 GMT
location: https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
server: Kestrel
server-processing-duration-in-ticks: 210316
strict-transport-security: max-age=31536000; preload;

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6E00
Redirect Chain

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e0bb5320-f74b-11ec-8627-7db5f9e4074a

42 B
245 B

40ms
33ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e0bb5320-f74b-11ec-8627-7db5f9e4074a
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 29 Jun 2022 01:36:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Wed, 29 Jun 2022 01:36:20 GMT
Expires: Thu, 23 Sep 2004 17:42:04 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e0bb5320-f74b-11ec-8627-7db5f9e4074a
P3P: CP="NOI OTC OTP OUR NOR"
Pragma: no-cache
X-RealServer-NX: lga-delivery-1
server: Cowboy

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4D08
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OdU-jpCmQuJ2g3j4fUDx1WAJ9sQ

42 B
203 B

85ms
33ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OdU-jpCmQuJ2g3j4fUDx1WAJ9sQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 29 Jun 2022 01:36:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Wed, 29 Jun 2022 01:36:20 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OdU-jpCmQuJ2g3j4fUDx1WAJ9sQ

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 70C1
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1656466580624
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3671689141
https://sync.1rx.io/usersync/tradedesk/90b809c5-c470-4ceb-a714-8fca09b7c515
https://sync.targeting.unrulymedia.com/csync/RX-35be6133-d3b8-4120-badb-bb85a46dd2ad-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-35be6133-d3b8-4120-badb-bb85a46dd2ad-005

42 B
256 B

31ms
29ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-35be6133-d3b8-4120-badb-bb85a46dd2ad-005
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 29 Jun 2022 01:36:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Type: text/html
Date: Wed, 29 Jun 2022 01:36:20 GMT
ETag: RX35be6133d3b84120badbbb85a46dd2ad005
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-35be6133-d3b8-4120-badb-bb85a46dd2ad-005
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Transfer-Encoding: chunked

GET
H2

200

pbmtc.gif Show response
beacon.lynx.cognitivlabs.com/ Frame 4B57
Redirect Chain

https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=2e3d3697-d6d6-4d88-8d9b-8e2ff3ddf37c&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F

42 B
352 B

36ms
27ms

Document
image/gif

52.206.110.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.110.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-110-83.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 42
content-type: image/gif
date: Wed, 29 Jun 2022 01:36:20 GMT
server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
date: Wed, 29 Jun 2022 01:36:20 GMT
location: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4034
Redirect Chain

https://ums.acuityplatform.com/tum?umid=6
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=677758166672

42 B
269 B

114ms
29ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=677758166672
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 29 Jun 2022 01:36:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Content-Length: 0
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=677758166672

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 14B9
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UMz1Jt9s1O6mCU5&gdpr=0&gdpr_consent=

42 B
195 B

37ms
34ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UMz1Jt9s1O6mCU5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 29 Jun 2022 01:36:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Wed, 29 Jun 2022 01:36:20 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UMz1Jt9s1O6mCU5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0f6e17a6fe35ab7cc@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 5EFE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
414 B

85ms
81ms

Document
image/gif

2606:4700:4400::6812:230b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 722aee40dbd3d153-BUF
content-length: 43
content-type: image/gif; charset=utf-8
date: Wed, 29 Jun 2022 01:36:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 722aee404ba1d153-BUF
content-type: text/html
date: Wed, 29 Jun 2022 01:36:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 2396

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C2BB
Redirect Chain

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7097529801471726076&uid=Q709752980147172...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7097529801471726076

42 B
449 B

40ms
28ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7097529801471726076
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 29 Jun 2022 01:36:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: max-age=39776
Connection: keep-alive
Content-Length: 154
Content-Type: text/html
Date: Wed, 29 Jun 2022 01:36:20 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7097529801471726076
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: Apache/2.4.6 (CentOS)
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.33

GET
H/1.1 200
OK us Show response
capi-tier-2-us-east-2.connatix.com/core/ Frame 5A9E 0
188 B 47ms
36ms Document
application/json 3.140.30.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/core/us?DemandPartner=2&UserId=1a4d948aad9346a081368570234b14e2&DemandPartnerName=Pubmatic&DemandPartnerUserId=DC17D2AB-97B0-4286-97F4-4AACA820BD9F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.30.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-30-91.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 0
access-control-allow-credentials: true
content-type: application/json
date: Wed, 29 Jun 2022 01:36:20 GMT
server: Kestrel

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B4BA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3BfSq5ewQoaX9EqsqCC9nw%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3BfSq5ewQoaX9EqsqCC9nw%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

22ms
22ms

Image
text/html

184.29.128.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-128-213.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=104985
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Thu, 30 Jun 2022 06:46:05 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame B4BA
Redirect Chain

https://idsync.rlcdn.com/420486.gif?partner_uid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F
https://pippio.com/api/sync?pid=5324&it=1&iv=895037120cd7159df264b414803d6280e3d350e07176ad653e9d45c0c9cbcb13791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4OTUwMzcxMjBjZDcxNTlkZjI2NGI0MTQ4MDNkNjI4MGUzZDM1MGUwNzE3NmFkNjUzZTlkNDVjMGM5Y2JjYjEzNzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4OTUwMzcxMjBjZDcxNTlkZjI2NGI0MTQ4MDNkNjI4MGUzZDM1MGUwNzE3NmFkNjUzZTlkNDVjMGM5Y2JjYjEzNzkxNDI2YjU0MTdkY2UyMRAAGgwIlNnulQYSBAgCEABCAEoA&goog...
https://usermatch.krxd.net/um/v2?partner=liveramp_identity
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity

0
338 B

130ms
27ms

Image
text/plain

54.92.156.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 54.92.156.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-156-105.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=41 t=1656466574
x-served-by: beacon-n023-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
date: Wed, 29 Jun 2022 01:36:21 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a003-ash-prod.krxd.net

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame B4BA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=787362bb-ac94-4500-be95-9984e8f13d86

0
48 B

54ms
53ms

Image
text/plain

104.36.115.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=787362bb-ac94-4500-be95-9984e8f13d86
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 29 Jun 2022 01:36:20 GMT
Server: MT3 4475 c1dc35a master ord-pixel-x50 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=787362bb-ac94-4500-be95-9984e8f13d86
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 29 Jun 2022 01:36:19 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B4BA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REMxN0QyQUItOTdCMC00Mjg2LTk3RjQtNEFBQ0E4MjBCRDlG&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REMxN0QyQUItOTdCMC00Mjg2LTk3RjQtNEFBQ0E4MjBCRDlG&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

95ms
52ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B4BA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEODYRg8nrImcu4W3aI5JwiM&google_cver=1

42 B
298 B

91ms
51ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEODYRg8nrImcu4W3aI5JwiM&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEODYRg8nrImcu4W3aI5JwiM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B4BA
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C254D54C989846B6955ACB9E778035DE

42 B
438 B

196ms
49ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C254D54C989846B6955ACB9E778035DE
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Wed, 29 Jun 2022 01:36:20 GMT
x-content-type-options: nosniff
server: openresty
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C254D54C989846B6955ACB9E778035DE
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 28 Jun 2022 01:36:20 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B4BA
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2790922004803086933&gdpr=0&gdpr_consent=&us_privacy=

