www.tumgir.com Open in urlscan Pro
138.197.100.103  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

• https://api.tumblr.com/v2/blog/cosplaythief.tumblr.com/avatar/128 HTTP 302
• https://64.media.tumblr.com/avatar_bea10da22d58_128.png

Request Chain 9

• https://api.tumblr.com/v2/blog/lamson.tumblr.com/avatar/128 HTTP 302
• https://64.media.tumblr.com/f23ec961f648d4bdaf2758753f138cdd/f4e75688215607c1-d3/s128x128u_c1/b3c0c85a159e82380e594c9a73864d0287adbb93.jpg

Request Chain 10

• https://api.tumblr.com/v2/blog/scummodel.tumblr.com/avatar/128 HTTP 302
• https://64.media.tumblr.com/avatar_c3023a20a4d7_128.png

Request Chain 11

• https://api.tumblr.com/v2/blog/taka-01.tumblr.com/avatar/128 HTTP 302
• https://assets.tumblr.com/images/default_avatar/cone_open_128.png

Request Chain 12

• https://api.tumblr.com/v2/blog/a-lighthouse-a-man-a-city.tumblr.com/avatar/128 HTTP 302
• https://64.media.tumblr.com/ad837e5a06e2c435d9b189af6591a265/6f6244745b1b6e2d-99/s128x128u_c1/426fbcbb7269650b60c8d35d25c8898d93f1c3b6.jpg

Request Chain 54

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 78

• https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 HTTP 302
• https://cds.connatix.com/p/156025/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

Request Chain 99

• https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3db2498c856c4342e58396ce9dda68a69b%26pname%3dBeeswax%26api-tier%3d2%26uid%3d{userid} HTTP 303
• https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3Db2498c856c4342e58396ce9dda68a69b%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&_bee_ppp=1 HTTP 303
• https://cks.connatix.com/cks?pid=15&ev=b2498c856c4342e58396ce9dda68a69b&pname=Beeswax&api-tier=2&uid=AAEPQk7EfSIAADCwf_JzUA

Request Chain 100

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
• https://cks.connatix.com/cks?pid=19&uid=8ef3f8fa-2170-4fb8-b7ae-f65e03770976&ttl=1650859515

Request Chain 101

• https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3db2498c856c4342e58396ce9dda68a69b%26pname%3dAppNexus%26api-tier%3d2%26uid%3d%24UID HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcks.connatix.com%252fcks%253fpid%253d6%2526ev%253db2498c856c4342e58396ce9dda68a69b%2526pname%253dAppNexus%2526api-tier%253d2%2526uid%253d%2524UID HTTP 302
• https://cks.connatix.com/cks?pid=6&ev=b2498c856c4342e58396ce9dda68a69b&pname=AppNexus&api-tier=2&uid=8120989671941300671

Request Chain 102

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east HTTP 301
• https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Request Chain 103

• https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3db2498c856c4342e58396ce9dda68a69b%26pname%3dCentro%26api-tier%3d2%26uid%3d{userId} HTTP 302
• https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3db2498c856c4342e58396ce9dda68a69b%26pname%3dCentro%26api-tier%3d2%26uid%3d{userId} HTTP 302
• https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253Db2498c856c4342e58396ce9dda68a69b%2526pname%253DCentro%2526api-tier%253D2%2526uid%253D24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341 HTTP 302
• https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253Db2498c856c4342e58396ce9dda68a69b%2526pname%253DCentro%2526api-tier%253D2%2526uid%253D24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341&xl8blockcheck=1 HTTP 302
• https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3Db2498c856c4342e58396ce9dda68a69b%26pname%3DCentro%26api-tier%3D2%26uid%3D24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341 HTTP 302
• https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3Db2498c856c4342e58396ce9dda68a69b%26pname%3DCentro%26api-tier%3D2%26uid%3D24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341 HTTP 302
• https://cks.connatix.com/cks?pid=9&ev=b2498c856c4342e58396ce9dda68a69b&pname=Centro&api-tier=2&uid=24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341

Request Chain 111

• https://connatix-d.openx.net/v/1.0/av?auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&cb=1ac2cbcd-4426-45e9-8c8c-e8da4196c956&vwd=522&vht=293&gdpr=0&gdpr_consent=undefined&us_privacy= HTTP 302
• https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&cb=1ac2cbcd-4426-45e9-8c8c-e8da4196c956&vwd=522&vht=293&gdpr=0&gdpr_consent=undefined&us_privacy= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTc0NWZmYmUtNzE0NS02ODc1LTQ1YTgtMzk4NmUwMDJlYjJm&gdpr=0&gdpr_consent=undefined

Request Chain 135

• https://connatix-d.openx.net/v/1.0/av?auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&cb=1ac2cbcd-4426-45e9-8c8c-e8da4196c956&vwd=522&vht=293&gdpr=0&gdpr_consent=undefined&us_privacy= HTTP 302
• https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&cb=1ac2cbcd-4426-45e9-8c8c-e8da4196c956&vwd=522&vht=293&gdpr=0&gdpr_consent=undefined&us_privacy=

Request Chain 142

• https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&khaos=L17BX7B2-Z-A5K0 HTTP 302
• https://ck.connatix.com/cks?pid=11&uid=L17BX7B2-Z-A5K0 HTTP 302
• https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L17BX7B2-Z-A5K0&UserId=

Request Chain 148

• https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/rubicon/ZCJxOywLEzDIHXyKa2ZbvQ?csrc= HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6908164200161978813

Request Chain 149

• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0IgVjUL9TrKImY-lyDVkhQ&rk=usync-na HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0IgVjUL9TrKImY-lyDVkhQ

Request Chain 150

• https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
• https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=B56Ay34aTKSQsXthB5t-Xw&rk=usync-other HTTP 302
• https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=B56Ay34aTKSQsXthB5t-Xw

Request Chain 151

• https://token.rubiconproject.com/token?pid=36584 HTTP 302
• https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L17BX7B2-Z-A5K0

Request Chain 153

• https://match.adsrvr.org/track/cmf/rubicon HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8ef3f8fa-2170-4fb8-b7ae-f65e03770976&gdpr=0&gdpr_consent=&expires=30

Request Chain 154

• https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYzMmY5Y2VjOTg2ODUyYTVlMjVkY2E5YjgwMjU1ZmQyM2Y3MDM2Zg

Request Chain 155

• https://token.rubiconproject.com/token?pid=26594 HTTP 302
• https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L17BX7B2-Z-A5K0&sigv=1&esig=2~9e1981741e6bdb77cb7ff52265c488e50e3de716

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 2023%20Jeep%20Wrangler%204xe Show response www.tumgir.com/tag/	41 KB 9 KB	219ms 169ms	Document text/html	138.197.100.103 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.197.100.103 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 577acd10d10034381ad9b2b9434e49c21d75d8883dd19515894c17c9c8f952ee Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers Server nginx/1.18.0 (Ubuntu) Date Sat, 26 Mar 2022 04:05:14 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By Express ETag W/"a3ee-wWjEbSdlFL4I3WejvwEZp3u3XOY" Vary Accept-Encoding Content-Encoding gzip
GET H2	200	css2 fonts.googleapis.com/	4 KB 1 KB	82ms 36ms	Stylesheet text/css	2607:f8b0:4006:80c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 26 Mar 2022 03:36:56 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 26 Mar 2022 04:05:14 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 26 Mar 2022 04:05:14 GMT
GET H/1.1	200 OK	styles.css www.tumgir.com/static/css/	24 KB 6 KB	23ms 23ms	Stylesheet text/css	138.197.100.103 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/static/css/styles.css Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.197.100.103 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash b7bef58af68ae2288e77d9b835cd1f5f227c55c36cbb80123347a926b4565803 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 04:05:14 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Sun, 13 Mar 2022 22:04:58 GMT Server nginx/1.18.0 (Ubuntu) X-Powered-By Express ETag W/"61da-17f85502c4d" Transfer-Encoding chunked Content-Type text/css; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes
GET H2	200	js Show response www.googletagmanager.com/gtag/	94 KB 37 KB	84ms 35ms	Script application/javascript	2607:f8b0:4006:817::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-134279593-1 Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2008 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c51d0e7cc2381c1e9f76aed324ad5134e9d1cfb9cf35479c21d28ccc4969b70a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37555 x-xss-protection 0 last-modified Sat, 26 Mar 2022 03:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 26 Mar 2022 04:05:14 GMT
GET H2	200	5073eff7b70f6a5ed9f11fed60d6db47b0498bf8.png 64.media.tumblr.com/f61b6b7e57f1e6e9a01229b725c38c8e/93f37d585ac6ddbb-4b/s540x810/	438 KB 439 KB	62ms 17ms	Image image/png	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/f61b6b7e57f1e6e9a01229b725c38c8e/93f37d585ac6ddbb-4b/s540x810/5073eff7b70f6a5ed9f11fed60d6db47b0498bf8.png Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 054152c0f53f12b61f4a5c1a9064537d41fee7491f06359ad29a2c4fbb143fb4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT x-frames 1 access-control-max-age 86400 content-disposition inline; filename="tumblr_f61b6b7e57f1e6e9a01229b725c38c8e_5073eff7_540.png" server-timing dc;desc=yyz, cache;desc=HIT;dur=1.0 content-length 449006 x-nc HIT yyz 2 last-modified Thu, 11 Nov 2021 17:30:58 GMT server nginx etag "ba8dfdafbcf51a076821b883801e1f06-1498089600-c801e2c" strict-transport-security max-age=31536000; preload access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control max-age=315360000 timing-allow-origin *
GET H2	200	a8dc110b1246142ca6629113409f5ddbc0b98aa3.png 64.media.tumblr.com/b0f760e58d8cc8f62c9f52ee85d9fc09/b2c017eb9b0a6e9d-cb/s540x810/	284 KB 285 KB	75ms 29ms	Image image/png	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/b0f760e58d8cc8f62c9f52ee85d9fc09/b2c017eb9b0a6e9d-cb/s540x810/a8dc110b1246142ca6629113409f5ddbc0b98aa3.png Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 4722b54ffe43155b445cd7070fe2bd67b9644fe3b20d4e057380395f31f682a9 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT x-frames 1 access-control-max-age 86400 content-disposition inline; filename="tumblr_b0f760e58d8cc8f62c9f52ee85d9fc09_a8dc110b_540.png" server-timing dc;desc=yyz, cache;desc=HIT;dur=1.0 content-length 290862 x-nc HIT yyz 3 last-modified Tue, 09 Nov 2021 19:01:30 GMT server nginx etag "716df44b6faa60cb32cbfb64df806b14-1498089600-c801e2c" strict-transport-security max-age=31536000; preload access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control max-age=315360000 timing-allow-origin *
GET H2	200	47e3504fcb043330d3b39747453717263cca33b7.png 64.media.tumblr.com/808a0c58b7015b389f575d9c6f8d28ac/bb638e3f7f0a43f6-8a/s540x810/	312 KB 313 KB	86ms 41ms	Image image/png	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/808a0c58b7015b389f575d9c6f8d28ac/bb638e3f7f0a43f6-8a/s540x810/47e3504fcb043330d3b39747453717263cca33b7.png Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash e6b0cb93f975091127e73053bc0e576a33e559db7b7774794b12b77c5ef93244 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT x-frames 1 access-control-max-age 86400 content-disposition inline; filename="tumblr_808a0c58b7015b389f575d9c6f8d28ac_47e3504f_540.png" server-timing dc;desc=yyz, cache;desc=HIT;dur=2.0 content-length 319553 x-nc HIT yyz 4 last-modified Thu, 28 Oct 2021 19:24:08 GMT server nginx etag "67c833b1ae9c0735241e7350c9e49631-1498089600-c801e2c" strict-transport-security max-age=31536000; preload access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control max-age=315360000 timing-allow-origin *
GET H2	200	c344981a661a063d766d3e1436540a15d9073314.jpg 64.media.tumblr.com/282bdaaeb5d59c665b0cae18fd58415a/2eafe02cb02a9723-b6/s540x810/	54 KB 54 KB	44ms 16ms	Image image/jpeg	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/282bdaaeb5d59c665b0cae18fd58415a/2eafe02cb02a9723-b6/s540x810/c344981a661a063d766d3e1436540a15d9073314.jpg Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash ffc1b0ad9b01c78c5512d2731931afaaabaca262d9ab336c58eb2837ef66628c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT x-frames 1 access-control-max-age 86400 content-disposition inline; filename="tumblr_282bdaaeb5d59c665b0cae18fd58415a_c344981a_540.jpg" server-timing dc;desc=yyz, cache;desc=HIT;dur=1.0 content-length 55046 x-nc HIT yyz 2 last-modified Sat, 19 Jun 2021 14:31:58 GMT server nginx etag "5b3d5d9303487053e253f684526cc806-1498089600-c801e2c" strict-transport-security max-age=31536000; preload access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 timing-allow-origin *
GET H2	200	a43a497f12951b4aad3e2c08329c1f50b9dd5eb4.jpg 64.media.tumblr.com/9c0e450478a111057b5919567d62552f/885fb96e83c8fde8-02/s540x810/	58 KB 58 KB	30ms 30ms	Image image/jpeg	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/9c0e450478a111057b5919567d62552f/885fb96e83c8fde8-02/s540x810/a43a497f12951b4aad3e2c08329c1f50b9dd5eb4.jpg Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash ed6666f7bf51594f57ab24cfa998eae78c898fe0de5d5b38173b3e3b1ae6fea8 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT x-frames 1 access-control-max-age 86400 content-disposition inline; filename="tumblr_9c0e450478a111057b5919567d62552f_a43a497f_540.jpg" server-timing dc;desc=yyz, cache;desc=HIT;dur=1.0 content-length 59071 x-nc HIT yyz 2 last-modified Sat, 12 Jun 2021 15:37:06 GMT server nginx etag "2acd437631bfe42bfdd7805500ff6884-1498089600-c801e2c" strict-transport-security max-age=31536000; preload access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 timing-allow-origin *
GET H2	200	avatar_bea10da22d58_128.png 64.media.tumblr.com/ Redirect Chain https://api.tumblr.com/v2/blog/cosplaythief.tumblr.com/avatar/128 https://64.media.tumblr.com/avatar_bea10da22d58_128.png	8 KB 8 KB	26ms 25ms	Image image/png	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/avatar_bea10da22d58_128.png Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 96d8d5878dca3d996d79f42ac63131f118b931af037114f1a529b74310037d03 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT x-frames 1 access-control-max-age 86400 content-disposition inline; filename="avatar_bea10da22d58_128.png" server-timing dc;desc=yyz, cache;desc=HIT;dur=1.0 content-length 8521 x-nc HIT yyz 1 last-modified Sat, 12 Dec 2020 21:23:25 GMT server nginx etag "ef692da59c6331b28661dbef2564a9bc-1498089600-c801e2c" strict-transport-security max-age=31536000; preload access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * Redirect headers date Sat, 26 Mar 2022 04:05:14 GMT server nginx x-cache-avatar true strict-transport-security max-age=31536000; preload p3p CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy" location https://64.media.tumblr.com/avatar_bea10da22d58_128.png x-rid cbe16f72a02fa03ac8f9b21c802acfeb content-type application/json content-length 121 x-ua-compatible IE=Edge,chrome=1
GET H2	200	b3c0c85a159e82380e594c9a73864d0287adbb93.jpg 64.media.tumblr.com/f23ec961f648d4bdaf2758753f138cdd/f4e75688215607c1-d3/s128x128u_c1/ Redirect Chain https://api.tumblr.com/v2/blog/lamson.tumblr.com/avatar/128 https://64.media.tumblr.com/f23ec961f648d4bdaf2758753f138cdd/f4e75688215607c1-d3/s128x128u_c1/b3c0c85a159e82380e594c9a73864d0287adbb93.jpg	6 KB 6 KB	40ms 40ms	Image image/jpeg	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/f23ec961f648d4bdaf2758753f138cdd/f4e75688215607c1-d3/s128x128u_c1/b3c0c85a159e82380e594c9a73864d0287adbb93.jpg Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 68bc85081b8d29cfd1e2f8e2891df00a79826c3d68392cadc8a71d07db30db35 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT x-frames 1 access-control-max-age 86400 content-disposition inline; filename="tumblr_f23ec961f648d4bdaf2758753f138cdd_b3c0c85a_128.jpg" server-timing dc;desc=yyz, cache;desc=MISS;dur=17.0 content-length 6218 x-nc MISS yyz 1 last-modified Sun, 13 Dec 2020 01:32:43 GMT server nginx etag "c19f31fbe38a89f5b5de8dfb02926765-1498089600-c801e2c" strict-transport-security max-age=31536000; preload access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 timing-allow-origin * Redirect headers date Sat, 26 Mar 2022 04:05:14 GMT server nginx x-cache-avatar true strict-transport-security max-age=31536000; preload p3p CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy" location https://64.media.tumblr.com/f23ec961f648d4bdaf2758753f138cdd/f4e75688215607c1-d3/s128x128u_c1/b3c0c85a159e82380e594c9a73864d0287adbb93.jpg x-rid 1714aca3277b2bdb7db6426bc1b3cd7e content-type application/json content-length 204 x-ua-compatible IE=Edge,chrome=1
GET H2	200	avatar_c3023a20a4d7_128.png 64.media.tumblr.com/ Redirect Chain https://api.tumblr.com/v2/blog/scummodel.tumblr.com/avatar/128 https://64.media.tumblr.com/avatar_c3023a20a4d7_128.png	27 KB 27 KB	24ms 24ms	Image image/png	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/avatar_c3023a20a4d7_128.png Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 161a09691f782871a54102f816806070faed720c372363f34a6ebb54927db285 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT x-frames 1 access-control-max-age 86400 content-disposition inline; filename="avatar_c3023a20a4d7_128.png" server-timing dc;desc=yyz, cache;desc=HIT;dur=1.0 content-length 27794 x-nc HIT yyz 3 last-modified Tue, 15 Dec 2020 02:19:31 GMT server nginx etag "fbc31ed8ee52c2dec9b90bddbc567c80-1498089600-c801e2c" strict-transport-security max-age=31536000; preload access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * Redirect headers date Sat, 26 Mar 2022 04:05:14 GMT server nginx x-cache-avatar true strict-transport-security max-age=31536000; preload p3p CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy" location https://64.media.tumblr.com/avatar_c3023a20a4d7_128.png x-rid 830cac52020514a6e717b01cb30d2f32 content-type application/json content-length 121 x-ua-compatible IE=Edge,chrome=1
GET H2	200	cone_open_128.png assets.tumblr.com/images/default_avatar/ Redirect Chain https://api.tumblr.com/v2/blog/taka-01.tumblr.com/avatar/128 https://assets.tumblr.com/images/default_avatar/cone_open_128.png	4 KB 4 KB	30ms 23ms	Image image/png	192.0.77.40 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://assets.tumblr.com/images/default_avatar/cone_open_128.png Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Server 192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS assets.tumblr.com Software nginx / Resource Hash 4097edffdaf025b488126918156cc789a86c268ae98433148300a227048489c7 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-nc HIT yyz 1 date Sat, 26 Mar 2022 04:05:14 GMT last-modified Wed, 21 Jul 2021 05:10:52 GMT server nginx etag "60f7ac5c-e7d" strict-transport-security max-age=31536000; preload, max-age=31536000; preload content-type image/png access-control-allow-origin * cache-control max-age=315360000, immutable accept-ranges bytes timing-allow-origin * content-length 3709 expires Thu, 31 Dec 2037 23:55:55 GMT Redirect headers date Sat, 26 Mar 2022 04:05:14 GMT server nginx x-cache-avatar true strict-transport-security max-age=31536000; preload p3p CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy" location https://assets.tumblr.com/images/default_avatar/cone_open_128.png x-rid 993a822d11f684a8e4a53de83ecbe81d content-type application/json content-length 131 x-ua-compatible IE=Edge,chrome=1
GET H2	200	426fbcbb7269650b60c8d35d25c8898d93f1c3b6.jpg 64.media.tumblr.com/ad837e5a06e2c435d9b189af6591a265/6f6244745b1b6e2d-99/s128x128u_c1/ Redirect Chain https://api.tumblr.com/v2/blog/a-lighthouse-a-man-a-city.tumblr.com/avatar/128 https://64.media.tumblr.com/ad837e5a06e2c435d9b189af6591a265/6f6244745b1b6e2d-99/s128x128u_c1/426fbcbb7269650b60c8d35d25c8898d93f1c3b6.jpg	5 KB 5 KB	17ms 16ms	Image image/jpeg	192.0.77.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://64.media.tumblr.com/ad837e5a06e2c435d9b189af6591a265/6f6244745b1b6e2d-99/s128x128u_c1/426fbcbb7269650b60c8d35d25c8898d93f1c3b6.jpg Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Server 192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 8b20f10603d5b1c261d6df6066e86f59c7f01a336751d8c35c5111ecef4fcfa2 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT x-frames 1 access-control-max-age 86400 content-disposition inline; filename="tumblr_ad837e5a06e2c435d9b189af6591a265_426fbcbb_128.jpg" server-timing dc;desc=yyz, cache;desc=HIT;dur=1.0 content-length 5315 x-nc HIT yyz 2 last-modified Fri, 12 Feb 2021 23:05:35 GMT server nginx etag "9ded578d925610b5ac03968a799cfc5a-1498089600-81b500b" strict-transport-security max-age=31536000; preload access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 timing-allow-origin * Redirect headers date Sat, 26 Mar 2022 04:05:14 GMT server nginx x-cache-avatar true strict-transport-security max-age=31536000; preload p3p CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy" location https://64.media.tumblr.com/ad837e5a06e2c435d9b189af6591a265/6f6244745b1b6e2d-99/s128x128u_c1/426fbcbb7269650b60c8d35d25c8898d93f1c3b6.jpg x-rid d50a9e6d5ed64a65ce9edfcddf45ea6c content-type application/json content-length 204 x-ua-compatible IE=Edge,chrome=1