1 B
175 B

32ms
29ms

Image
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2790922004803086933&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:19 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2790922004803086933&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 29 Jun 2022 01:36:20 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B4BA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=90b809c5-c470-4ceb-a714-8fca09b7c515

42 B
277 B

64ms
30ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=90b809c5-c470-4ceb-a714-8fca09b7c515
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:20 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=90b809c5-c470-4ceb-a714-8fca09b7c515
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2 200 DC17D2AB-97B0-4286-97F4-4AACA820BD9F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B4BA 43 B
992 B 146ms
31ms Image
image/gif 2600:1f18:4e9:5a02:eebc:c3b5:218:49cd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/DC17D2AB-97B0-4286-97F4-4AACA820BD9F?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a02:eebc:c3b5:218:49cd Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame B4BA
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xe8QC99E2uVQYGKtD7tGxgwJj2wGTn8-~A&gdpr=0&gdpr_consent=

0
260 B

128ms
23ms

Image
text/plain

104.36.115.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xe8QC99E2uVQYGKtD7tGxgwJj2wGTn8-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xe8QC99E2uVQYGKtD7tGxgwJj2wGTn8-~A&gdpr=0&gdpr_consent=
date: Wed, 29 Jun 2022 01:36:20 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame B4BA 0
35 B 108ms
26ms Image
text/plain 44.196.141.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.141.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-141-245.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B4BA
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e0c4bb6c-f74b-11ec-8a75-a5580f2578ca&gdpr=0&gdpr_consent=

1 B
236 B

33ms
29ms

Image
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e0c4bb6c-f74b-11ec-8a75-a5580f2578ca&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e0c4bb6c-f74b-11ec-8a75-a5580f2578ca&gdpr=0&gdpr_consent=
Date: Wed, 29 Jun 2022 01:36:20 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: e0c4bb6d-f74b-11ec-8a75-a5580f2578ca

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B4BA
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=57aaa1643ae6122b&is_secure=true&networkId=17100&version=1&nuid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGc64TGIinaAMebFSlAAAAAAA&expiration=1656552980&nuid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F&...

42 B
263 B

30ms
29ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGc64TGIinaAMebFSlAAAAAAA&expiration=1656552980&nuid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:20 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGc64TGIinaAMebFSlAAAAAAA&expiration=1656552980&nuid=DC17D2AB-97B0-4286-97F4-4AACA820BD9F&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B4BA
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=409620087943476422&gdpr=0&gdpr_consent=

42 B
240 B

44ms
43ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=409620087943476422&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Wed, 29 Jun 2022 01:36:20 GMT
X-Proxy-Origin: 96.9.246.196; 96.9.246.196; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 16e16771-de93-4dbb-8b6a-b8de733daa0f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=409620087943476422&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B4BA
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7UDAELoRm0b2FsNK7kaPSu9DxxP2QcZH7xdJIllQ

42 B
377 B

23ms
23ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7UDAELoRm0b2FsNK7kaPSu9DxxP2QcZH7xdJIllQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 15:04:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7UDAELoRm0b2FsNK7kaPSu9DxxP2QcZH7xdJIllQ
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B4BA
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553&gdpr=0&gdpr_consent=

42 B
217 B

216ms
50ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:19 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B4BA
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=98322d3e-0cd0-44bf-8f02-dc19e9e9c5e4
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=98322d3e-0cd0-44bf-8f02-dc19e9e9c5e4
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ebf51bb9-504a-4878-941d-04516558a64f&user_group=1&ssp=pubmatic&bsw_param=98322d3e-0cd0-44bf-8f02-dc19e9e9c5e4
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=98322d3e-0cd0-44bf-8f02-dc19e9e9c5e4&gdpr=&gdpr_consent=&gdpr_pd=

1 B
165 B

34ms
34ms

Image
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=98322d3e-0cd0-44bf-8f02-dc19e9e9c5e4&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=98322d3e-0cd0-44bf-8f02-dc19e9e9c5e4&gdpr=&gdpr_consent=&gdpr_pd=
Date: Wed, 29 Jun 2022 01:36:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

sn.ashx
pmp.mxptint.net/ Frame B4BA
Redirect Chain

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_F235032B_BD7893B8&r=https://pmp.mxptint.net/sn.ashx?ak=1
https://pmp.mxptint.net/sn.ashx?ak=1

43 B
266 B

54ms
54ms

Image
image/gif

4.78.226.233
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pmp.mxptint.net/sn.ashx?ak=1

Requested by

Protocol

HTTP/1.1

Server

4.78.226.233 Irving, United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=-339453381; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Jun 2022 01:36:20 GMT
Cache-Control: no-cache
Expires: -1
Content-Length: 43
Strict-Transport-Security: max-age=-339453381; includeSubDomains
Content-Type: image/gif

Redirect headers

location: https://pmp.mxptint.net/sn.ashx?ak=1
date: Wed, 29 Jun 2022 01:36:21 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B4BA
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3336694346221387876

42 B
219 B

31ms
30ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3336694346221387876
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:20 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3336694346221387876
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B4BA
Redirect Chain

https://sync.resetdigital.co:10001/csync/pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000B713F060FB

42 B
215 B

32ms
31ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000B713F060FB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi-tier-2-us-east-2.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D1a4d948aad9346a081368570234b14e2%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 29 Jun 2022 01:36:38 GMT
Server: nginx/1.18.0 (Ubuntu)
Front-End-Https: on
Content-Type: text/html
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000B713F060FB
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H2

200

us
capi.connatix.com/core/ Frame 8BB4
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&khaos=L4YXFLEG-17-EHWY
https://ck.connatix.com/cks?pid=11&uid=L4YXFLEG-17-EHWY
https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L4YXFLEG-17-EHWY&UserId=

0
28 B

53ms
53ms

Image
application/json

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L4YXFLEG-17-EHWY&UserId=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400
content-type: application/json

Redirect headers

date: Wed, 29 Jun 2022 01:36:20 GMT
location: https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L4YXFLEG-17-EHWY&UserId=
access-control-max-age: 86400
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
retry-after: 0

POST
H3 204 CztbW2FdYlZZYV1iQ14SBSASGSJIZydMYytxVC8mCDYWADIGeQUNP0MnVUcwADUcBj8MIxVHMgI5Q1sXHjoHGTQONQ4dfx06AUxmLjoTBT1IYyVRZ1VjUFBkWWBfW2dUY1RbaFtgQB9sXXpeR2lDZkAcbFxkVlBoXGBTUWZZbF5aZllyEhkwCmlXTyEZIApUYFthU...
ationsuchasr.xyz/aVFtVGZGbg4nWwwUIxsoBxsvN1UCHj5kDlg1ChYiPQkZcVQvEwYZQB04CWleXGNUY1JPIQQwW1pjSycSCCUYJ1tbYV1hQAA/ 0
470 B 40ms
39ms Ping
text/plain 2606:4700:3037::ac43:c9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ationsuchasr.xyz/aVFtVGZGbg4nWwwUIxsoBxsvN1UCHj5kDlg1ChYiPQkZcVQvEwYZQB04CWleXGNUY1JPIQQwW1pjSycSCCUYJ1tbYV1hQAA/CztbW2FdYlZZYV1iQ14SBSASGSJIZydMYytxVC8mCDYWADIGeQUNP0MnVUcwADUcBj8MIxVHMgI5Q1sXHjoHGTQONQ4dfx06AUxmLjoTBT1IYyVRZ1VjUFBkWWBfW2dUY1RbaFtgQB9sXXpeR2lDZkAcbFxkVlBoXGBTUWZZbF5aZllyEhkwCmlXTyEZIApUYFthUF1nW2FeWWRbZA
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sleB5BuXv%2Bi6U74G89EqF846sMej5pk60MH2JZZXiqRww6gEyjSUaprwbFy8Y%2Ft2rbgUVrk33gnftBxsHkRe6MG5tft%2FRYF4F9oiIupjQ2HE90wdEofGHomAd%2FMn6DGpsahb1hVRVVKa3LWA9cZ2"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 722aee409e2318f6-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET snapecaht.png
webpick-cdn.s3.amazonaws.com/ 0
0