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/	87 KB 28 KB	43ms 17ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 723183 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27938 timing-allow-origin * last-modified Tue, 02 Mar 2021 18:58:36 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "603e8adc-15d9d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ima%2BM9i3pkfhgka0j8zTx7cQfhTmLVrRbx%2FExHTqGomS2Z65u3q9tQa9Jn%2FGcHC8F3%2FsXpcgpUmMRw9HBB2wNaW3E3mQTXSTQu58oKgsf3uTkC1eIRdpix0AvASRFlgw6zAPYjptohG3UM7u%2BlndmqYG"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6f1d01bbe8867150-YUL expires Thu, 16 Mar 2023 04:05:14 GMT
GET H/1.1	200 OK	navbar.js Show response www.tumgir.com/static/js/	469 B 829 B	28ms 28ms	Script application/javascript	138.197.100.103 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/static/js/navbar.js?v=202112270023 Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.197.100.103 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash ae1b9abbb61470260e103684bbd81cc23d3e69a1e9db92ef899dd539e0c9da15 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 04:05:14 GMT Last-Modified Sun, 13 Mar 2022 22:02:36 GMT Server nginx/1.18.0 (Ubuntu) X-Powered-By Express ETag W/"1d5-17f854e01e7" Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 469
GET H/1.1	200 OK	sticky-sidebar.js Show response www.tumgir.com/static/js/	2 KB 974 B	47ms 26ms	Script application/javascript	138.197.100.103 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/static/js/sticky-sidebar.js?v=202112270023 Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.197.100.103 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash aefa123ab4be4509c6970cb9a064c1031ed5ec6fae270e7c256b7a0826fa21f6 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 04:05:14 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Sun, 13 Mar 2022 22:02:28 GMT Server nginx/1.18.0 (Ubuntu) X-Powered-By Express ETag W/"7e3-17f854de374" Transfer-Encoding chunked Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes
GET H/1.1	200 OK	tag.js Show response www.tumgir.com/static/js/	1 KB 1022 B	66ms 23ms	Script application/javascript	138.197.100.103 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/static/js/tag.js?v=202112270023 Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.197.100.103 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 62cb30d7d9a27e0d9ee245226492b7be4fd521d444c994c2bdd3a71a5507a687 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 04:05:14 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Sun, 13 Mar 2022 22:02:35 GMT Server nginx/1.18.0 (Ubuntu) X-Powered-By Express ETag W/"57f-17f854dffbc" Transfer-Encoding chunked Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes
GET H/1.1	200 OK	notes.js Show response www.tumgir.com/static/js/	554 B 914 B	66ms 22ms	Script application/javascript	138.197.100.103 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/static/js/notes.js?v=202112270023 Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.197.100.103 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 38afa5312f73d7da48d60d1cbe85b5a3df8855e750db714661c1456d510904e4 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 04:05:14 GMT Last-Modified Sun, 13 Mar 2022 22:02:27 GMT Server nginx/1.18.0 (Ubuntu) X-Powered-By Express ETag W/"22a-17f854dde4b" Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 554
GET H/1.1	200 OK	visit-blog.js Show response www.tumgir.com/static/js/	216 B 575 B	63ms 20ms	Script application/javascript	138.197.100.103 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/static/js/visit-blog.js?v=202112270023 Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.197.100.103 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 941f15f07a74b953e617b4af9d43ab4c19fbf92695b4865b4acf10887cdb74e5 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 04:05:14 GMT Last-Modified Sun, 13 Mar 2022 22:02:33 GMT Server nginx/1.18.0 (Ubuntu) X-Powered-By Express ETag W/"d8-17f854df872" Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 216
GET H/1.1	200 OK	sw.js Show response www.tumgir.com/	100 KB 38 KB	33ms 33ms	Script application/javascript	138.197.100.103 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.tumgir.com/sw.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.197.100.103 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Express Resource Hash 8c382d76b7f3c936b789e587ff26a8383cb504a1b7c7f6183f80a45d2a464c9d Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 04:05:14 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Sun, 13 Mar 2022 22:02:35 GMT Server nginx/1.18.0 (Ubuntu) X-Powered-By Express ETag W/"190ed-17f854dffbc" Transfer-Encoding chunked Content-Type application/javascript; charset=UTF-8 Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Expires Sun, 26 Mar 2023 04:05:14 GMT
GET H2	200	/ Show response d18g6t7whf8ejf.cloudfront.net/	252 KB 78 KB	193ms 107ms	Script text/plain	99.84.120.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.120.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-120-21.ewr52.r.cloudfront.net Software / Resource Hash 6150b5c66836d715f8924faa447b79071ce5cdb7c98953debc2d55a62dfb84c3 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 04:05:14 GMT content-encoding gzip x-amz-cf-pop EWR52-C3 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 78942 via 1.1 3cd1317514b30fdf5f6be98709ec1b0e.cloudfront.net (CloudFront) x-amz-cf-id 8yMzYb23lsK_yfQGI-A8IKKOWoX2jDg4bc1fWP6zuNltWBbzAemhPg==
GET H2	200	/ Show response dmmzkfd82wayn.cloudfront.net/	290 KB 95 KB	197ms 125ms	Script text/plain	2600:9000:2162:1000:6:2e3c:5fc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528 Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2162:1000:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 853ee773760f0f573da1b9e999c277fc5ea5b691a9ca21d236e2a6d343c0a09e Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 04:05:14 GMT content-encoding gzip x-amz-cf-pop EWR52-C3 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 96999 via 1.1 4a7ef8cbf68469938b3b0dd42dbc4de8.cloudfront.net (CloudFront) x-amz-cf-id O5_Vn4wtW75O78NygGwph1uZBsIW1xAx4tsQ0yZQussP7jzJV3DHzQ==
GET H2	200	vidjs Show response video-serve.com/	1 KB 1 KB	112ms 35ms	Script application/json	13.225.214.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://video-serve.com/vidjs?tid=947040 Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-106.ewr50.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 793d8ae8be17ac602c3d0839bee5021086493b18d069152781f46e60f45b1310 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 04:05:14 GMT content-encoding gzip server openresty/1.17.8.2 x-amz-cf-pop EWR50-C1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version cache-control no-store, no-cache, must-revalidate, no-transform content-type application/json content-length 670 via 1.1 03e4d3b42a136dd5df035a167106f808.cloudfront.net (CloudFront) x-amz-cf-id jGpLnxkDEG00Hy7evScliuG-ttmzpojn13UfaQykQKLmihbsv2NfZA==
GET H2	200	addthis_widget.js Show response s7.addthis.com/js/300/	353 KB 114 KB	545ms 41ms	Script application/javascript	104.106.1.225 AS6453
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/js/300/addthis_widget.js Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.106.1.225 Atlanta, United States, ASN6453 (AS6453, US), Reverse DNS a104-106-1-225.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip last-modified Mon, 26 Oct 2020 18:11:48 GMT server nginx/1.15.8 etag "5f971164-5834c" vary Accept-Encoding x-distribution 99 content-type application/javascript cache-control public, max-age=600 date Sat, 26 Mar 2022 04:05:14 GMT x-host s7.addthis.com content-length 116408
GET H2	200	JWf7VZ8zXG4 Show response www.youtube.com/embed/ Frame 8468	61 KB 26 KB	130ms 79ms	Document text/html	2607:f8b0:4006:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bd8eb06b26340c51de8c5f716a586a5cf64f57f1de8a230575a6417046630eec Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ Response headers content-type text/html; charset=utf-8 x-content-type-options nosniff cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sat, 26 Mar 2022 04:05:14 GMT strict-transport-security max-age=31536000 report-to {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]} cross-origin-opener-policy-report-only same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94" accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." content-encoding br server ESF x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	R1lRTm08eyI5MjIrPWxXZTElOh00Y35hGjAufzoYKj44PEMkNjxhHjB3Oz1Pa3siIwtlY2BiTzQ0J2xXZW1%2Ffk9reyUvChgwNWxXZWFleFp2aXNiTzQsMxEEI2tzdE93YTR7XndoM2NVJmxpY1kjaWNjD3I8MmNbcjhpe1lxPzMrDHF7LA Show response mefagetobri.top/	56 KB 23 KB	95ms 32ms	Script application/javascript	44.195.137.121 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mefagetobri.top/R1lRTm08eyI5MjIrPWxXZTElOh00Y35hGjAufzoYKj44PEMkNjxhHjB3Oz1Pa3siIwtlY2BiTzQ0J2xXZW1%2Ffk9reyUvChgwNWxXZWFleFp2aXNiTzQsMxEEI2tzdE93YTR7XndoM2NVJmxpY1kjaWNjD3I8MmNbcjhpe1lxPzMrDHF7LA Requested by Host: www.tumgir.com URL: https://www.tumgir.com/sw.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-137-121.compute-1.amazonaws.com Software / Express Resource Hash 07eb26ec3c12627e0f73579dbcc97100053f73f34480840ecba7692c9f452805 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-encoding gzip etag W/"e0f8-+2HMY88NhjjYUEx8qPt8eeQ7pr0" x-powered-by Express vary Accept-Encoding access-control-allow-methods GET, POST content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-headers X-Requested-With,content-type
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	69ms 19ms	Script text/javascript	2607:f8b0:4006:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-134279593-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 4672 date Sat, 26 Mar 2022 02:47:22 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sat, 26 Mar 2022 04:47:22 GMT
GET H2	200	www-player.css www.youtube.com/s/player/c6736352/ Frame 8468	337 KB 46 KB	27ms 23ms	Stylesheet text/css	2607:f8b0:4006:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c6736352/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c82b1ae991f951678bb7a5096f01b05a5a2acc2087ae7ea1aafd21cac3df5c75 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 24 Mar 2022 14:48:39 GMT content-encoding br x-content-type-options nosniff age 134195 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47198 x-xss-protection 0 last-modified Thu, 24 Mar 2022 00:16:33 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 24 Mar 2023 14:48:39 GMT
GET H2	200	www-embed-player.js Show response www.youtube.com/s/player/c6736352/www-embed-player.vflset/ Frame 8468	279 KB 86 KB	40ms 35ms	Script text/javascript	2607:f8b0:4006:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c6736352/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0c0cb15b451fc10772b2814162403e39bc4606de57a150818226b67ee7e7df0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 24 Mar 2022 14:48:39 GMT content-encoding br x-content-type-options nosniff age 134195 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 88072 x-xss-protection 0 last-modified Thu, 24 Mar 2022 00:16:33 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 24 Mar 2023 14:48:39 GMT
GET H2	200	base.js Show response www.youtube.com/s/player/c6736352/player_ias.vflset/en_US/ Frame 8468	2 MB 524 KB	53ms 49ms	Script text/javascript	2607:f8b0:4006:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c6736352/player_ias.vflset/en_US/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3888d39eb382298faae04eafc9f2084e491781f319505d0410d2d0477a4375e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 24 Mar 2022 14:48:39 GMT content-encoding br x-content-type-options nosniff age 134195 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 536421 x-xss-protection 0 last-modified Thu, 24 Mar 2022 00:16:33 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 24 Mar 2023 14:48:39 GMT
GET H2	200	fetch-polyfill.js Show response www.youtube.com/s/player/c6736352/fetch-polyfill.vflset/ Frame 8468	9 KB 3 KB	61ms 57ms	Script text/javascript	2607:f8b0:4006:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c6736352/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 24 Mar 2022 14:48:39 GMT content-encoding br x-content-type-options nosniff age 134195 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2786 x-xss-protection 0 last-modified Thu, 24 Mar 2022 00:16:33 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 24 Mar 2023 14:48:39 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 8468	15 KB 16 KB	68ms 20ms	Font font/woff2	2607:f8b0:4006:81e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 22 Mar 2022 11:41:34 GMT x-content-type-options nosniff age 318220 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 22 Mar 2023 11:41:34 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	65ms 35ms	XHR text/plain	2607:f8b0:4006:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=469285274&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&ul=en-us&de=UTF-8&dt=%232023%20Jeep%20Wrangler%204xe%20%7C%20Explore%20Tumblr%20Posts%20and%20Blogs%20%7C%20Tumgir&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=892672447&gjid=1720731536&cid=655447494.1648267514&tid=UA-134279593-1&_gid=1908057403.1648267514&_r=1&gtm=2ou3e0&z=719540951 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.tumgir.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 26 Mar 2022 04:05:14 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.tumgir.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	utx Show response chookamookla.com/	0 491 B	80ms 26ms	XHR text/plain	13.33.60.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://chookamookla.com/utx?tid=846710&top=www.tumgir.com&cb=MS6acMEDv4ri Requested by Host: mefagetobri.top URL: https://mefagetobri.top/R1lRTm08eyI5MjIrPWxXZTElOh00Y35hGjAufzoYKj44PEMkNjxhHjB3Oz1Pa3siIwtlY2BiTzQ0J2xXZW1%2Ffk9reyUvChgwNWxXZWFleFp2aXNiTzQsMxEEI2tzdE93YTR7XndoM2NVJmxpY1kjaWNjD3I8MmNbcjhpe1lxPzMrDHF7LA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.60.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-60-71.ewr52.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 04:05:14 GMT via 1.1 71963481e8787829babadbbb735376ee.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop EWR52-C1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tumgir.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id m6FgLdNhNq3g9VwRt4ZK8GnXFw25-_4gpx4zJzVJeYMjCUwqUL41Aw==
GET H2	200	/ Show response freychang.fun/	27 B 363 B	71ms 35ms	Fetch text/plain	2606:4700:3030::ac43:dadd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/ Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a4438cd3864319efbf744834bab91181e50a95134c95c8fc98f2c44babbbd7d Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin https://www.tumgir.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7EOREkZ%2FWovcQmsAJPG77Nb%2FZ9pRojS1j1sSbYp9u%2BGBrW2dEfEos3Ch1keg7DjTEmuckVh1gpneITiAyFoBWQQaq29WHZJUbaLpyLQ0OmwHLUjQCSoD8gnA88UNbcvC%2Fpp10cRUQF58yb0"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 6f1d01be3d894bb9-YUL access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx Show response redibidilidi.com/	0 489 B	93ms 29ms	XHR text/plain	18.67.76.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://redibidilidi.com/utx?cb=MC1CxEiMVmnN&top=www.tumgir.com&tid=852974 Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.76.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-76-32.iad89.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 04:05:14 GMT via 1.1 cbb1ad5df105c42cc24cca0b876989aa.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop IAD89-P2 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tumgir.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id 2qybbUMAsPJYMycbeSj9L8r5rbCxpqyDCyEJPf1D9Lp9QwPw-I375A==