GET
H2 206 0.mp4 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/6f94eccd-43d0-4879-931d-52a41a6ef84d/ Frame 436E 1 KB
1 KB 23ms
22ms XHR
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/6f94eccd-43d0-4879-931d-52a41a6ef84d/0.mp4
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/168135/hls.5b3b785f487abbe00eee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4f965651290e285fd2bf27361723942df35f374ce2e0cadc8a7ec145dd9cd668

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-1361

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
last-modified: Thu, 20 May 2021 02:29:04 GMT
age: 48842
etag: "469d1e13f3298e801c72baef2cc7ee38"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1361/5233641
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1362

POST
H/1.1 200
OK g Show response
capi-tier-2-us-east-2.connatix.com/rtb/ Frame 436E 132 B
418 B 61ms
61ms XHR
application/x-protobuf 3.140.30.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=168135&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.30.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-30-91.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e9f1b93042bed88ec955a71bc6bf7fd3bddce2fb7efcfb70a9fa2c8718574bb9

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 122

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5F4 0
20 B 92ms
47ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?aot=ib&tte=f&lid=158&sdkv=h.3.519.0&id=ima_html5&c=2668954893290734&domain=www.tumgir.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5F4 0
20 B 95ms
50ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?blob=nullPromise&lid=155&sdkv=h.3.519.0&id=ima_html5&c=2668954893290734&domain=www.tumgir.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK snapecaht.png
webpick-cdn.s3.amazonaws.com/ Frame 355D 3 KB
3 KB 374ms
105ms Image
image/png 52.92.178.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webpick-cdn.s3.amazonaws.com/snapecaht.png
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.178.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5af1e32d6499ad2c5e9249164daa9a39860fb4e6f64b223b04fe0afa0c0b6ee2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 01:36:21 GMT
Last-Modified: Tue, 25 Dec 2018 13:48:43 GMT
Server: AmazonS3
x-amz-request-id: 1KWYBK6DF82DFT6Y
ETag: "84cde431b32705bc6e18c3d7ccc2dd29"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2888
x-amz-id-2: 2yiFH6+qoCBPeE5oug3BMdiE9YBvivRIG5n+MKA7NR9USWRfYFShUfE2bQAnDLh128rhu5WHaNA=
x-amz-meta-s3b-last-modified: 20181225T134720Z

GET
DATA 200
OK truncated
/ Frame 355D 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52878d35bbd3319522a493c873f3dfe8fe7b15c11a3bb4aafca023115122e702

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 355D 814 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 206 0.mp4 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/6f94eccd-43d0-4879-931d-52a41a6ef84d/ Frame 436E 552 KB
552 KB 22ms
20ms XHR
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/6f94eccd-43d0-4879-931d-52a41a6ef84d/0.mp4
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/168135/hls.5b3b785f487abbe00eee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d2614d239c0ec8efaa7c428b6aaf7ce6c378d1a9e981151dd3fd6a437f8e6d27

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=1362-566258

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
last-modified: Thu, 20 May 2021 02:29:04 GMT
age: 48842
etag: "469d1e13f3298e801c72baef2cc7ee38"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 1362-566258/5233641
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 564897

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 8BB4
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4YXFLEG-17-EHWY

0
573 B

140ms
62ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4YXFLEG-17-EHWY
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1682A880777542F3AA9C61AFB99A113F Ref B: EWR311000107053 Ref C: 2022-06-29T01:36:20Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXijC4iTxu4Yy1hEW/VrQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4YXFLEG-17-EHWY
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 382e2818ca015d35b02cd449aa60881d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BB4
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRZWEZMRUctMTctRUhXWQ==

170 B
188 B

50ms
50ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRZWEZMRUctMTctRUhXWQ==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Protocol

Server

142.250.80.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRZWEZMRUctMTctRUhXWQ==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 19c1ac3b9706c83a73951eba4d239689
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 8BB4
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=B_uQt8atSPCqkMhz7DhxeA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=B_uQt8atSPCqkMhz7DhxeA

43 B
556 B

33ms
33ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=B_uQt8atSPCqkMhz7DhxeA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Jun 2022 01:36:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8KFK1H0JSSN3WV26HHN6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=B_uQt8atSPCqkMhz7DhxeA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0190a17a18f2299b1b85aeb1793e601c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BB4
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmE1NTNhODk3NTViOTVmNzJmZTNmYWIzNzhmNzcyMmU4YWVhYWM4Zg

170 B
188 B

46ms
46ms

Image
image/png

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmE1NTNhODk3NTViOTVmNzJmZTNmYWIzNzhmNzcyMmU4YWVhYWM4Zg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Protocol

Server

142.250.80.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmE1NTNhODk3NTViOTVmNzJmZTNmYWIzNzhmNzcyMmU4YWVhYWM4Zg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78008fe701b681dce86a72fc23cacc40
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 8BB4
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4YXFLEG-17-EHWY&sigv=1&esig=2~23c68b3cc86d7d3ca3bd3a160dcc23ee857f716e

0
194 B

89ms
26ms

Image
text/plain

2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4YXFLEG-17-EHWY&sigv=1&esig=2~23c68b3cc86d7d3ca3bd3a160dcc23ee857f716e

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Protocol

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4YXFLEG-17-EHWY&sigv=1&esig=2~23c68b3cc86d7d3ca3bd3a160dcc23ee857f716e
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9a0c641c0479142b55591fdf2031b15f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8BB4
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=90b809c5-c470-4ceb-a714-8fca09b7c515&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

162ms
29ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=90b809c5-c470-4ceb-a714-8fca09b7c515&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 19ea072139d67f7022c6e463249c998e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 01:36:20 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=90b809c5-c470-4ceb-a714-8fca09b7c515&gdpr=0&gdpr_consent=&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 289

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8BB4
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/_vMAEaWDArGBHzuIbhS8rsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1018268943162677173

42 B
691 B

99ms
29ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1018268943162677173
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: c3b5432477546c086cd062707f625a76
Content-Type: image/gif

Redirect headers

date: Wed, 29 Jun 2022 01:36:20 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1018268943162677173
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8BB4
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2TwJ-SqfSYKXewI1ZPCiwA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2TwJ-SqfSYKXewI1ZPCiwA