GET H2	200	IDUpFiQCIC9uDjcbAGQvJycqBzUnOTAFGgQCSwUENHAcZShHCT4NBCdlEiQjGDNFFno0IhcFBhdyTjwgThEw Show response redibidilidi.com/THZDeFctFCAVaC1LIV4iPhp+XWUKU3E+M31OJE4jewErHm8pHCVWNCAZNhwxPhktDHkiEzddZQo/JzwVFiQWPQ8UDCASMSs0GSgPJEMSKR0rFS0uBBsfLAkbOycNPx8BMgUubwAyOjoRDhwKCDIfLHceLQlBBjlmPC86SAEUHHZMDTQwJjc5... Frame 6805	3 KB 2 KB	135ms 87ms	Document text/html	18.67.76.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://redibidilidi.com/THZDeFctFCAVaC1LIV4iPhp+XWUKU3E+M31OJE4jewErHm8pHCVWNCAZNhwxPhktDHkiEzddZQo/JzwVFiQWPQ8UDCASMSs0GSgPJEMSKR0rFS0uBBsfLAkbOycNPx8BMgUubwAyOjoRDhwKCDIfLHceLQlBBjlmPC86SAEUHHZMDTQwJjc5JAEWFBJ1PHAAFgofc0kbJE4NNBQ/GgYuDjs9OikGCh80EzEOGiUxLjsCBD4RdBI0HBUEGy8fNHwnGjQ+OwAGPm85OC4qEA0yIAANCS8CGR8aABE6AT00cSoQDTV3Cxt8PwYeHxUyFikdPCYbHBYLLm4AZC8kFTkcHx0oOWYZQQ8RMA0wFAsTKDMgMDN/LHAtBgYGISs4LyQHKScWMxkCMQQSOz8RJw8KPwULNwdMMAUeeh40CzQ5KhEBDg0BYxYgGwBkDkZzMjN/IDUpFiQCIC9uDjcbAGQvJycqBzUnOTAFGgQCSwUENHAcZShHCT4NBCdlEiQjGDNFFno0IhcFBhdyTjwgThEw Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.76.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-76-32.iad89.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e6547aba418c9221fd7995222b264693c7a74caea65759e66289a9bb2d8c6d7c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ Response headers content-type text/html content-length 1241 date Sat, 26 Mar 2022 04:05:14 GMT server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform pragma no-cache p3p CP="NID DSP ALL COR" content-encoding gzip accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache Miss from cloudfront via 1.1 cbb1ad5df105c42cc24cca0b876989aa.cloudfront.net (CloudFront) x-amz-cf-pop IAD89-P2 x-amz-cf-id 8zbR2JvuM7lvfmtpTQHfCdg0c58U9pR5zlU3bQcfPXQdas_UVRqArA==
GET H2	200	/ Show response freychang.fun/	27 B 726 B	48ms 34ms	Fetch text/plain	2606:4700:3030::ac43:dadd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/ Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0aee605fb421a81db51793a479f5918b9c86b59e1961c70b6bafd4192d20502 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin https://www.tumgir.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPjEJW0hPKQw1FHcElKa4a%2BTAE8J2rm3Wo0WBt%2FL6Z8jpVSRp%2FOYWRuVGhTPeeX8FTeWGXyxXKdms956OSOLduIfYX3uV%2FGTKb38fPoGoAz9S%2Bc2C7qvLy6WYM0ZmkhkYj81Tv5qMui%2FffvE"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 6f1d01be3d8a4bb9-YUL access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx Show response redibidilidi.com/	0 488 B	920ms 876ms	XHR text/plain	18.67.76.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://redibidilidi.com/utx?cb=HHbGv9iuLYGi&top=www.tumgir.com&tid=853405 Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.76.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-76-32.iad89.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 04:05:15 GMT via 1.1 cbb1ad5df105c42cc24cca0b876989aa.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop IAD89-P2 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tumgir.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id 00A9YbTt8iNmMww30-588u84YH_kgKYI5bW6DK2nR9oJAC9Jd3E7_g==
GET H2	200	/ Show response redibidilidi.com/MmprZjBTCAgLD1NXCUBFQAZWQwJ0T1kgVANSDFBEBR0DAAhXAA1IU14FHgJWQAUFEh5cDx9DAnQHOgxmQDksCVhlDT4TZmYwCCIDZDkPEWpUDy1fW2oSDAhydiMiIkdjJSkIalcoKjdBdj5SE3hYAjkwXlonJwphdCZaAltnKz4UZgEnPyVZ... Frame 82F6	3 KB 2 KB	63ms 34ms	Document text/html	18.67.76.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://redibidilidi.com/MmprZjBTCAgLD1NXCUBFQAZWQwJ0T1kgVANSDFBEBR0DAAhXAA1IU14FHgJWQAUFEh5cDx9DAnQHOgxmQDksCVhlDT4TZmYwCCIDZDkPEWpUDy1fW2oSDAhydiMiIkdjJSkIalcoKjdBdj5SE3hYAjkwXlonJwphdCZaAltnKz4UZgEnPyVZRSMNEXZ8OikJRGoGMl90Wxo5J0pBOiBXU2IIA15acSsyCHVxHjEkSV46CC5+VzAHFl5wWx8BeGEeCSJJUQ4mNHJoDyo3AncsB1JnASMJMQIDMCokcmgPKVZCZVtaXmQBLFgyXkILJAF+VDM+X0dwO0YJBHUDXjd4cVoiLWZFDAkwV3crLQ4VACw5LnV2PgUWUVMGXyJgcwkeI3ZZJj9VcXQoEiNyeBIpPFVzWgUwV3MEOlRTej0SFXN/LAQhfGdTHAUBeBI5LnlQMlgkVVYCHwNVZ1McJGJVGi8lfnorBldpcCspP1YCOBMnAAJTPVV9FAAYCV5CVw8qVHYpXipeWlI/ Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.76.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-76-32.iad89.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash c9fe95fa7aa91a956f5df01063f8ef8afe304b60387d922738f3787e2a93128c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ Response headers content-type text/html content-length 1230 date Sat, 26 Mar 2022 04:05:14 GMT server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform pragma no-cache p3p CP="NID DSP ALL COR" content-encoding gzip accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache Miss from cloudfront via 1.1 cbb1ad5df105c42cc24cca0b876989aa.cloudfront.net (CloudFront) x-amz-cf-pop IAD89-P2 x-amz-cf-id nl4QAUO8JaWJ7aqUJgCF-lcE3TkeV99dSaQX-tYGMqeBYGXQaTvvIw==
GET H2	204	MkgSBBUgOwAHPCI5Bj4TJi0aETMJKXEiGwFFb2NAXE9jcAIMHGplQEMLIzcGEAtqZ1QMFjE5T0MOamZcXVZgeEJDDWpnVBEINjFPVF4nIgYJRWZgRl1KYWFHVExiY0c mookiyooki.com/ZXhXVnJKRzQlTyggGiE/	0 259 B	80ms 40ms	Image text/plain	2606:4700:3036::ac43:c061 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mookiyooki.com/ZXhXVnJKRzQlTyggGiE/MkgSBBUgOwAHPCI5Bj4TJi0aETMJKXEiGwFFb2NAXE9jcAIMHGplQEMLIzcGEAtqZ1QMFjE5T0MOamZcXVZgeEJDDWpnVBEINjFPVF4nIgYJRWZgRl1KYWFHVExiY0c Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c061 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLMAPsiJgnTiqQTuPrxTES%2FEIYv2NUkMQQKgxdFmyfuXwbAN9Ss294lR%2FjncBf2uxJvumLd8591cYK0yhe6s1FjWNpSAlo%2FnqrcOlG0aFIYQhcaOD5v2uAx1YuyE1Spy1sWraP1mckwnwyhS8Q%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6f1d01be79954bd7-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	Q2k4UFJsVlsjbyAhV2AFLQF+BCUVGWwVGBMrbx4CECxXEzMWLB4kOydUAGVgel4MdiIqDQVjYGUaTDEmNhoFYmJzXh45PCUGBWJ0NVQIfmptXhZgdDZUCXYmMwhfbWNlGUwkPn5YDmRqcV8PZWN3XA1n mookiyooki.com/	0 263 B	74ms 34ms	Image text/plain	2606:4700:3036::ac43:c061 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mookiyooki.com/Q2k4UFJsVlsjbyAhV2AFLQF+BCUVGWwVGBMrbx4CECxXEzMWLB4kOydUAGVgel4MdiIqDQVjYGUaTDEmNhoFYmJzXh45PCUGBWJ0NVQIfmptXhZgdDZUCXYmMwhfbWNlGUwkPn5YDmRqcV8PZWN3XA1n Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c061 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyRKipFca5pKhIQqjqLzB%2FRTfEpIffvWjbacZ7O8yObCQ86egopACv0VC57Wl7kc0oSADTvxdhWTq%2Fl5y6UGIB0P%2Fu8NozHkhVj00Gs2Ugij3cIRousJj%2FKWpCu5hWmmeozFK3QdFQu%2BAG24Gg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6f1d01be79964bd7-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	LAsEC3A0UFoYZmxYXBhmZBhWB3A2HQpRa3NLG0IiLlBaAGJ6X10BY3NZXgFg mookiyooki.com/VkJtazZ5fQ4YCwVxHVlUDhRYOF0MGz8FWhITXB91MxcVL2EDIUsfXzJ/VV4FYnJYTUY/JlBZD3AxGQpCIzFQWhA/	0 495 B	72ms 33ms	Image text/plain	2606:4700:3036::ac43:c061 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mookiyooki.com/VkJtazZ5fQ4YCwVxHVlUDhRYOF0MGz8FWhITXB91MxcVL2EDIUsfXzJ/VV4FYnJYTUY/JlBZD3AxGQpCIzFQWhA/LAsEC3A0UFoYZmxYXBhmZBhWB3A2HQpRa3NLG0IiLlBaAGJ6X10BY3NZXgFg Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c061 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBiLR1GIyBDvtp%2F0Fy0gTybKktjEmYqaIFvlmnmUL9uBIteHAJB1ZrlLVAiEW7Q8TMaOdZnB0jrhHXiF832Ej5SFjgd9kr9ISHcg3tCWOO%2FatFu0ZrljUG5zD9hKhzZvA3EYN0BYwJGMVIBxYQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6f1d01be79974bd7-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	/ Show response freychang.fun/	27 B 362 B	35ms 34ms	Fetch text/plain	2606:4700:3030::ac43:dadd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/ Requested by Host: dmmzkfd82wayn.cloudfront.net URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45dcefd256f8fd15e02d2eba219fc33053ff40ca6f35d3d06457b64b222e56bf Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin https://www.tumgir.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkdMF1625WHrBf0zrTiqPvi%2Bh%2FUg7A4pWkIbqMqNgL1qe07PzKVTz456BBYObjelJPDbppXNWYbCf3T04OWIuJLA0XyV70vtuaKakP33UQkvPqu7sTYmNcV9EmadiMC%2FRbwgFndpRzJ0Wedb"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 6f1d01be5da74bb9-YUL access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx Show response redibidilidi.com/	0 490 B	42ms 28ms	XHR text/plain	18.67.76.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://redibidilidi.com/utx?cb=FwA8KQeXc6Iq&top=www.tumgir.com&tid=921528 Requested by Host: dmmzkfd82wayn.cloudfront.net URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.76.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-76-32.iad89.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 04:05:14 GMT via 1.1 cbb1ad5df105c42cc24cca0b876989aa.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop IAD89-P2 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tumgir.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id fGO7y-XPZe6QHrcGJan-S9Naue7Kxo5PA4fubDu6MXZwkRpEJpISuQ==
GET H2	200	OzQPMlshMH4eekQKLBlVOgMvC1o9JQgtXzUnPhZ2MzMdGHQ2AANqXTYmGClBJBYPFmodJxMPVTY5GjZzMyAYNlo0GCYDZBkwKQJkRjAHa3M1Ihg5SCQKOjxhNBEECV5OKC4LXjU5HGsBElE6PGEzLxsbZAMsEwtdAzIPKgImNyYAZyAkBgJFWhYDFHQiKg0yAho0L... Show response redibidilidi.com/MndhSlpTFQInZVNKA2wvQBtcb2h0UlMMPl8aGyE8Vk9TPTtLGU8pNl0CBSwoXRkVZDRXA0R4HHQ4NnMuVzIzKxtzOgQvagIwIh8MCzRQfwNhGRYsGGBDOQExXiQxHzVLEiUlD3klVDgRWxsEBx9/ Frame ECFB	3 KB 2 KB	28ms 26ms	Document text/html	18.67.76.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://redibidilidi.com/MndhSlpTFQInZVNKA2wvQBtcb2h0UlMMPl8aGyE8Vk9TPTtLGU8pNl0CBSwoXRkVZDRXA0R4HHQ4NnMuVzIzKxtzOgQvagIwIh8MCzRQfwNhGRYsGGBDOQExXiQxHzVLEiUlD3klVDgRWxsEBx9/OzQPMlshMH4eekQKLBlVOgMvC1o9JQgtXzUnPhZ2MzMdGHQ2AANqXTYmGClBJBYPFmodJxMPVTY5GjZzMyAYNlo0GCYDZBkwKQJkRjAHa3M1Ihg5SCQKOjxhNBEECV5OKC4LXjU5HGsBElE6PGEzLxsbZAMsEwtdAzIPKgImNyYAZyAkBgJFWhYDFHQiKg0yAho0LQNoLzkQfwAxNiZvYhYGOgBhMhF6H2MmJw4ZXiEyJmIFLjA+PHMlJDwCdwcHGRl8FCULA2oVMzI+aiUSOQlFNiACDXc7KhwIcBYGJhhlIiM9HmcxOBkNdzs5Mm5oPg0tPnAxUHg8AwcEHmhdPDYfKXwSMC18WAQOJCoPJ1M8G2cOMBAIdzM Requested by Host: dmmzkfd82wayn.cloudfront.net URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.76.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-76-32.iad89.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash b79eed0e842733d47a26dc5252992a0a89d5741dbe85977e524610303f968016 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ Response headers content-type text/html content-length 1226 date Sat, 26 Mar 2022 04:05:14 GMT server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform pragma no-cache p3p CP="NID DSP ALL COR" content-encoding gzip accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache Miss from cloudfront via 1.1 cbb1ad5df105c42cc24cca0b876989aa.cloudfront.net (CloudFront) x-amz-cf-pop IAD89-P2 x-amz-cf-id MOYMS62AWZjLCMWT8y0cvl0Ksn2z4u3NaYtnzMG4P6UnOZB3i6d0Yg==
GET H2	200	cgQfGCNwY2EUKXd3KQsceCIFCh5dBxAcAFAXHWAvXSUiFlR3MRIBX1YIYSYqfnckKAcEPjwHHGR2BhoJYAwHNjd8d2MjNkIDOgdVYy0YYRVWHxscAFMuPDw2QgsiCjVWKgAaEXYWOhgvUwcZOjxeCHZgJHN0Hgc1fTEQGBwNAjYTPAQcAGsUdAESJzEGKTE2MWciH... Show response redibidilidi.com/ZjVGU1IHVyU+bQcIJHUnFFl7dmAgEHQVNgtYPDg0Ag10JDMfW2gwPglAIjUgCVsyfTwDQWNhFD9XE2crM3MfHBswQnQyAA1bED5jE2IOYxU/ Frame 8FE6	3 KB 2 KB	24ms 24ms	Document text/html	18.67.76.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://redibidilidi.com/ZjVGU1IHVyU+bQcIJHUnFFl7dmAgEHQVNgtYPDg0Ag10JDMfW2gwPglAIjUgCVsyfTwDQWNhFD9XE2crM3MfHBswQnQyAA1bED5jE2IOYxU/cgQfGCNwY2EUKXd3KQsceCIFCh5dBxAcAFAXHWAvXSUiFlR3MRIBX1YIYSYqfnckKAcEPjwHHGR2BhoJYAwHNjd8d2MjNkIDOgdVYy0YYRVWHxscAFMuPDw2QgsiCjVWKgAaEXYWOhgvUwcZOjxeCHZgJHN0Hgc1fTEQGBwNAjYTPAQcAGsUdAESJzEGKTE2MWciH2IvUgk0NVNjPBprJHEpCwsOdx81A0tjY2EQPGMyIRMhd2NhECRcHBQCMkUPNRogBBwVYg9iPCAoNX0xEBwceAkZBFcAJWJrQwcEBgYBXgc6HD5REQIgAkIydmAkby0dZCVYFDoDVUYCNwU0URYFH1R7Pms8IAcPAgUuBQA1PzBXJxY2Em8xdTgVWigjbzdWDWtgNWUzYWVX Requested by Host: dmmzkfd82wayn.cloudfront.net URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.76.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-76-32.iad89.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash d98306a39f04de82567d451ade22ae6ad3959dbe77493f1ae3468671be223ed7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ Response headers content-type text/html content-length 1215 date Sat, 26 Mar 2022 04:05:14 GMT server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform pragma no-cache p3p CP="NID DSP ALL COR" content-encoding gzip accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache Miss from cloudfront via 1.1 cbb1ad5df105c42cc24cca0b876989aa.cloudfront.net (CloudFront) x-amz-cf-pop IAD89-P2 x-amz-cf-id 1T8O7TGFReehpCkjNTbi-GNSBdY6x7OM-OBbyhJbmvUBGHD_ay0qzA==
GET H3	200	/ Show response freychang.fun/	27 B 653 B	72ms 54ms	Fetch text/plain	2606:4700:3030::ac43:dadd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/ Requested by Host: dmmzkfd82wayn.cloudfront.net URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45dcefd256f8fd15e02d2eba219fc33053ff40ca6f35d3d06457b64b222e56bf Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin https://www.tumgir.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V25f7yXmnc7X274soHbSXfjYzfT9eZ7jZ0Qwh3pSBsbUjLTKqnrZ5h6gY88BdeXvB08nqx8xI5g2bx60dlkoafAPkhOE%2FBk14WhA%2Bf6f%2B7GuOUD8EBqHTafWtLERTldTqdNRTBmgfxvwqNj%2B"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 6f1d01becdd8ca6f-YUL access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx Show response redibidilidi.com/	0 489 B	28ms 24ms	XHR text/plain	18.67.76.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://redibidilidi.com/utx?cb=T84ABpzkIzIk&top=www.tumgir.com&tid=853405 Requested by Host: dmmzkfd82wayn.cloudfront.net URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.76.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-76-32.iad89.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 04:05:14 GMT via 1.1 cbb1ad5df105c42cc24cca0b876989aa.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop IAD89-P2 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tumgir.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id WsUStg8QkhrFpteUc41Z2PulVtP0UiBVCzcaPQsShGtVjWOGOQjRpQ==