43 B
556 B

106ms
106ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2TwJ-SqfSYKXewI1ZPCiwA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Jun 2022 01:36:21 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CDSBHHBJFH2AEE6N2Z1Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2TwJ-SqfSYKXewI1ZPCiwA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78008fe701b681dce86a72fc23cacc40
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H/1.1 200
OK g Show response
capi-tier-2-us-east-2.connatix.com/rtb/ Frame 436E 0
315 B 38ms
37ms XHR
application/x-protobuf 3.140.30.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=168135&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.30.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-30-91.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK us Show response
capi-tier-2-us-east-2.connatix.com/core/ Frame 436E 0
315 B 39ms
38ms XHR
application/x-protobuf 3.140.30.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/core/us?v=168135
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.30.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-30-91.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 206 0.mp4 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/6f94eccd-43d0-4879-931d-52a41a6ef84d/ Frame 436E 569 KB
569 KB 22ms
22ms XHR
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/6f94eccd-43d0-4879-931d-52a41a6ef84d/0.mp4
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/168135/hls.5b3b785f487abbe00eee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5d3bd803c5c40cb00e61176684c3407e32f42e3cf2f00ed0110a7e04a487247b

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=566259-1148618

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
last-modified: Thu, 20 May 2021 02:29:04 GMT
age: 48842
etag: "469d1e13f3298e801c72baef2cc7ee38"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 566259-1148618/5233641
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 582360

POST
H/1.1 200
OK mq Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 436E 0
315 B 36ms
36ms XHR
application/x-protobuf 3.140.30.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/mq?v=168135&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.30.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-30-91.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK ps Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 436E 0
315 B 74ms
38ms XHR
application/x-protobuf 3.140.30.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/ps?v=168135&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.30.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-30-91.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK sv Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 436E 0
315 B 37ms
36ms XHR
application/x-protobuf 3.140.30.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/sv?v=168135&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.30.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-30-91.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 29 Jun 2022 01:36:20 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK ao Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 436E 0
315 B 37ms
36ms XHR
application/x-protobuf 3.140.30.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/ao?v=168135&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.30.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-30-91.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 29 Jun 2022 01:36:21 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET SPug
simage4.pubmatic.com/AdServer/ Frame B4BA 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: webpick-cdn.s3.amazonaws.com
URL: https://webpick-cdn.s3.amazonaws.com/snapecaht.png

Domain: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156592&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

122 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.resetdigital.co/csync	1970-01-20 06:17:22	Name: ckbk Value: 000000B713F060FB
.tumgir.com/	1970-01-20 21:38:58	Name: _ga Value: GA1.2.1947690519.1656466577
.tumgir.com/	1970-01-20 04:09:12	Name: _gid Value: GA1.2.1367683839.1656466577
.tumgir.com/	1970-01-20 04:07:46	Name: _gat_gtag_UA_134279593_1 Value: 1
freychang.fun/	1970-01-20 12:46:10	Name: csu Value: 1009914587488374@2@1656466576
www.tumgir.com/	1970-01-20 13:36:34	Name: __atuvc Value: 1%7C26
www.tumgir.com/	1970-01-20 04:07:48	Name: __atuvs Value: 62bbac908c8efccc000
.addthis.com/	1970-01-20 13:29:22	Name: ouid Value: 62bbac920001142aa730681387154e73398355245ddf1fc7ba89
.addthis.com/	1970-01-20 13:29:22	Name: di2 Value: aVS[V#&0x#&g#%Os#%Or#%Km#%Kf#%IX#%IQ#%HV#%F\|#%FS#%FR#%FQ#%E~#%/p#%/o#%/n#%$~#$Mr#$M`#$Ll#$L^#$LZ#$Gr#$CT#$7r#$1~#$0\|#$+U#$)\|#$){#$(w#$(T#$(S#$(R#$(Q#$$c#$$b#$!}##NW##Mz##Md##LU##Iz##Ix##Gr##Ed##Eb##EZ##Bq##Bp##@q##>W##>U##'V###l#!0}#!/p#!$s#!!xPNePNdPNcPNbPDtPC]PC[P<nP8UP7sP7rP7qP7mP7lP7kP2SO1iO1hO1gO(rO(qO(pO(cO(bO'vO'uN+gN+QN'yN#xMLcM?gM?fM>VM>UM>TM>SM>RM>QM7oM7nM7mM7lM7]M7XM-{M-rM-qM+}M+zMfM'fM'bM&oM&nM&mM&^M&]M&[LFTLEsLErLEqLEpLDkL.wJEXJ&ZJ&YJ&XJ&WJ&VJ&UJ#\|J#{J#sJ#rIIYIIXIHcIHbIH[IFcIFbICiI?VI?UI6rI5fI5TI5SI3\|I3{I3yI3rI2bI1oI/}I/\|I/jI+l$+S83}7>Z7:m77h77g7.k7.b7-~7-}7o7k7)\|7)m7'h7'g7#t6L]6L[6Kh6Kg6Hu6Hq6Hp6Ho6Hn6Hm6FW6FV6C{6@t6@s5)z5)y5)`5)_5)^5(n5(b5'~4JX4?Z4=a4=^0%w0%v0%q)1i)1b#92]#53h#43S#08^#08W#/}#/{#/R#.~#&]#&Z#)N}#)N{#)Gc#)Ga#)-i#)-g#)-e#)V#)T#))~#))\|#(8k#(5i#(5Q#(4~#(/]#'FX#'E{#'8f#'&U#'&T#&He#&GQ#&@r#&@q#&@p#&<]
.addthis.com/	1970-01-20 13:29:22	Name: um Value: j.'2022062901361874800282027696'
.addthis.com/	1970-01-20 13:29:22	Name: uid Value: 62bbac926b896d2a
.addthis.com/	1970-01-20 13:29:22	Name: na_id Value: 2022062901361874800282027696
.addthis.com/	1970-01-20 13:29:22	Name: vc Value: 2
.addthis.com/	1970-01-20 13:36:34	Name: uvc Value: 1%7C26
.addthis.com/	1970-01-20 13:36:34	Name: loc Value: MTQyMDJOQVVTTlkyMjI5MTAxMTUxNDAwMDBDSA==
capi.connatix.com/	1970-01-20 04:50:58	Name: cnx_userId Value: 1a4d948aad9346a081368570234b14e2
www.tumgir.com/	1970-01-20 04:50:58	Name: cnx_userId Value: 1a4d948aad9346a081368570234b14e2
.adsrvr.org/	1970-01-20 12:53:22	Name: TDID Value: 90b809c5-c470-4ceb-a714-8fca09b7c515
.sitescout.com/	1970-01-20 12:53:22	Name: ssi Value: 7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9#1656466579641
.ctnsnet.com/	1970-01-20 12:53:22	Name: cid_7636138d768944639601dc4e8b58de6f Value: 1
.spotxchange.com/	1970-01-20 12:53:26	Name: audience Value: e0253eb0-f74b-11ec-b46d-1d8d9dd30203
.bidr.io/	1970-01-20 13:36:20	Name: bito Value: AAC5yk7Fd1kAABM89U-jVQ
.bidr.io/	1970-01-20 13:36:20	Name: bitoIsSecure Value: ok
.adnxs.com/	1970-01-20 06:17:22	Name: uuid2 Value: 409620087943476422
.exelator.com/	1970-01-20 07:00:34	Name: EE Value: "2ed90be43691966a0646131247f37445"
.ads.pubmatic.com/	1970-01-20 04:09:12	Name: KCCH Value: YES
.exelator.com/	1970-01-20 07:00:34	Name: ud Value: "eJxrXxzq6XKLQcEoNcXSICnVxNjM0tDSzCzRwMzEzNDY0MjEPM3Y3MTEdHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAeEl%252BUWb6otDgxUUpaQyLSopPBR%252B41gsASwApug%253D%253D"
.pubmatic.com/	1970-01-20 06:17:22	Name: KADUSERCOOKIE Value: DC17D2AB-97B0-4286-97F4-4AACA820BD9F
.pubmatic.com/	1970-01-20 06:17:22	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 04:09:12	Name: pi Value: 156592:2
.pubmatic.com/	1970-01-20 06:17:22	Name: DPSync3 Value: 1657670400%3A201_197%7C1657065600%3A164%7C1656547200%3A174
.pubmatic.com/	1970-01-20 06:17:22	Name: SyncRTB3 Value: 1657670400%3A54_55_22_240_13_104_8_48_56_220_166_71_231_99_233_176_3_165_5_21_7_178%7C1657065600%3A2_223_15_38%7C1659052800%3A224%7C1657756800%3A35%7C1657324800%3A63%7C1656892800%3A216
.tapad.com/	1970-01-20 05:34:10	Name: TapAd_TS Value: 1656466580151
.tapad.com/	1970-01-20 05:34:10	Name: TapAd_DID Value: e261395f-354a-4a27-ad15-0cf164bc0166
.rubiconproject.com/	1970-01-20 12:53:22	Name: khaos Value: L4YXFLEG-17-EHWY
.tapad.com/	1970-01-20 05:34:10	Name: TapAd_3WAY_SYNCS Value:
.sitescout.com/	1970-01-20 04:50:58	Name: _ssuma Value: eyI0NSI6MTY1NjQ2NjU4MDUxMSwiNCI6MTY1NjQ2NjU3OTY4MCwiMzkiOjE2NTY0NjY1Nzk2ODB9
.rlcdn.com/	1970-01-20 12:53:22	Name: rlas3 Value: tCXtK6hnKieUH2ZGJgqRR7YlyHM5QrIgyWladwHHgf8=
.rlcdn.com/	1970-01-20 05:34:10	Name: pxrc Value: CJPZ7pUGEgUI6AcQABIFCOhHEAESBgiLvCsQAA==
.adform.net/	1970-01-20 04:50:58	Name: C Value: 1