GET H3	204	N2lzZnMYVhAVTm1ZIVcnTSsmACZ5XzEKJU04OxUyYQcXJRZmMFUSGlNUSlRCAltLQANeDU5XVUQdEhIGRFRCQBpZDxxbVUFUQkhAA0dBU10HTwZbQhEdAwcUClhVFgdDBU5XRQNRQVBEAlhHUEMO mookiyooki.com/	0 481 B	59ms 33ms	Image text/plain	2606:4700:3036::ac43:c061 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mookiyooki.com/N2lzZnMYVhAVTm1ZIVcnTSsmACZ5XzEKJU04OxUyYQcXJRZmMFUSGlNUSlRCAltLQANeDU5XVUQdEhIGRFRCQBpZDxxbVUFUQkhAA0dBU10HTwZbQhEdAwcUClhVFgdDBU5XRQNRQVBEAlhHUEMO Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c061 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsBVW%2BpCOWY5p1pi9Ww02qXNEO5uZ0S3KmHwdsw5FXR%2B%2F9wP15LOqxyHQcuN5Y%2BUByVdTnOLtLa0sy%2FLn80XRypTNbFhC5Ibnt5B1OI3Z%2FUu2vBoBCB8MJUI9ETDIMS4W3%2BzefIRFaxWwcpgFQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6f1d01bedc3e4bb8-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	login.php www.facebook.com/	0 0	196ms 153ms	Image text/html	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H2	200	ServiceLogin accounts.google.com/	0 0	130ms 74ms	Image text/html	2607:f8b0:4006:822::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::200d Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H2	200	ServiceLogin accounts.google.com/	0 0	150ms 95ms	Image text/html	2607:f8b0:4006:822::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::200d Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H3	204	QXVkN2JuSgdEXyIYFAIBFiMlb1I5PTFiOBshVHk2EkQUeDAtMEJDCyVIXAJRdUVSERIoEVkGWmcGEFYWNAZZBkQoGwJYX2cDWQZMcVtVGVJnAFkGRDUFBVBfcFMUQxYtSFUBVnlHUgBXcEFSA1c mookiyooki.com/	0 512 B	57ms 32ms	Image text/plain	2606:4700:3036::ac43:c061 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mookiyooki.com/QXVkN2JuSgdEXyIYFAIBFiMlb1I5PTFiOBshVHk2EkQUeDAtMEJDCyVIXAJRdUVSERIoEVkGWmcGEFYWNAZZBkQoGwJYX2cDWQZMcVtVGVJnAFkGRDUFBVBfcFMUQxYtSFUBVnlHUgBXcEFSA1c Requested by Host: www.tumgir.com URL: https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c061 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsViVkEJjOVPxHyPTBygqJaeWe1Cp3RAYnLj%2Btt28cwvMHfeN4FvLYkxiswDLi0QO1vn%2F7iotBIUV7wakPUVkdqfBZS%2Bo36mfXcYqh%2F8LvljncWoMo6VAAoalkTlmZQEajwN2dKW6T%2Bj2Omopg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6f1d01bedc3f4bb8-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	id Show response googleads.g.doubleclick.net/pagead/ Frame 8468 Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	100 B 146 B	61ms 34ms	XHR application/json	2607:f8b0:4006:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque Protocol H3 Server 2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c4db783ef781b5df38856b13aa2de22e23bbc3c9bca4ae5ab3a1a992187daa39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:14 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 120 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 26 Mar 2022 04:05:14 GMT x-content-type-options nosniff access-control-allow-origin https://www.youtube.com p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame 8468	29 B 588 B	67ms 19ms	Script text/javascript	2607:f8b0:4006:821::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c6736352/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2006 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 03:52:35 GMT x-content-type-options nosniff age 759 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 26 Mar 2022 04:07:35 GMT
OPTIONS H2	200	Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	93ms 33ms	Preflight text/html	2607:f8b0:4006:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::200a Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Origin https://www.youtube.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-origin https://www.youtube.com vary origin referer x-origin access-control-allow-credentials true access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-max-age 3600 date Sat, 26 Mar 2022 04:05:14 GMT content-type text/html server ESF content-length 0 x-xss-protection 0 x-frame-options SAMEORIGIN x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3	200	Create Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8468	45 KB 22 KB	65ms 39ms	XHR application/json+protobuf	2607:f8b0:4006:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c6736352/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::200a Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7f257ddadd19020d941779a001dabe7cb16293db84f3eb5319179b0140f031ef Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/json+protobuf Response headers date Sat, 26 Mar 2022 04:05:14 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 22572 x-xss-protection 0
GET H3	200	remote.js Show response www.youtube.com/s/player/c6736352/player_ias.vflset/en_US/ Frame 8468	119 KB 37 KB	23ms 22ms	Script text/javascript	2607:f8b0:4006:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c6736352/player_ias.vflset/en_US/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c6736352/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80a::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d71504c16c84ab228fcbd1e4ad78b8e01ab6cca124773cda871383fd45f0e55c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 24 Mar 2022 14:48:40 GMT content-encoding br x-content-type-options nosniff age 134194 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37591 x-xss-protection 0 last-modified Thu, 24 Mar 2022 00:16:33 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 24 Mar 2023 14:48:40 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/c6736352/player_ias.vflset/en_US/ Frame 8468	27 KB 8 KB	20ms 19ms	Script text/javascript	2607:f8b0:4006:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c6736352/player_ias.vflset/en_US/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c6736352/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80a::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 49ab3257b5fd88f636f3bce335d25d55c32bbb0eab033cd44ed7b340530620c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 24 Mar 2022 14:48:41 GMT content-encoding br x-content-type-options nosniff age 134193 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8081 x-xss-protection 0 last-modified Thu, 24 Mar 2022 00:16:33 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 24 Mar 2023 14:48:41 GMT
GET DATA	200 OK	truncated / Frame 8468	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET H2	200	MDCuuU2a4cYBmIXW_QzOYil5c9vPh0r4XZiqkIaCQrNxa-Bdvbrg7tQYacOE9unLMDf2NnTTY0Q=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ Frame 8468	2 KB 2 KB	68ms 20ms	Image image/jpeg	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/MDCuuU2a4cYBmIXW_QzOYil5c9vPh0r4XZiqkIaCQrNxa-Bdvbrg7tQYacOE9unLMDf2NnTTY0Q=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash c3eced242f1708d295dfd7af339c2fcdb8d49ac9d5e381a7c21c06db5f2e1e82 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 03:48:53 GMT x-content-type-options nosniff age 981 content-disposition inline;filename="channels4_profile.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1568 x-xss-protection 0 server fife etag "v2" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Fri, 18 Feb 2022 23:52:08 GMT
GET H2	200	sddefault.webp i.ytimg.com/vi_webp/JWf7VZ8zXG4/ Frame 8468	35 KB 35 KB	91ms 42ms	Image image/webp	2607:f8b0:4006:80b::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/JWf7VZ8zXG4/sddefault.webp Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2016 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c82523047967a529cd60f36475e7dce73ae3b6723b43778bdf4d8329afc978b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35782 x-xss-protection 0 server sffe etag "1645702357" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 26 Mar 2022 06:05:15 GMT
GET H2	200	RHEDTnpaal4DPAcuEFkLT3AFByEBJxBZeA0nVgAnQ2cHWysCMFoGLU9wc1JxRHIbX3BedhteeU9wBRgpDCNHAm1YBABYf0RxA009V3M Show response d18g6t7whf8ejf.cloudfront.net/mQjVrSGohWgUuVTZcD3VSdwZfeF9kXxgnBDIIDwQOBnZeBAQqDT9uHjhRVnhMLlQFL1dkUAUrV3MTCiwIfwFNPBotXlY9DipRAzsPK1cPbh8jCAYnECtZBylPcHNeZlpnB1tgHStbDycdMRBZeAQ2EFl4W3IbW21ZABBZeB... Frame 82F6	583 B 725 B	103ms 97ms	Script text/plain	99.84.120.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d18g6t7whf8ejf.cloudfront.net/mQjVrSGohWgUuVTZcD3VSdwZfeF9kXxgnBDIIDwQOBnZeBAQqDT9uHjhRVnhMLlQFL1dkUAUrV3MTCiwIfwFNPBotXlY9DipRAzsPK1cPbh8jCAYnECtZBylPcHNeZlpnB1tgHStbDycdMRBZeAQ2EFl4W3IbW21ZABBZeB0rW118T3F3TnpaOgNfYU9wBQ-o4Gi5QHC0IKVwfbVgEAFh/RHEDTnpaal4DPAcuEFkLT3AFByEBJxBZeA0nVgAnQ2cHWysCMFoGLU9wc1JxRHIbX3BedhteeU9wBRgpDCNHAm1YBABYf0RxA009V3M Requested by Host: redibidilidi.com URL: https://redibidilidi.com/MmprZjBTCAgLD1NXCUBFQAZWQwJ0T1kgVANSDFBEBR0DAAhXAA1IU14FHgJWQAUFEh5cDx9DAnQHOgxmQDksCVhlDT4TZmYwCCIDZDkPEWpUDy1fW2oSDAhydiMiIkdjJSkIalcoKjdBdj5SE3hYAjkwXlonJwphdCZaAltnKz4UZgEnPyVZRSMNEXZ8OikJRGoGMl90Wxo5J0pBOiBXU2IIA15acSsyCHVxHjEkSV46CC5+VzAHFl5wWx8BeGEeCSJJUQ4mNHJoDyo3AncsB1JnASMJMQIDMCokcmgPKVZCZVtaXmQBLFgyXkILJAF+VDM+X0dwO0YJBHUDXjd4cVoiLWZFDAkwV3crLQ4VACw5LnV2PgUWUVMGXyJgcwkeI3ZZJj9VcXQoEiNyeBIpPFVzWgUwV3MEOlRTej0SFXN/LAQhfGdTHAUBeBI5LnlQMlgkVVYCHwNVZ1McJGJVGi8lfnorBldpcCspP1YCOBMnAAJTPVV9FAAYCV5CVw8qVHYpXipeWlI/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.120.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-120-21.ewr52.r.cloudfront.net Software / Resource Hash 95ac96a71d8ba06af01dea558e3d5bb94a56e23c040ed831f34297d061a7047e Request headers Accept-Language en-CA,en;q=0.9 Referer https://redibidilidi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip x-amz-cf-pop EWR52-C3 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 450 via 1.1 3cd1317514b30fdf5f6be98709ec1b0e.cloudfront.net (CloudFront) x-amz-cf-id t5r3a2_x7htd15OjPpeZt7RhmnHcOcNXZBj-5w1trK3Qsp6Gt4pczQ==
GET H2	200	Wl5PagpZSEp0EQQFDClVSl87YQtfAREvXEpfSCNcDAYXbRxdXRssSwAAHWELKVRBaglBWUBwDUFYSWELXx4ZIlgdBF12f1peT2oKWUsNeQg Show response dmmzkfd82wayn.cloudfront.net/FOW9teERaAAMee00GCUV9C15YSnwfBR4XKklSPUoyeDoUKR5rKileMEMLUEhiVQ4DH3kfCgMbeQhJDBwmBFtLDDRWBFAaI0oAGRssSwELXjFYUgAXPlADARlhCylYVnQcXV1QM1ABCRczSkpfSCpNSl9IdQlBXV13e0pfSDN... Frame ECFB	947 B 916 B	94ms 91ms	Script text/plain	2600:9000:2162:1000:6:2e3c:5fc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dmmzkfd82wayn.cloudfront.net/FOW9teERaAAMee00GCUV9C15YSnwfBR4XKklSPUoyeDoUKR5rKileMEMLUEhiVQ4DH3kfCgMbeQhJDBwmBFtLDDRWBFAaI0oAGRssSwELXjFYUgAXPlADARlhCylYVnQcXV1QM1ABCRczSkpfSCpNSl9IdQlBXV13e0pfSDNQAVtMYQotSEp0QVlZUWELXw-wINFUKGh0mUgYZXXZ/Wl5PagpZSEp0EQQFDClVSl87YQtfAREvXEpfSCNcDAYXbRxdXRssSwAAHWELKVRBaglBWUBwDUFYSWELXx4ZIlgdBF12f1peT2oKWUsNeQg Requested by Host: redibidilidi.com URL: https://redibidilidi.com/MndhSlpTFQInZVNKA2wvQBtcb2h0UlMMPl8aGyE8Vk9TPTtLGU8pNl0CBSwoXRkVZDRXA0R4HHQ4NnMuVzIzKxtzOgQvagIwIh8MCzRQfwNhGRYsGGBDOQExXiQxHzVLEiUlD3klVDgRWxsEBx9/OzQPMlshMH4eekQKLBlVOgMvC1o9JQgtXzUnPhZ2MzMdGHQ2AANqXTYmGClBJBYPFmodJxMPVTY5GjZzMyAYNlo0GCYDZBkwKQJkRjAHa3M1Ihg5SCQKOjxhNBEECV5OKC4LXjU5HGsBElE6PGEzLxsbZAMsEwtdAzIPKgImNyYAZyAkBgJFWhYDFHQiKg0yAho0LQNoLzkQfwAxNiZvYhYGOgBhMhF6H2MmJw4ZXiEyJmIFLjA+PHMlJDwCdwcHGRl8FCULA2oVMzI+aiUSOQlFNiACDXc7KhwIcBYGJhhlIiM9HmcxOBkNdzs5Mm5oPg0tPnAxUHg8AwcEHmhdPDYfKXwSMC18WAQOJCoPJ1M8G2cOMBAIdzM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2162:1000:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash c2e58e4d112a8adbb7d5ffc76da2784cd52713ca7d4257d061aea275fb089e22 Request headers Accept-Language en-CA,en;q=0.9 Referer https://redibidilidi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip x-amz-cf-pop EWR52-C3 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 639 via 1.1 4a7ef8cbf68469938b3b0dd42dbc4de8.cloudfront.net (CloudFront) x-amz-cf-id asjHdBlbp-sJ5lowrPA5Neb8IWZv0pOZS6Kk3VuOLf9s-D45iIyPhw==
GET H2	200	OB1zYzMdVXxhACNfeQN2IhcqD2BwAS9cN2tLK1wza1xoUzQ0UHoUJTdQI10qPwEiU3VkK3scYHNffhonPwMqXSclSHwCPiJIfAJhZkN+F2MUSHwCJz8DeAZ1ZS9rAGAuW3obdWRdL0IgOgg5VzI9BDoXYhBYfQ-V+ZVtrAGB+BiZGPTpIfHF1ZF0iWzszSHwCNzMO... Show response dmmzkfd82wayn.cloudfront.net/YbU4yUFYOIVw2aRknVm1uWH0GYGBLJEE/ Frame 8FE6	183 B 459 B	101ms 101ms	Script text/plain	2600:9000:2162:1000:6:2e3c:5fc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dmmzkfd82wayn.cloudfront.net/YbU4yUFYOIVw2aRknVm1uWH0GYGBLJEE/OB1zYzMdVXxhACNfeQN2IhcqD2BwAS9cN2tLK1wza1xoUzQ0UHoUJTdQI10qPwEiU3VkK3scYHNffhonPwMqXSclSHwCPiJIfAJhZkN+F2MUSHwCJz8DeAZ1ZS9rAGAuW3obdWRdL0IgOgg5VzI9BDoXYhBYfQ-V+ZVtrAGB+BiZGPTpIfHF1ZF0iWzszSHwCNzMOJV15c19+UTgkAiNXdWQrdwt+ZkN6CmRiQ3sDdWRdPVM2Nx8nF2IQWH0FfmVbaEdtZw Requested by Host: redibidilidi.com URL: https://redibidilidi.com/ZjVGU1IHVyU+bQcIJHUnFFl7dmAgEHQVNgtYPDg0Ag10JDMfW2gwPglAIjUgCVsyfTwDQWNhFD9XE2crM3MfHBswQnQyAA1bED5jE2IOYxU/cgQfGCNwY2EUKXd3KQsceCIFCh5dBxAcAFAXHWAvXSUiFlR3MRIBX1YIYSYqfnckKAcEPjwHHGR2BhoJYAwHNjd8d2MjNkIDOgdVYy0YYRVWHxscAFMuPDw2QgsiCjVWKgAaEXYWOhgvUwcZOjxeCHZgJHN0Hgc1fTEQGBwNAjYTPAQcAGsUdAESJzEGKTE2MWciH2IvUgk0NVNjPBprJHEpCwsOdx81A0tjY2EQPGMyIRMhd2NhECRcHBQCMkUPNRogBBwVYg9iPCAoNX0xEBwceAkZBFcAJWJrQwcEBgYBXgc6HD5REQIgAkIydmAkby0dZCVYFDoDVUYCNwU0URYFH1R7Pms8IAcPAgUuBQA1PzBXJxY2Em8xdTgVWigjbzdWDWtgNWUzYWVX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2162:1000:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 3f0a4b9cacdbb56936ff256540d35f96eda1af73ab434e3292b02e5251291f68 Request headers Accept-Language en-CA,en;q=0.9 Referer https://redibidilidi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip x-amz-cf-pop EWR52-C3 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 182 via 1.1 4a7ef8cbf68469938b3b0dd42dbc4de8.cloudfront.net (CloudFront) x-amz-cf-id 3P5NglcojYW_1QMIc_N9yhf45xOMIpESphyQIFqo3tO6TJUHkN14_g==
GET H2	200	IdDBZRUEXXzcjfgBZPXh5QQJgcnVSWioqLwQNGHMDFV8LDyBFBjIpeSZ4fzE7EA1pYy0VXj54ZxFeOnhwUlE9J3xAFi01Lh8NLCslEVYwKyQQFiwkfBlfIywtGFF8dwdBHmlgc0QYLiwvEF8uNmRGADcxZEYAaHVvRBVqB2RGAC4sL0IEfHYDUQJpPXdAGX-x3cRV... Show response d18g6t7whf8ejf.cloudfront.net/ Frame 6805	419 B 617 B	96ms 95ms	Script text/plain	99.84.120.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d18g6t7whf8ejf.cloudfront.net/IdDBZRUEXXzcjfgBZPXh5QQJgcnVSWioqLwQNGHMDFV8LDyBFBjIpeSZ4fzE7EA1pYy0VXj54ZxFeOnhwUlE9J3xAFi01Lh8NLCslEVYwKyQQFiwkfBlfIywtGFF8dwdBHmlgc0QYLiwvEF8uNmRGADcxZEYAaHVvRBVqB2RGAC4sL0IEfHYDUQJpPXdAGX-x3cRVAKSkkA1U7LigAFWsDdEcHd3Z3UQJpbSocRDQpZEZzfHdxGFkyIGRGAD4gIh9fcGBzRFMxNy4ZVXx3B00Jd3VvQAhtcW9BAXx3cQdRPyQzHRVrA3RHB3d2d1JFZHQ Requested by Host: redibidilidi.com URL: https://redibidilidi.com/THZDeFctFCAVaC1LIV4iPhp+XWUKU3E+M31OJE4jewErHm8pHCVWNCAZNhwxPhktDHkiEzddZQo/JzwVFiQWPQ8UDCASMSs0GSgPJEMSKR0rFS0uBBsfLAkbOycNPx8BMgUubwAyOjoRDhwKCDIfLHceLQlBBjlmPC86SAEUHHZMDTQwJjc5JAEWFBJ1PHAAFgofc0kbJE4NNBQ/GgYuDjs9OikGCh80EzEOGiUxLjsCBD4RdBI0HBUEGy8fNHwnGjQ+OwAGPm85OC4qEA0yIAANCS8CGR8aABE6AT00cSoQDTV3Cxt8PwYeHxUyFikdPCYbHBYLLm4AZC8kFTkcHx0oOWYZQQ8RMA0wFAsTKDMgMDN/LHAtBgYGISs4LyQHKScWMxkCMQQSOz8RJw8KPwULNwdMMAUeeh40CzQ5KhEBDg0BYxYgGwBkDkZzMjN/IDUpFiQCIC9uDjcbAGQvJycqBzUnOTAFGgQCSwUENHAcZShHCT4NBCdlEiQjGDNFFno0IhcFBhdyTjwgThEw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.120.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-120-21.ewr52.r.cloudfront.net Software / Resource Hash ba6fd2bebe7c13578194dec36036c1cc898aaf325da053399d56b4cb17664b18 Request headers Accept-Language en-CA,en;q=0.9 Referer https://redibidilidi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip x-amz-cf-pop EWR52-C3 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 341 via 1.1 3cd1317514b30fdf5f6be98709ec1b0e.cloudfront.net (CloudFront) x-amz-cf-id OfdfPoHgBs0t-i6YKRTCXnQLjgtZpsRicKuuCCcoNcI5LqdQgKgxCA==