.everesttech.net/	1970-01-20 12:53:22	Name: everest_g_v2 Value: g_surferid~YruslAAMTWKxyQAj
.acuityplatform.com/	1970-01-20 12:53:22	Name: auid Value: 677758166672
.acuityplatform.com/	1970-01-20 12:53:22	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQGsjIiK2mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUBrIyIito90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.owneriq.net/	1970-01-20 04:22:10	Name: p2 Value: pmc
.owneriq.net/	1970-01-20 21:38:58	Name: si Value: Q7097529801471726076P
.owneriq.net/	1970-01-20 04:22:10	Name: pmc Value: 1
.simpli.fi/	1970-01-20 12:54:48	Name: suid Value: C254D54C989846B6955ACB9E778035DE
.deepintent.com/	1970-01-20 17:15:27	Name: CDIUSER Value: di_8cbded4df7ab49e9a8863
.adform.net/	1970-01-20 05:34:10	Name: uid Value: 3336694346221387876
sync.srv.stackadapt.com/	1970-01-20 12:53:22	Name: sa-user-id Value: s%3A0-39d53e8e-90a6-42e2-7683-78f87d40f1d5.YJvKxc4PgPXXtsxeR%2B9RhtY86FShgf0taaQiMdLP%2B34
.srv.stackadapt.com/	1970-01-20 12:53:22	Name: sa-user-id-v2 Value: s%3AOdU-jpCmQuJ2g3j4fUDx1WAJ9sQ.aXWoPtLVNMyzYwWtkIUtjyQh2GKMfQliuaAwrUdk6Ns
.w55c.net/	1970-01-20 13:36:34	Name: wfivefivec Value: UMz1Jt9s1O6mCU5
.turn.com/	1970-01-20 08:26:58	Name: uid Value: 2790922004803086933
.yahoo.com/	1970-01-20 12:53:44	Name: A3 Value: d=AQABBJSsu2ICELgc5ln9HyDCNqxUn9cgsW0FEgEBAQH-vGLFYgAAAAAA_eMAAA&S=AQAAAv_3-TYMlHi4XH9fnzuP6Dw
.w55c.net/	1970-01-20 04:50:58	Name: matchpubmatic Value: 5
.adgrx.com/	1970-01-20 13:36:34	Name: ADGRX_UID Value: e0bb5320-f74b-11ec-8627-7db5f9e4074a
.tribalfusion.com/	1970-01-20 06:17:22	Name: ANON_ID Value: alnseFtZdPufm7SpBnA8rAZdmrnZdWjK6em3yUCoW0jIafqlCaTfWEpaeHN4ZdtYQNtqOxQWdoXc2qVCnUbpJc0q
.pubmatic.com/	1970-01-20 06:17:22	Name: KRTBCOOKIE_286 Value: 5193-Q7097529801471726076&KRTB&22521-Q7097529801471726076
.pubmatic.com/	1970-01-20 06:17:22	Name: KRTBCOOKIE_469 Value: 8273-677758166672
.pubmatic.com/	1970-01-20 06:17:22	Name: KRTBCOOKIE_218 Value: 4056-YruslAAMTWKxyQAj&KRTB&22978-YruslAAMTWKxyQAj&KRTB&23194-YruslAAMTWKxyQAj&KRTB&23209-YruslAAMTWKxyQAj
.pubmatic.com/	1970-01-20 06:17:22	Name: KRTBCOOKIE_377 Value: 6810-90b809c5-c470-4ceb-a714-8fca09b7c515&KRTB&22918-90b809c5-c470-4ceb-a714-8fca09b7c515&KRTB&23031-90b809c5-c470-4ceb-a714-8fca09b7c515
.pubmatic.com/	1970-01-20 06:17:22	Name: KRTBCOOKIE_1278 Value: 23329-2e3d3697-d6d6-4d88-8d9b-8e2ff3ddf37c&KRTB&23340-2e3d3697-d6d6-4d88-8d9b-8e2ff3ddf37c
.pubmatic.com/	1970-01-20 06:17:22	Name: KRTBCOOKIE_860 Value: 16335-OdU-jpCmQuJ2g3j4fUDx1WAJ9sQ
.pubmatic.com/	1970-01-20 06:17:22	Name: KRTBCOOKIE_107 Value: 1471-uid:UMz1Jt9s1O6mCU5
.adgrx.com/	1970-01-20 04:09:12	Name: ADGRX_CM_PUBMATIC_BRIDGED Value: 1
.pubmatic.com/	1970-01-20 04:50:58	Name: KRTBCOOKIE_22 Value: 14911-2790922004803086933&KRTB&23150-2790922004803086933
.analytics.yahoo.com/	1970-01-20 12:53:22	Name: IDSYNC Value: 18z8~25q1
.doubleclick.net/	1970-01-20 21:38:58	Name: IDE Value: AHWqTUmoj7Mlkn50ZGc56ViKQHMzy62KhiQtDv8yIn97PQn3_HhM7UhSm39-4GzXsAI
.adsrvr.org/	1970-01-20 12:53:22	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiKiZXTud7sOhAFEhYKB3J1Ymljb24SCwjKwfLUud7sOhAFGAEgAigCMgsIioGYgNDe7DoQBTgBWghwdWJtYXRpY2AC
beacon.lynx.cognitivlabs.com/	1970-01-20 12:53:22	Name: UID Value: 806ddda8-864f-45f3-b198-6f3967a90830
beacon.lynx.cognitivlabs.com/	1970-01-20 12:53:22	Name: ss Value: 0LEP3TgGoStuw1AaJwyUs5FdU1Tko7ORUOLNSLzCjGr6Q%2BUeJe%2Bpk6gZeoLPYFPtP9ZvNSgI4Ac6QsifKwecwg%3D%3D
.1rx.io/	1970-01-20 12:53:22	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-35be6133-d3b8-4120-badb-bb85a46dd2ad-005%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/	1970-01-20 06:17:22	Name: KRTBCOOKIE_1003 Value: 22761-e0bb5320-f74b-11ec-8627-7db5f9e4074a&KRTB&23275-e0bb5320-f74b-11ec-8627-7db5f9e4074a
.ipredictive.com/	1970-01-20 12:53:22	Name: cu Value: e0c4bb6c-f74b-11ec-8a75-a5580f2578ca\|1656466580724
.pippio.com/	1970-01-20 12:53:22	Name: did Value: YP0CFno91clseY_y
.pippio.com/	1970-01-20 12:53:22	Name: didts Value: 1656466580
.pippio.com/	1970-01-20 05:34:10	Name: nnls Value:
.pubmatic.com/	1970-01-20 04:50:58	Name: KRTBCOOKIE_279 Value: 22890-e0c4bb6c-f74b-11ec-8a75-a5580f2578ca&KRTB&23011-e0c4bb6c-f74b-11ec-8a75-a5580f2578ca&KRTB&23355-e0c4bb6c-f74b-11ec-8a75-a5580f2578ca
.contextweb.com/	1970-01-20 12:46:10	Name: V Value: vhrFh92msQIw
.contextweb.com/	1970-01-20 12:53:22	Name: pb_rtb_ev Value: 3-1enw\|7dN.0.AAC5yk7Fd1kAABM89U-jVQ