GET H2	200	moatframe.js Show response z.moatads.com/addthismoatframe568911941483/	2 KB 1 KB	101ms 32ms	Script application/x-javascript	104.110.250.9 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/addthismoatframe568911941483/moatframe.js Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.110.250.9 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-110-250-9.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip last-modified Fri, 08 Nov 2019 20:13:52 GMT server AmazonS3 x-amz-request-id 6A07D9CDA6EABBB8 etag "f14b4e1f799b14f798a195f43cf58376" vary Accept-Encoding content-type application/x-javascript cache-control max-age=34846 accept-ranges bytes content-length 948 x-amz-id-2 bMVNTvmooWJrXd613nC3W6DUu7bGMtzM5JTbWH4UdA8CCDonWRULJc48V0RZl7jjtJorEVsnN7o=
POST H2	200	/ Show response mnndnnbnn.com/	0 37 B	81ms 26ms	XHR text/plain	44.195.137.121 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mnndnnbnn.com/ Requested by Host: mefagetobri.top URL: https://mefagetobri.top/R1lRTm08eyI5MjIrPWxXZTElOh00Y35hGjAufzoYKj44PEMkNjxhHjB3Oz1Pa3siIwtlY2BiTzQ0J2xXZW1%2Ffk9reyUvChgwNWxXZWFleFp2aXNiTzQsMxEEI2tzdE93YTR7XndoM2NVJmxpY1kjaWNjD3I8MmNbcjhpe1lxPzMrDHF7LA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-137-121.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * content-length 0
GET		sw.js www.tumgir.com/ Frame	0 0
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 8468	4 KB 3 KB	80ms 32ms	Script text/javascript	2607:f8b0:4006:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c6736352/player_ias.vflset/en_US/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 26 Mar 2022 04:05:15 GMT
OPTIONS H3	200	GenerateIT jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	34ms 33ms	Preflight text/html	2607:f8b0:4006:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::200a Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Origin https://www.youtube.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-origin https://www.youtube.com vary origin referer x-origin access-control-allow-credentials true access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-max-age 3600 date Sat, 26 Mar 2022 04:05:15 GMT content-type text/html server ESF content-length 0 x-xss-protection 0 x-frame-options SAMEORIGIN x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3	200	GenerateIT Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8468	98 B 142 B	36ms 36ms	XHR application/json+protobuf	2607:f8b0:4006:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c6736352/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::200a Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f9c29a5f12386e1cf4590f41e493fcc22d9c135f68cf5734c72f1f724d2fde45 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/json+protobuf Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 118 x-xss-protection 0
GET H3	200	cast_sender.js Show response www.gstatic.com/eureka/clank/99/ Frame 8468	53 KB 15 KB	47ms 20ms	Script text/javascript	2607:f8b0:4006:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/99/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6c31dcc878ab2e52cea5f38b4c3f1d1cfec4dbae070da4e460b336b3705bc423 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 14:21:47 GMT content-encoding gzip x-content-type-options nosniff age 49408 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15479 x-xss-protection 0 last-modified Mon, 10 Jan 2022 16:05:27 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Sat, 26 Mar 2022 14:21:47 GMT
GET H2	200	_ate.track.config_resp Show response v1.addthisedge.com/live/boost/ra-6103d59079bcdcec/	1 KB 680 B	99ms 76ms	Script application/javascript	104.106.1.225 AS6453
General Check archive.org Show headers Download Go to Full URL https://v1.addthisedge.com/live/boost/ra-6103d59079bcdcec/_ate.track.config_resp Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.106.1.225 Atlanta, United States, ASN6453 (AS6453, US), Reverse DNS a104-106-1-225.deploy.static.akamaitechnologies.com Software / Resource Hash 1e552184493eea74a53b11e52b6e6eec9c35d90cece6592d9bdf6cf1090ad8c0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip etag 706338575--gzip vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control public, max-age=15, s-maxage=86400 content-disposition attachment; filename=1.txt content-length 504
GET H2	200	300lo.json Show response m.addthis.com/live/red_lojson/	101 B 942 B	225ms 120ms	Script application/javascript	104.106.1.225 AS6453
General Check archive.org Show headers Download Go to Full URL https://m.addthis.com/live/red_lojson/300lo.json?si=623e90fa1685237a&bkl=0&bl=1&pdt=244&sid=623e90fa1685237a&pub=ra-6103d59079bcdcec&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tumgir.com&fp=tag%2F2023%2520Jeep%2520Wrangler%25204xe&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1648267515213&jsl=1&uvs=623e90fa8860af81000&skipb=1&callback=addthis.cbs.jsonp__13378163763547080 Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.106.1.225 Atlanta, United States, ASN6453 (AS6453, US), Reverse DNS a104-106-1-225.deploy.static.akamaitechnologies.com Software / Resource Hash 1a8b70a984aab5d36379d6468bb68ddc1ae3a7340d88ec193695dac70c2d4596 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 04:05:15 GMT cache-control max-age=0, no-cache, no-store, no-transform content-disposition attachment; filename=1.txt p3p policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA" content-length 101 content-type application/javascript;charset=utf-8
GET		sh.f48a1a04fe8dbf021b4cda1d.html s7.addthis.com/static/ Frame 0DE8	0 0
GET H2	200	sh.f48a1a04fe8dbf021b4cda1d.html Show response s7.addthis.com/static/ Frame 871C	71 KB 26 KB	43ms 43ms	Document text/html	104.106.1.225 AS6453
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.106.1.225 Atlanta, United States, ASN6453 (AS6453, US), Reverse DNS a104-106-1-225.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ Response headers server nginx/1.15.8 content-type text/html last-modified Mon, 26 Oct 2020 18:11:48 GMT etag W/"5f971164-11adc" timing-allow-origin * cache-control public, max-age=86313600 p3p CP="NON ADM OUR DEV IND COM STA" strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip content-length 26421 date Sat, 26 Mar 2022 04:05:15 GMT vary Accept-Encoding x-host s7.addthis.com
GET H2	200	connatix.player.js Show response cds.connatix.com/p/156025/ Frame BC54 Redirect Chain https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 https://cds.connatix.com/p/156025/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398	855 KB 199 KB	35ms 11ms	Script application/javascript	151.101.130.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cds.connatix.com/p/156025/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol H2 Server 151.101.130.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cb31088f2e253437a4c2ad556bab679200e3305d1f5d3d5be3735c828946d908 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding br last-modified Fri, 25 Mar 2022 09:03:46 GMT age 67515 etag "97bddce7c757b4fd7c83fd51713b002c" vary Accept-Encoding content-type application/javascript access-control-allow-origin * access-control-max-age 86400 cache-control public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600 accept-ranges bytes content-length 203521 Redirect headers location https://cds.connatix.com/p/156025/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 date Sat, 26 Mar 2022 04:05:15 GMT cache-control no-cache, no-store, must-revalidate, max-age=0 fastly-original-body-size 0 accept-ranges bytes content-length 0 access-control-max-age 86400
GET H3	200	popunder.gif mookiyooki.com/	35 B 596 B	16ms 15ms	Image image/gif	2606:4700:3036::ac43:c061 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mookiyooki.com/popunder.gif Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c061 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma public date Sat, 26 Mar 2022 04:05:15 GMT cf-cache-status HIT last-modified Fri, 25 Mar 2022 19:38:41 GMT server cloudflare age 30394 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKFW%2BqOFsiPajBmp3NCGchs8DSiopZtywB9Pq92kfF0zIdBV1HOHMniki0J%2BWlPBQwM%2FH4Hzaa7ob2Kykc%2BdhOM1en7J%2F7wqaayGlmsv5b2l4D%2BTBSfRPmHATam7LkJcQ3LXlFTsSQtJRYB5OQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6f1d01c2af324bb8-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	si capi.connatix.com/tr/	0 67 B	65ms 42ms	Image application/json	151.101.130.137 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://capi.connatix.com/tr/si?token=4774eef9-309c-40d8-8dc1-bf70e43e9987&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT access-control-allow-credentials true accept-ranges bytes content-length 0 access-control-max-age 86400 content-type application/json
GET H2	200	layers.fa6cd1947ce26e890d3d.js Show response s7.addthis.com/static/	263 KB 76 KB	42ms 42ms	Script application/javascript	104.106.1.225 AS6453
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.106.1.225 Atlanta, United States, ASN6453 (AS6453, US), Reverse DNS a104-106-1-225.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip last-modified Mon, 26 Oct 2020 18:11:48 GMT server nginx/1.15.8 etag W/"5f971164-41cf5" vary Accept-Encoding content-type application/javascript cache-control public, max-age=86313600 date Sat, 26 Mar 2022 04:05:15 GMT x-host s7.addthis.com timing-allow-origin * content-length 77617
GET H2	200	multi Show response redibidilidi.com/	3 KB 2 KB	28ms 28ms	XHR text/plain	18.67.76.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://redibidilidi.com/multi?cs=Zm1LYjRUXXtXB1RUflQDVFt%2BVgY&abt=0&red=1&sm=76&k=2023%20jeep%20wrangler%20explore%20tumblr%20posts%20blogs%20tumgir&v=1.0.57.0&sts=2&prn=0&emb=0&tid=853405&u=2137333371011687&agec=1648267514&fs=1&ref=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F99.0.4844.51%20safari%2F537.36&tzd=0&uloc=&if=0&_9v8K=1648267515317&crc=1 Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.76.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-76-32.iad89.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 48281b8dda800ac3ac102172a4e8f1359788a4a37931d2536e987797ce4d3f33 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip server openresty/1.17.8.2 x-amz-cf-pop IAD89-P2 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tumgir.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version content-type text/plain content-length 1400 via 1.1 cbb1ad5df105c42cc24cca0b876989aa.cloudfront.net (CloudFront) x-amz-cf-id e929RZUaGa8Ytc5MeyfRPeyePfDCQ4eRm8qCZMtZfBKYIjIHIUSknA==
POST H3	204	S21aaTVkUjkaCBlcFAVRDCMjM1kZJQxaYyY7H1hgLV8UPWd6AnwdXC9QYlwHclpuT0UiCWdaB20eLghBPh5nWwV7WnwAWy0CZ1sTPVBqRw1lWnRZEz5QaFgGfF5pWgZ8XGpYBH1VbU9BOww9VARtHS4dWXZcbF0NeVttXAR+XmtR mookiyooki.com/	0 478 B	30ms 30ms	Ping text/plain	2606:4700:3036::ac43:c061 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mookiyooki.com/S21aaTVkUjkaCBlcFAVRDCMjM1kZJQxaYyY7H1hgLV8UPWd6AnwdXC9QYlwHclpuT0UiCWdaB20eLghBPh5nWwV7WnwAWy0CZ1sTPVBqRw1lWnRZEz5QaFgGfF5pWgZ8XGpYBH1VbU9BOww9VARtHS4dWXZcbF0NeVttXAR+XmtR Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c061 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fm3sK0qFzyfvqIIcU%2BMG88VkfvAkGK64S2QSvFcNpLZGq1jITyh0psUNBrNz%2FcJ2RkZfO77hv5nUxJSsTjfsUTqpGElgSiGjDqW4NoPA49L%2F0TI8D79g311Tq2RBrJHOuEoQXJ%2BTdFuVc%2BdPvQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6f1d01c2cf4d4bb8-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	floater Show response redibidilidi.com/	2 KB 2 KB	168ms 168ms	XHR text/plain	18.67.76.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://redibidilidi.com/floater?cs=MEdxbDcFckBfAwJyQFUACHdHXw4&abt=0&red=1&sm=83&k=2023%20jeep%20wrangler%20explore%20tumblr%20posts%20blogs%20tumgir&v=0.8.7.0&sts=0&prn=0&emb=0&tid=852974&u=2137333371011687&agec=1648267514&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F99.0.4844.51%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td1_oi1_&_Kuxr=1648267515319&crc=1 Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.76.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-76-32.iad89.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e81eb0c06cea0a45d37180e0f3b5d168e3d0088f6baab9f1f0b62c4d5eeb9887 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip server openresty/1.17.8.2 x-amz-cf-pop IAD89-P2 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tumgir.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version content-type text/plain content-length 1065 via 1.1 cbb1ad5df105c42cc24cca0b876989aa.cloudfront.net (CloudFront) x-amz-cf-id gAXGeWUK6moj659g047MtvxUZldSmAdKsu-NBrgJprPFdAgV0PPNlA==
GET H3	200	popunder.gif mookiyooki.com/	35 B 593 B	18ms 17ms	Image image/gif	2606:4700:3036::ac43:c061 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mookiyooki.com/popunder.gif Requested by Host: dmmzkfd82wayn.cloudfront.net URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c061 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma public date Sat, 26 Mar 2022 04:05:15 GMT cf-cache-status HIT last-modified Fri, 25 Mar 2022 19:38:41 GMT server cloudflare age 30394 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLEVa5fhNJTfKXJ77OSDFZebkEwRQ4%2FSMdSfJc12S21SPx24NpmklpXLeoFrMZUqrQKKNaliUeM7aqlpwxpILGcmhYqjF7uzqUeYM4E5jsY23EnXZitJDhhc4Y7i%2BQXIptGjGo6HPG6wr%2Bwogg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6f1d01c30f8f4bb8-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	200	shares-post.json Show response api-public.addthis.com/url/serviceapi/	2 B 277 B	554ms 115ms	XHR application/json	104.106.1.225 AS6453
General Check archive.org Show headers Download Go to Full URL https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.106.1.225 Atlanta, United States, ASN6453 (AS6453, US), Reverse DNS a104-106-1-225.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.tumgir.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-type text/plain Response headers strict-transport-security max-age=15724800; includeSubDomains surrogate-key sFbt=https://www.tumgir.com/tag/2023%20Jeep%20Wrangler%204xe last-modified Sat, 26 Mar 2022 04:00:00 GMT server nginx/1.15.8 date Sat, 26 Mar 2022 04:05:15 GMT content-type application/json access-control-allow-origin https://www.tumgir.com cache-control no-transform, max-age=0, s-maxage=14400 access-control-allow-credentials true content-length 2
GET H2	200	shares.json Show response api-public.addthis.com/url/	33 B 304 B	573ms 135ms	Script application/json	104.106.1.225 AS6453
General Check archive.org Show headers Download Go to Full URL https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&callback=_ate.cbs.rcb_6usp0 Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.106.1.225 Atlanta, United States, ASN6453 (AS6453, US), Reverse DNS a104-106-1-225.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 188bbf91dd19291747de0ce662af178d90c921811aeffee5ab1886b620c276af Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip surrogate-key www.tumgir.com/tag/2023%20jeep%20wrangler%204xe last-modified Sat, 26 Mar 2022 04:05:15 GMT server nginx/1.15.8 date Sat, 26 Mar 2022 04:05:15 GMT vary Accept-Encoding content-type application/json cache-control no-transform, must-revalidate, max-age=0, s-maxage=3600 content-length 53
GET H2	200	shares.json Show response api-public.addthis.com/url/	33 B 304 B	584ms 145ms	Script application/json	104.106.1.225 AS6453
General Check archive.org Show headers Download Go to Full URL https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&callback=_ate.cbs.rcb_fy4j0 Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.106.1.225 Atlanta, United States, ASN6453 (AS6453, US), Reverse DNS a104-106-1-225.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 1372fec01f6081fac5f2e44754bc1c69afdb3c1f2f5f75b17104cfb9d8b95f62 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip surrogate-key www.tumgir.com/tag/2023%20jeep%20wrangler%204xe last-modified Sat, 26 Mar 2022 04:05:15 GMT server nginx/1.15.8 date Sat, 26 Mar 2022 04:05:15 GMT vary Accept-Encoding content-type application/json cache-control no-transform, must-revalidate, max-age=0, s-maxage=3600 content-length 53
GET DATA	200 OK	truncated /	443 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET H2	200	hls.5b3b785f487abbe00eee.js cds.connatix.com/p/156025/ Frame BC54	0 47 KB	13ms 12ms	Other application/javascript	151.101.130.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cds.connatix.com/p/156025/hls.5b3b785f487abbe00eee.js Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding br last-modified Fri, 25 Mar 2022 09:03:47 GMT age 67516 etag "182f65d040bfb9544bd8f71472475672" vary Accept-Encoding content-type application/javascript access-control-allow-origin * access-control-max-age 86400 cache-control public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600 accept-ranges bytes content-length 48258
GET H2	200	player.css cds.connatix.com/p/156025/	56 KB 9 KB	15ms 15ms	Stylesheet text/css	151.101.130.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cds.connatix.com/p/156025/player.css Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9310c3290722edb39dfc8e9065d9b52f8629a7d969e42868f0eac42b9b7edf3a Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding br last-modified Fri, 25 Mar 2022 09:03:47 GMT fastly-original-body-size 57586 age 67515 etag "a69488f3f35ac4bbb9526cd82833f6e9" vary Accept-Encoding content-type text/css access-control-allow-origin * access-control-max-age 86400 cache-control public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600 accept-ranges bytes content-length 8634
POST H2	200	pls Show response capi.connatix.com/core/ Frame BC54	4 KB 2 KB	60ms 60ms	XHR application/x-protobuf	151.101.130.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://capi.connatix.com/core/pls?v=156025&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 37d127f3d83407b6dd373f253ba505ca3c64c956519031417c4d599739ff1a1b Request headers Referer Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type multipart/form-data Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip vary Accept-Encoding content-type application/x-protobuf access-control-allow-origin https://www.tumgir.com access-control-max-age 86400 access-control-allow-credentials true accept-ranges bytes content-length 2330
POST H/1.1	200 OK	sr Show response capi-tier-2-us-east-2.connatix.com/tr/ Frame BC54	0 334 B	166ms 35ms	XHR application/x-protobuf	18.190.16.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=156025&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.190.16.20 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-190-16-20.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type multipart/form-data Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip server Kestrel vary Accept-Encoding content-type application/x-protobuf access-control-allow-origin https://www.tumgir.com transfer-encoding chunked Connection keep-alive access-control-allow-credentials true
GET H/1.1	200 OK	analytics.js Show response s.srvsynd.com/2/234175/	6 KB 3 KB	104ms 24ms	Script text/javascript	18.204.126.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.tumgir.com&ui=b2498c856c4342e58396ce9dda68a69b&md=2&ap=undefined&sr=connatix.com&pp=963968048794229&ti=x1348625143987662535416127815680&de=2&to=3&pv=908cdf45-a2f0-413d-a89e-25c1d25ddc6d Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.204.126.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-204-126-182.compute-1.amazonaws.com Software / Resource Hash cc28fd1ee7e12987ca06b75e57b73323b8513e0c9cd330d1265f6b862c7e4ee6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sat, 26 Mar 2022 04:05:14 GMT Content-Encoding gzip Accept-Ch Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data Vary * Content-Type text/javascript; charset=utf-8 Cache-Control no-cache, no-store, must-revalidate, no-transform, private, max-age=0 Strict-Transport-Security max-age=31536000; includeSubDomains Timing-Allow-Origin * Content-Length 2833 Expires 0
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	82 KB 28 KB	86ms 40ms	Script text/javascript	142.250.80.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s35-in-f2.1e100.net Software sffe / Resource Hash cce0ad86d72448b9d4d4a52c8efa0658b8f09a4606a25b25bf6398e701716680 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28040 x-xss-protection 0 server sffe etag "1169 / 532 of 1000 / last-modified: 1648245909" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 26 Mar 2022 04:05:15 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 15 KB	47ms 20ms	Font font/woff2	2607:f8b0:4006:81e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.tumgir.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 22 Mar 2022 14:35:30 GMT x-content-type-options nosniff age 307785 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 22 Mar 2023 14:35:30 GMT
GET H2	200	4_media.bin Show response vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/a636eb58-8a35-4be2-a0d2-aedd87a33df9/ Frame BC54	564 B 603 B	56ms 10ms	XHR application/octet-stream	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/a636eb58-8a35-4be2-a0d2-aedd87a33df9/4_media.bin Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 739a09d3a136d42a02a90260a2f6a443416096b24d1039bffc8226223161cdec Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip last-modified Thu, 25 Feb 2021 20:27:52 GMT fastly-original-body-size 564 age 50440 etag "873278d192f1ec2464492286b6c70a10" vary Accept-Encoding content-type application/octet-stream access-control-allow-origin * access-control-max-age 86400 cache-control public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600 accept-ranges bytes content-length 343
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/ Frame BC54	371 KB 124 KB	88ms 39ms	Script text/javascript	2607:f8b0:4006:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200a Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 518600a5f07d44be6944144c51140e92a7f95590dd1a4203485c9c9dcd97645d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 126303 x-xss-protection 0 expires Sat, 26 Mar 2022 04:05:15 GMT
GET H2	200	cks Show response cks.connatix.com/ Redirect Chain https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3db2498c856c4342e58396ce9dda68a69b%26pname%3dBeeswax%26api-tier%3d2%26uid%3d{userid} https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3Db2498c856c4342e58396ce9dda68a69b%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&_... https://cks.connatix.com/cks?pid=15&ev=b2498c856c4342e58396ce9dda68a69b&pname=Beeswax&api-tier=2&uid=AAEPQk7EfSIAADCwf_JzUA	132 B 166 B	10ms 10ms	Script application/javascript	151.101.130.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cks.connatix.com/cks?pid=15&ev=b2498c856c4342e58396ce9dda68a69b&pname=Beeswax&api-tier=2&uid=AAEPQk7EfSIAADCwf_JzUA Protocol H2 Server 151.101.130.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 86bc83bc8de3931f86f39d102210d11d5b96116c3f5140ae3055e8984abd67de Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT access-control-max-age 86400 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true accept-ranges bytes content-length 132 retry-after 0 Redirect headers location https://cks.connatix.com/cks?pid=15&ev=b2498c856c4342e58396ce9dda68a69b&pname=Beeswax&api-tier=2&uid=AAEPQk7EfSIAADCwf_JzUA Date Sat, 26 Mar 2022 04:05:15 GMT Server nginx Connection keep-alive Content-Length 0 strict-transport-security max-age=2592000; includeSubDomains
GET H2	200	cks Show response cks.connatix.com/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1 https://cks.connatix.com/cks?pid=19&uid=8ef3f8fa-2170-4fb8-b7ae-f65e03770976&ttl=1650859515	146 B 206 B	10ms 10ms	Script application/javascript	151.101.130.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cks.connatix.com/cks?pid=19&uid=8ef3f8fa-2170-4fb8-b7ae-f65e03770976&ttl=1650859515 Protocol H2 Server 151.101.130.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ecc49a5c01448ea138a09d29a03e3574a830151d1dc421a0513b14eabc14e1ff Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT access-control-max-age 86400 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true accept-ranges bytes content-length 146 retry-after 0 Redirect headers pragma no-cache date Sat, 26 Mar 2022 04:05:15 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://cks.connatix.com/cks?pid=19&uid=8ef3f8fa-2170-4fb8-b7ae-f65e03770976&ttl=1650859515 cache-control private,no-cache, must-revalidate content-type text/html content-length 213
GET H2	200	cks Show response cks.connatix.com/ Redirect Chain https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3db2498c856c4342e58396ce9dda68a69b%26pname%3dAppNexus%26api-tier%3d2%26uid%3d%24UID https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcks.connatix.com%252fcks%253fpid%253d6%2526ev%253db2498c856c4342e58396ce9dda68a69b%2526pname%253dAppNexus%2526api-tier%253d2%2526uid%... https://cks.connatix.com/cks?pid=6&ev=b2498c856c4342e58396ce9dda68a69b&pname=AppNexus&api-tier=2&uid=8120989671941300671	128 B 223 B	33ms 10ms	Script application/javascript	151.101.130.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cks.connatix.com/cks?pid=6&ev=b2498c856c4342e58396ce9dda68a69b&pname=AppNexus&api-tier=2&uid=8120989671941300671 Protocol H2 Server 151.101.130.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash dc5f63d808741d2ddc94ba48e25d68343954e8c2b09b528376fc0772e80a8f08 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT access-control-max-age 86400 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true accept-ranges bytes content-length 128 retry-after 0 Redirect headers Pragma no-cache Date Sat, 26 Mar 2022 04:05:15 GMT X-Proxy-Origin 149.56.153.187; 149.56.153.187; 804.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com AN-X-Request-Uuid 76e66c3e-01d5-4ad9-8277-0e5ea7b38966 Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cks.connatix.com/cks?pid=6&ev=b2498c856c4342e58396ce9dda68a69b&pname=AppNexus&api-tier=2&uid=8120989671941300671 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 11ED Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east	281 B 554 B	111ms 38ms	Document text/html	104.105.246.248 AS6453
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.105.246.248 Atlanta, United States, ASN6453 (AS6453, US), Reverse DNS a104-105-246-248.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 14 Dec 2021 23:07:59 GMT ETag "402b2-119-5d32342a551c0" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Sat, 26 Mar 2022 04:05:16 GMT Connection keep-alive Vary Accept-Encoding Redirect headers server AkamaiGHost content-length 0 location https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east date Sat, 26 Mar 2022 04:05:15 GMT access-control-allow-credentials true access-control-allow-origin *
GET H2	200	cks Show response cks.connatix.com/ Redirect Chain https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3db2498c856c4342e58396ce9dda68a69b%26pname%3dCentro%26api-tier%3d2%26uid%3d{userId} https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3db2498c856c4342e58396ce9dda68a69b%26pname%3dCentro%26api-tier%3d2%26uid%3... https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i... https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i... https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3Db2498c8... https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3Db... https://cks.connatix.com/cks?pid=9&ev=b2498c856c4342e58396ce9dda68a69b&pname=Centro&api-tier=2&uid=24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341	159 B 216 B	10ms 10ms	Script application/javascript	151.101.130.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cks.connatix.com/cks?pid=9&ev=b2498c856c4342e58396ce9dda68a69b&pname=Centro&api-tier=2&uid=24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341 Protocol H2 Server 151.101.130.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 34ab58c315c922afde95ff49fe2d642a186f6838a202ce048a798d9717fbdc58 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:16 GMT access-control-max-age 86400 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true accept-ranges bytes content-length 159 retry-after 0 Redirect headers location https://cks.connatix.com/cks?pid=9&ev=b2498c856c4342e58396ce9dda68a69b&pname=Centro&api-tier=2&uid=24034015-9b92-4247-8df0-8e03f5643215-623e90fb-4341 date Sat, 26 Mar 2022 04:05:16 GMT via 1.1 google alt-svc clear content-length 0 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
POST H/1.1	200 OK	postback Show response s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/	0 145 B	95ms 26ms	XHR text/plain	18.204.126.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/postback?oz_pl=1&sr=connatix.com&ti=x1348625143987662535416127815680&de=2&to=3&ci=234175&dt=2341751597675869250012&di=www.tumgir.com&ui=b2498c856c4342e58396ce9dda68a69b&md=2&ap=undefined&pp=963968048794229&pv=908cdf45-a2f0-413d-a89e-25c1d25ddc6d&_x=1 Requested by Host: s.srvsynd.com URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.tumgir.com&ui=b2498c856c4342e58396ce9dda68a69b&md=2&ap=undefined&sr=connatix.com&pp=963968048794229&ti=x1348625143987662535416127815680&de=2&to=3&pv=908cdf45-a2f0-413d-a89e-25c1d25ddc6d Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.204.126.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-204-126-182.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sat, 26 Mar 2022 04:05:14 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
GET H/1.1	200 OK	main.js Show response s.srvsynd.com/2/2.52.0/	156 KB 49 KB	24ms 23ms	Script text/javascript	18.204.126.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://s.srvsynd.com/2/2.52.0/main.js Requested by Host: s.srvsynd.com URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.tumgir.com&ui=b2498c856c4342e58396ce9dda68a69b&md=2&ap=undefined&sr=connatix.com&pp=963968048794229&ti=x1348625143987662535416127815680&de=2&to=3&pv=908cdf45-a2f0-413d-a89e-25c1d25ddc6d Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.204.126.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-204-126-182.compute-1.amazonaws.com Software / Resource Hash ebc1809c917b61781cda24334f55c7010d9bf8986b99ea3f59d049e78d491910 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 04:05:14 GMT Content-Encoding br Accept-Ch Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data Vary Origin, Accept-Encoding Content-Type text/javascript; charset=utf-8 Cache-Control public, no-transform, immutable, max-age=999999999 Strict-Transport-Security max-age=31536000; includeSubDomains Timing-Allow-Origin * Content-Length 49733 Expires Mon, 01 Dec 2053 17:21:59 GMT