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 6ca1281423241c59
.pubmatic.com/	1970-01-20 04:50:58	Name: KRTBCOOKIE_148 Value: 19421-uid:C254D54C989846B6955ACB9E778035DE
.pubmatic.com/	1970-01-20 06:17:22	Name: KRTBCOOKIE_188 Value: 3189-7ebe8c1f-d7cd-4058-aadb-b379de1c5ef9-62bbac93-5553
.pubmatic.com/	1970-01-20 06:17:22	Name: KRTBCOOKIE_80 Value: 16514-CAESEODYRg8nrImcu4W3aI5JwiM&KRTB&22987-CAESEODYRg8nrImcu4W3aI5JwiM&KRTB&23025-CAESEODYRg8nrImcu4W3aI5JwiM&KRTB&23386-CAESEODYRg8nrImcu4W3aI5JwiM
.pubmatic.com/	1970-01-20 06:17:22	Name: KRTBCOOKIE_57 Value: 22776-409620087943476422&KRTB&23339-409620087943476422&KRTB&23388-409620087943476422
.pubmatic.com/	1970-01-20 04:50:58	Name: SPugT Value: 1656466580
.amazon-adsystem.com/	1970-01-22 00:00:05	Name: ad-privacy Value: 0
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:39:40	Name: bcookie Value: "v=2&f07648bd-1a52-40b9-82f2-26c602229430"
.linkedin.com/	1970-01-20 04:09:12	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2337:u=1:x=1:i=1656466580:t=1656552980:v=2:sig=AQEtVR-j0LEkE8ZOwGS5nj8Q6nrsvJjt"
.mathtag.com/	1970-01-20 13:33:41	Name: uuid Value: 787362bb-ac94-4500-be95-9984e8f13d86
.targeting.unrulymedia.com/	1970-01-20 12:53:22	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-35be6133-d3b8-4120-badb-bb85a46dd2ad-005%22%7D
.pubmatic.com/	1970-01-20 04:50:58	Name: KRTBCOOKIE_391 Value: 22924-3336694346221387876&KRTB&23263-3336694346221387876
.quantserve.com/	1970-01-20 06:17:22	Name: d Value: ENkBCwG_JvijAA
.quantserve.com/	1970-01-20 13:38:00	Name: mc Value: 62bbac94-da854-841ea-3d54e
.pubmatic.com/	1970-01-20 06:17:22	Name: KRTBCOOKIE_27 Value: 16735-uid:a53262bb-ac94-4f00-acb7-dd9b21cd1075&KRTB&16736-uid:a53262bb-ac94-4f00-acb7-dd9b21cd1075&KRTB&23019-uid:a53262bb-ac94-4f00-acb7-dd9b21cd1075&KRTB&23208-uid:a53262bb-ac94-4f00-acb7-dd9b21cd1075
.pubmatic.com/	1970-01-20 06:17:22	Name: KRTBCOOKIE_153 Value: 1923-7UDAELoRm0b2FsNK7kaPSu9DxxP2QcZH7xdJIllQ&KRTB&19420-7UDAELoRm0b2FsNK7kaPSu9DxxP2QcZH7xdJIllQ&KRTB&22979-7UDAELoRm0b2FsNK7kaPSu9DxxP2QcZH7xdJIllQ
.pubmatic.com/	1970-01-20 06:17:22	Name: KRTBCOOKIE_594 Value: 17105-RX-35be6133-d3b8-4120-badb-bb85a46dd2ad-005&KRTB&17107-RX-35be6133-d3b8-4120-badb-bb85a46dd2ad-005
.dotomi.com/	1970-01-20 04:07:46	Name: DotomiTest Value: 57aaa1643ae6122b
.pippio.com/	1970-01-20 05:34:10	Name: pxrc Value: CJTZ7pUGEgQIAhAAEgYI3awrEAA=
.pubmatic.com/	1970-01-20 06:17:22	Name: KRTBCOOKIE_32 Value: 11175-AAAGc64TGIinaAMebFSlAAAAAAA&KRTB&22713-AAAGc64TGIinaAMebFSlAAAAAAA&KRTB&22715-AAAGc64TGIinaAMebFSlAAAAAAA
.smartadserver.com/	1970-01-20 13:36:34	Name: pid Value: 1623104275053748381
.smartadserver.com/	1970-01-20 13:36:34	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 12:53:22	Name: csync Value: 127:AAC5yk7Fd1kAABM89U-jVQ
.mxptint.net/	1970-01-20 21:40:24	Name: mxpim Value: R1B341_F235032B_BD7893B8.1.000000000000000062BBAC95
.pubmatic.com/	1970-01-20 04:50:58	Name: KRTBCOOKIE_52 Value: 22772-R1B341_F235032B_BD7893B8&KRTB&23092-R1B341_F235032B_BD7893B8
.bidswitch.net/	1970-01-20 12:53:22	Name: tuuid Value: 98322d3e-0cd0-44bf-8f02-dc19e9e9c5e4
.bidswitch.net/	1970-01-20 12:53:22	Name: c Value: 1656466581
.bidswitch.net/	1970-01-20 12:53:22	Name: tuuid_lu Value: 1656466581
.technoratimedia.com/	1970-01-21 23:55:46	Name: tads_uid Value: 6C6A679B2EA149AB9D27A82256342782
.technoratimedia.com/	1970-01-21 23:55:46	Name: tads_uid_cd Value: 20220628213621-0400
.technoratimedia.com/	1970-01-21 23:55:46	Name: tads_zora Value: 2
.technoratimedia.com/	1970-01-21 23:55:46	Name: tads_uidp_73 Value: AAC5yk7Fd1kAABM89U-jVQ
.pubmatic.com/	1970-01-20 04:14:58	Name: KRTBCOOKIE_1199 Value: 23168-000000B713F060FB&KRTB&23175-000000B713F060FB
.pubmatic.com/	1970-01-20 04:50:58	Name: KRTBCOOKIE_699 Value: 22727-AAC5yk7Fd1kAABM89U-jVQ
.pubmatic.com/	1970-01-20 04:50:58	Name: PugT Value: 1656466581
.krxd.net/	1970-01-20 08:26:58	Name: _kuid_ Value: O7SNsqU0
.amazon-adsystem.com/	1970-01-20 08:35:36	Name: ad-id Value: A7m6BQVHYUNYkYmvKokZx8E
.rubiconproject.com/	1970-01-20 12:53:22	Name: audit Value: 1\|sM+iJvBDBQDe3+Wc85TJ07OmvwjzS2oJB1WlI+rU3RSWLqPAUZ8eGMYH/OQEsjs565+kLGuhqePqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
pool.admedo.com/	1970-01-20 12:53:22	Name: tuuid Value: ebf51bb9-504a-4878-941d-04516558a64f
pool.admedo.com/	1970-01-20 12:53:22	Name: c Value: 1656466581
pool.admedo.com/	1970-01-20 12:53:22	Name: tuuid_lu Value: 1656466581

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64.media.tumblr.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
accounts.google.com
ad.turn.com
ads.pubmatic.com
ads.yahoo.com
api-public.addthis.com
api.tumblr.com
ationsuchasr.xyz
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
c1.adform.net
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdnjs.cloudflare.com
cds.connatix.com
ck.connatix.com
cks.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
d18g6t7whf8ejf.cloudfront.net
dis.criteo.com
dmmzkfd82wayn.cloudfront.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
getherefwuk.xyz
happearedyn.xyz
i.ctnsnet.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
loadm.exelator.com
m.addthis.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mefagetobri.top
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pl.connatix.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.adentifi.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.resetdigital.co
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
token.rubiconproject.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
usermatch.krxd.net
v1.addthisedge.com
vid.connatix.com
video-serve.com
webpick-cdn.s3.amazonaws.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.tumgir.com
x.bidswitch.net
z.moatads.com
s7.addthis.com
simage4.pubmatic.com
webpick-cdn.s3.amazonaws.com
104.126.112.161
104.127.172.242
104.36.115.109
104.36.115.114
104.67.11.79
107.178.246.49
107.178.254.65
142.250.80.34
142.250.80.66
151.101.2.137
151.101.2.49
151.101.66.137
169.197.150.8
169.60.66.35
173.231.184.20
178.250.2.151
184.29.128.213
184.29.129.187
185.167.164.49
192.0.77.3
192.0.77.40
192.35.249.120
193.122.128.135
198.148.27.139
199.127.204.142
199.187.193.199
2001:4998:14:800::1000
207.198.113.86
209.54.177.54
216.200.232.253
23.22.86.116
23.32.172.185
2600:1f18:4e9:5a02:eebc:c3b5:218:49cd
2600:9000:21da:7800:6:2e3c:5fc0:21
2606:4700:20::681a:d2d
2606:4700:3030::ac43:dadd
2606:4700:3037::ac43:c9ba
2606:4700:4400::6812:230b
2606:4700::6811:190e
2606:ae80:1451:24::730
2607:f8b0:4006:806::2003
2607:f8b0:4006:807::2006
2607:f8b0:4006:809::2008
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::200d
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::200a
2607:f8b0:4006:823::200e
2620:112:f002:bbbb::21
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2a03:2880:f112:182:face:b00c:0:25de
3.140.30.91
3.33.220.150
3.81.232.90
35.186.193.173
35.190.60.146
35.210.53.219
35.211.178.172
4.78.226.233
44.195.137.121
44.196.141.245
45.35.192.162
50.16.197.56
52.206.110.83
52.45.33.138
52.54.46.88
52.7.59.203
52.92.178.185
52.95.125.22
54.192.100.18
54.88.224.139
54.92.156.105
65.8.49.110
68.67.160.114
68.67.161.182
69.173.151.100
69.90.254.78
74.119.119.150
8.28.7.81
8.28.7.83
99.84.37.37
01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84
03110beb6abcd02594f3f7eed1846b9ae2143deef097b31183fefb40db40706d
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
0892e2064d3f3239362117ca70d83dac006614d89527e143a73f7f5c67fbc89d
0a7531d4aee24e054affe400e825101c79b13084c67c85535b751cc9bc7e9dce
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eceeb508126e42057713e87d4ac6628276b4800a4753791e752270aa0d41f99
1639283f9933ad5ca266246576dbbfc9fe38d5b672e4a217fe52f1cf6f2f3f52
165238b8651e2b03bd048d2381866df08cb01bcc0ab4e9c6443ccbed19f54889
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1e552184493eea74a53b11e52b6e6eec9c35d90cece6592d9bdf6cf1090ad8c0
1ed6602c686178b732ac93d1d0239acf2c20e6323ebce9d63d4117232c4127cd
20ae5299fcd9d1a6f4b69aeb293a4642bd943675ae4a945044172e2864921ec3
2545317458fe2e54e3e67d5f14b69913cd8fa0182ccb4031cd413f7819217808
25b34ba303bfb03c53d820d485b9a62db13f96405767e267b25cfab7034aedd5
25f0aa3b9d77161c1bcf7ffa7d61078b71de5aa6b87dac38657989aa080a320e
267bdbf461259f210cc0eed5384dd34030e07d6caacec7a3be9f7ce28d4ac8a5
2beb257d9e3282772efbda7c6e29e1b7350cde5f76e9d466775a02e018e09d0a
2d3ce6d9f65b60e72b131c9b265c377ce25c68993496eede3dac484806270f18
311a8de0a5bea29ecb6d90ef4c59de9914aaf46a4a1c02762ecd1d2fc6a60567
319bf7de36f854814b0ee39e6c21a29a1eb39b6cdcd322b2682a285b7988600e
327cfddc5c6d7db8b989366b6e110f7cef836b26e321cc86c3a4f42dbd740f28
347e1208b2f3973756b05682a8d0a72dac53ef24c79c334d35e7548256c45be4
36a8078ea18c620ffb677cdc00c3633a96a21474308b3b5a4c629bda589c73e0
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38afa5312f73d7da48d60d1cbe85b5a3df8855e750db714661c1456d510904e4
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41ca21faccf2519361a6ed815be56e020a35259fccbb09c8508ca5484464d86c
4282a8de2182c98f4ea239ee9681dbb91cf59f6811aa94f8a286877d4d7f00ba
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b47d0eccb7e8539b24b4072e66f245e9e9760231a3fe936a002b067be2ba209
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f965651290e285fd2bf27361723942df35f374ce2e0cadc8a7ec145dd9cd668
52878d35bbd3319522a493c873f3dfe8fe7b15c11a3bb4aafca023115122e702
5490e137a56afd4f93c0eee6ef99899efdb829d8b9fabf8baa669badf48c546a
55c6a8bb3e7f5d82556cf5f60582551500d3636d27a934ac0276b3f97b1243e2
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a
5af1e32d6499ad2c5e9249164daa9a39860fb4e6f64b223b04fe0afa0c0b6ee2
5bb20b7e42a681a6968e43e8156e1af4d16d065f70338982d3b6df231897313d
5d3bd803c5c40cb00e61176684c3407e32f42e3cf2f00ed0110a7e04a487247b
610240ec4bbd96029f12c0199a107525fe54364a2bb88949ac332f331992c8a8
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61963183a18ebeb68aeada41ce4e420eabc42df4b02db46818512d20222646d7
6216c129e482b3df22086796df32fcc96c07b56a7306f7faa641def0f91d4d8a
653536251eaa98d6348d2839afc61e980db2d2588b9a642deb50604d4bca038d
6b40f0d5cfa95c272e1a5a6c2ad7b9089ad07d3e938ea0f9f0693ab7f6a175e6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bbd1a523e0c04fceea302f84a2156d02bae8209d7cb54a8479f3d2182910ff4
6bd0f8429df606a5c0d5bbc3c3aed321b4e4b8ba6e4f941ee11cc41934eea20a
6d6956c023ba3773c9edee297ac63d9d799dc7b462add47ddbc872588fb24c3d
6f384b9cc1dca6dc92831e67907e5f549cde8489c0e5cd2a4db7916cc1f507d4
73c45a61dc3968d0fcd2c2adac2f91602947713056187058b12893917220a9cb
7953d2db63b6eddf80a14cdacb808b77dab26af6e4f74111406a77103ecce104
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7deac1eb3d2cd5e765c9d0af8aaff58127d71863860882a8daafab049d6349b4
814344b7031d06949266d1f52badb1e0cd092f28151939ab6e001d919c2d65c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86d28f05adc6b685d284fb725bfbe9790f65f4b29a0bcb9d8e744cbe45f21bc8
893b040540b571981c251472dbf4598b3281fa747df32d438fbce592738f8b36
8bc857b4d0e88a228918bffcd18989a34eb6458bcde621e8ab7ef8754c6a0f6f
8c382d76b7f3c936b789e587ff26a8383cb504a1b7c7f6183f80a45d2a464c9d
900c7b714900f91c891f0c028ae56f1cb0fae5bc5dcefaa9faaab784d6d3704e
941f15f07a74b953e617b4af9d43ab4c19fbf92695b4865b4acf10887cdb74e5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9fd2dc059fb430967c1a800b8c2668bd1f9712bafc679422a5e591ded6cf615c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a28530fa36dd40eff2e8c7ac146a26b181eb38a5604119ffb6acfedba1ca12f9
a4d096c6873db0c7b5ecbe20c5142ada665cfb16b139b030ee387e394c7e6199
a65c7e19914e8f1f72a4e12526ad08b66c6b557395e5f1abdd48afd62ab84b10
ac7173edd955f521584e264d4edc089a6d46cb5b763d0368ab890de1d95b9bc2
ac9c7387c32ced659809337df61d63c10f4c1ae0ade00da9a17fd48da0fe0e38
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae1b9abbb61470260e103684bbd81cc23d3e69a1e9db92ef899dd539e0c9da15
aefa123ab4be4509c6970cb9a064c1031ed5ec6fae270e7c256b7a0826fa21f6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b92cb6b44cf533b7e5ffc29b4e542b12a3f6c12c106dac6a8884a574214c947f
b998032e0d9fc0843cd11e5c663ea67f35a2075fc820f5342aa5a514292b4534
ba1a3e239df55d239676024265dd20bbb592496b3debcd6fd37655dd1b6d1b5d
ba317752a0648602e1d36caa97e9afdc2b08fe671ff9e9f1ba8d5becce8cb30b
bd0b53038a53c25295979986a12c0a643dc7de4003638c76353a195a685a633a
becd54293c72fac547b949dc3c2393dd3a2db749f1eaecf278836971d9d2ed5e
c1021ef1d8c44f5edfb7f43bb321a89c125a401fe7b798f72e387b25fb249edb
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2d20416b85386fa83baeaef7fdb13850c3b1e035a6fd536bcc71992e762cf84
cb3301f514b46f0fb12543f46e39b84e24cda90e5ccbc36f1f38ef525c26953e
cc5b52f2199694e4c1785d9231fd52d4140118eb8133d9303cb7d1bdffb231f3
d083d90289717e6f5b02235a23d8f96334a4a943b4ee646eba334bcaef55c84b
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2614d239c0ec8efaa7c428b6aaf7ce6c378d1a9e981151dd3fd6a437f8e6d27
d419f70aa630431c3a65a1e513fbaea6f9ea8eebf818464cec64698f521a4117
d74b590fcc8d9c451b2ecba1c0e5bae3a1d00db30130e8da00c454e066fa8dde
e23279b70cc075a69239a1a0b47d9e2354c8a2e5debe828fee80aa8a84dc721d
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21
e3a3891d42f545ddf0d07a36ec61811fb5a678ae63e133e1123258ef0ca6fd68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e857717740a0d9d544899040de8791fac0a58b4d0259a1ceefc1c371ad3376a7
e883078351cfa3a3f6bdd1fc7b4cd669c3f5f5c792e5d6f7af1d2cbdfe705b8f
e9f1b93042bed88ec955a71bc6bf7fd3bddce2fb7efcfb70a9fa2c8718574bb9
ea423d28639a7f818a20ac4af5efbda648296b0e23320cb8bfe1cb5b9d5076bd
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5dc12db38b05eec75846808484f88ab26763ccf37e982f34cb5b706348f4b28
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6bc1ef96a4cd5c8d1396d3b70b0057f9ac96e6069b94878442b486a07019988
f922ed58b7136d72b7f6321a6375f86a7972bbefd54fc949201cb3a7ce91a70b
fa99ca6c61398ca19f99a093a3ce1f3ef4bf10287ddff7da72146d6ab58fa109
fbbebfc051183c3a22abfcdff1ffb9d7ada173f06d2ee9bdb47cf668d6f6c234
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.tumgir.com Open in urlscan Pro 2606:4700:20::681a:d2d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

194 Requests

78 %HTTPS

26 %IPv6

67 Domains

99 Subdomains

48 IPs

6 Countries

41335 kBTransfer

45336 kBSize

122 Cookies

1 Outgoing links

Page URL History

Redirected requests

194 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tumgir.com Open in urlscan Pro
2606:4700:20::681a:d2d Public Scan

Screenshot
Live screenshot

Full Image

194
Requests

78 %
HTTPS

26 %
IPv6

67
Domains

99
Subdomains

48
IPs

6
Countries

41335 kB
Transfer

45336 kB
Size

122
Cookies

194 HTTP transactions
4 data transactions