GET H2	200	hls.5b3b785f487abbe00eee.js Show response cds.connatix.com/p/156025/ Frame BC54	162 KB 47 KB	10ms 10ms	Script application/javascript	151.101.130.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cds.connatix.com/p/156025/hls.5b3b785f487abbe00eee.js Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding br last-modified Fri, 25 Mar 2022 09:03:47 GMT age 67516 etag "182f65d040bfb9544bd8f71472475672" vary Accept-Encoding content-type application/javascript access-control-allow-origin * access-control-max-age 86400 cache-control public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600 accept-ranges bytes content-length 48258
GET H3	200	pubads_impl_2022031601.js Show response securepubads.g.doubleclick.net/gpt/	365 KB 124 KB	47ms 20ms	Script text/javascript	142.250.80.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s35-in-f2.1e100.net Software sffe / Resource Hash 5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 00:56:15 GMT content-encoding gzip x-content-type-options nosniff age 11340 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 126823 x-xss-protection 0 last-modified Wed, 16 Mar 2022 08:34:12 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sun, 26 Mar 2023 00:56:15 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	207 B 150 B	62ms 35ms	XHR application/json	142.250.80.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.tumgir.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s35-in-f2.1e100.net Software cafe / Resource Hash febb744bb8144b2b4ef5b39212e3293dde295613a20b1550062edcc55ae13b89 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 125 x-xss-protection 0 expires Sat, 26 Mar 2022 04:05:15 GMT
GET H3	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 15 KB	20ms 20ms	Font font/woff2	2607:f8b0:4006:81e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.tumgir.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 24 Mar 2022 08:30:30 GMT x-content-type-options nosniff age 156885 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 24 Mar 2023 08:30:30 GMT
POST H/1.1	200 OK	g Show response capi-tier-2-us-east-2.connatix.com/rtb/ Frame BC54	450 B 656 B	195ms 58ms	XHR application/x-protobuf	18.190.16.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=156025&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.190.16.20 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-190-16-20.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash b3d8fcf7566cfb5c9f346f47f41f92a0d4386ea6431b62fb944fabe82135ccfb Request headers Referer Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type multipart/form-data Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip server Kestrel vary Accept-Encoding content-type application/x-protobuf access-control-allow-origin https://www.tumgir.com access-control-allow-credentials true Connection keep-alive Content-Length 360
GET		pixel cm.g.doubleclick.net/ Frame BC54 Redirect Chain https://connatix-d.openx.net/v/1.0/av?auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&cb=1ac2cbcd-4426-45e... https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&cb=1ac2cbcd-442... https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTc0NWZmYmUtNzE0NS02ODc1LTQ1YTgtMzk4NmUwMDJlYjJm&gdpr=0&gdpr_consent=undefined	0 0
GET H2	200	1_th.jpg img.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/a636eb58-8a35-4be2-a0d2-aedd87a33df9/	11 KB 11 KB	13ms 13ms	Image image/jpeg	151.101.130.137 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/a636eb58-8a35-4be2-a0d2-aedd87a33df9/1_th.jpg?crop=522:293,smart&width=522&height=293&format=jpeg&quality=60&fit=crop Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4858c9ebca622a3fa41d3b26013b64d52a8baafb1a5969c0411712b90625aad1 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding br age 57854 etag "YmLqOAuWUItsaVlOis3XILcRGY0L6iQbYhF7GgUitDA" access-control-max-age 86400 fastly-io-info ifsz=81599 idim=2560x1440 ifmt=jpeg ofsz=11602 odim=522x293 ofmt=jpeg access-control-allow-origin * cache-control max-age=2592000, public fastly-stats io=1 accept-ranges bytes content-type image/jpeg content-length 11127
GET H2	200	playlist.m3u8 Show response vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/a636eb58-8a35-4be2-a0d2-aedd87a33df9/424ceb86-a56f-49ee-935c-f5c295840c4f_/ Frame BC54	309 B 254 B	11ms 10ms	XHR application/x-mpegurl	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/a636eb58-8a35-4be2-a0d2-aedd87a33df9/424ceb86-a56f-49ee-935c-f5c295840c4f_/playlist.m3u8 Requested by Host: cds.connatix.com URL: https://cds.connatix.com/p/156025/hls.5b3b785f487abbe00eee.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip last-modified Thu, 25 Feb 2021 20:27:52 GMT fastly-original-body-size 309 age 50438 etag "8a966507b13615ecdc1330a4bc9dcfe1" vary Accept-Encoding content-type application/x-mpegURL access-control-allow-origin * access-control-max-age 86400 cache-control public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600 accept-ranges bytes content-length 164
POST H/1.1	200 OK	postback Show response s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/	0 145 B	23ms 23ms	XHR text/plain	18.204.126.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/postback?oz_pl=1&sr=connatix.com&ti=x1348625143987662535416127815680&de=2&to=3&ci=234175&dt=2341751597675869250012&di=www.tumgir.com&ui=b2498c856c4342e58396ce9dda68a69b&md=2&ap=undefined&pp=963968048794229&pv=908cdf45-a2f0-413d-a89e-25c1d25ddc6d&_x=1 Requested by Host: s.srvsynd.com URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.tumgir.com&ui=b2498c856c4342e58396ce9dda68a69b&md=2&ap=undefined&sr=connatix.com&pp=963968048794229&ti=x1348625143987662535416127815680&de=2&to=3&pv=908cdf45-a2f0-413d-a89e-25c1d25ddc6d Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.204.126.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-204-126-182.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sat, 26 Mar 2022 04:05:15 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
GET H2	200	0.m3u8 Show response vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/a636eb58-8a35-4be2-a0d2-aedd87a33df9/424ceb86-a56f-49ee-935c-f5c295840c4f_/ Frame BC54	607 B 335 B	10ms 10ms	XHR application/x-mpegurl	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/a636eb58-8a35-4be2-a0d2-aedd87a33df9/424ceb86-a56f-49ee-935c-f5c295840c4f_/0.m3u8 Requested by Host: cds.connatix.com URL: https://cds.connatix.com/p/156025/hls.5b3b785f487abbe00eee.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 08881ea304e9d94e759bf584e9e086a4d786e8136c329c8664ecabe6e8828223 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip last-modified Thu, 25 Feb 2021 20:27:51 GMT fastly-original-body-size 244 age 50438 etag "6fe6ff481e3358dbb1c23accdec0d605" vary Accept-Encoding content-type application/x-mpegURL access-control-allow-origin * access-control-max-age 86400 cache-control public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600 accept-ranges bytes content-length 244
POST H3	200	get Show response www.youtube.com/youtubei/v1/att/ Frame 8468	19 KB 14 KB	49ms 49ms	XHR application/json	2607:f8b0:4006:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/att/get?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c6736352/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80a::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash ab51da210730bc0a3c706f292534bb2360d441f5d496d239e543de485702e099 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20220323.01.00 Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 X-Goog-Visitor-Id CgtNQXBPZXQ4ZWRIWSj6ofqRBg%3D%3D Content-Type application/json Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13850 x-xss-protection 0
POST H/1.1	200 OK	postback Show response s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/	0 145 B	23ms 22ms	XHR text/plain	18.204.126.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/postback?sr=connatix.com&ti=x1348625143987662535416127815680&de=2&to=3&ci=234175&dt=2341751597675869250012&di=www.tumgir.com&ui=b2498c856c4342e58396ce9dda68a69b&md=2&ap=undefined&pp=963968048794229&pv=908cdf45-a2f0-413d-a89e-25c1d25ddc6d&sid=ASpDdlIRBZGYTdjI&oz_sc=98b5b4d99faff47334628963&oz_df=1648267515857&oz_l=160&cv=3 Requested by Host: s.srvsynd.com URL: https://s.srvsynd.com/2/2.52.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.204.126.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-204-126-182.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sat, 26 Mar 2022 04:05:15 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
GET H3	200	bridge3.507.1_en.html Show response imasdk.googleapis.com/js/core/ Frame E2BE	591 KB 192 KB	47ms 19ms	Document text/html	2607:f8b0:4006:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::200a Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b41f242bfa858ddc54ea754401991d33df52036db137b06f96aea0dc687bb3fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-length 196684 x-content-type-options nosniff server sffe x-xss-protection 0 date Wed, 23 Mar 2022 20:55:07 GMT expires Thu, 23 Mar 2023 20:55:07 GMT cache-control public, max-age=31536000 last-modified Wed, 23 Mar 2022 20:48:25 GMT content-type text/html age 198608 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	client.js Show response s0.2mdn.net/instream/video/ Frame BC54	44 KB 17 KB	2050ms 1993ms	Script text/javascript	2607:f8b0:4006:80c::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/instream/video/client.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::2006 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:17 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript cache-control private, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16746 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 26 Mar 2022 04:05:17 GMT
GET H3	200	bridge3.507.1_en.html Show response imasdk.googleapis.com/js/core/ Frame 9CF4	591 KB 192 KB	21ms 20ms	Document text/html	2607:f8b0:4006:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::200a Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b41f242bfa858ddc54ea754401991d33df52036db137b06f96aea0dc687bb3fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-length 196684 x-content-type-options nosniff server sffe x-xss-protection 0 date Wed, 23 Mar 2022 20:55:07 GMT expires Thu, 23 Mar 2023 20:55:07 GMT cache-control public, max-age=31536000 last-modified Wed, 23 Mar 2022 20:48:25 GMT content-type text/html age 198609 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	bridge3.507.1_en.html Show response imasdk.googleapis.com/js/core/ Frame 47A1	591 KB 192 KB	23ms 23ms	Document text/html	2607:f8b0:4006:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.507.1_en.html Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::200a Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b41f242bfa858ddc54ea754401991d33df52036db137b06f96aea0dc687bb3fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-length 196684 x-content-type-options nosniff server sffe x-xss-protection 0 date Wed, 23 Mar 2022 20:55:07 GMT expires Thu, 23 Mar 2023 20:55:07 GMT cache-control public, max-age=31536000 last-modified Wed, 23 Mar 2022 20:48:25 GMT content-type text/html age 198609 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET		0.mp4 vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/a636eb58-8a35-4be2-a0d2-aedd87a33df9/424ceb86-a56f-49ee-935c-f5c295840c4f_/ Frame BC54	0 0
GET H2	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 51C7	37 KB 13 KB	76ms 21ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 03:59:35 GMT content-encoding gzip x-content-type-options nosniff age 341 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12861 x-xss-protection 0 last-modified Tue, 26 Oct 2021 20:08:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Sat, 26 Mar 2022 04:59:35 GMT
GET H2	200	V-sAIHWfyG0pUIp3BZ2wXLzaTl4ZfTfHYa_wwzML1lo.js Show response www.google.com/js/th/ Frame 8468	35 KB 14 KB	75ms 19ms	Script text/javascript	2607:f8b0:4006:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/V-sAIHWfyG0pUIp3BZ2wXLzaTl4ZfTfHYa_wwzML1lo.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c6736352/player_ias.vflset/en_US/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2004 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 57eb0020759fc86d29508a77059db05cbcda4e5e197d37c761aff0c3330bd65a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 00:56:20 GMT content-encoding br x-content-type-options nosniff age 11336 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13791 x-xss-protection 0 last-modified Tue, 22 Mar 2022 10:00:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 26 Mar 2023 00:56:20 GMT
GET H2	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 649E	37 KB 13 KB	60ms 40ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 03:59:35 GMT content-encoding gzip x-content-type-options nosniff age 341 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12861 x-xss-protection 0 last-modified Tue, 26 Oct 2021 20:08:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Sat, 26 Mar 2022 04:59:35 GMT
GET H2	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame EE62	37 KB 13 KB	26ms 26ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 03:59:35 GMT content-encoding gzip x-content-type-options nosniff age 341 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12861 x-xss-protection 0 last-modified Tue, 26 Oct 2021 20:08:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Sat, 26 Mar 2022 04:59:35 GMT
POST H/1.1	200 OK	us Show response capi-tier-2-us-east-2.connatix.com/core/ Frame BC54	0 315 B	37ms 36ms	XHR application/x-protobuf	18.190.16.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi-tier-2-us-east-2.connatix.com/core/us?v=156025 Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.190.16.20 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-190-16-20.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type multipart/form-data Response headers date Sat, 26 Mar 2022 04:05:16 GMT content-encoding gzip server Kestrel vary Accept-Encoding content-type application/x-protobuf access-control-allow-origin https://www.tumgir.com access-control-allow-credentials true Connection keep-alive Content-Length 20
GET H2	206	0.mp4 Show response vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/a636eb58-8a35-4be2-a0d2-aedd87a33df9/424ceb86-a56f-49ee-935c-f5c295840c4f_/ Frame BC54	1 KB 1 KB	11ms 11ms	XHR video/mp4	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/a636eb58-8a35-4be2-a0d2-aedd87a33df9/424ceb86-a56f-49ee-935c-f5c295840c4f_/0.mp4 Requested by Host: cds.connatix.com URL: https://cds.connatix.com/p/156025/hls.5b3b785f487abbe00eee.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 218c84f7981aa03b8807cdbd57f1ba524321e8ce48e663103f776c8f4b188540 Request headers Referer Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Range bytes=0-1361 Response headers date Sat, 26 Mar 2022 04:05:16 GMT last-modified Thu, 25 Feb 2021 20:27:51 GMT fastly-original-body-size 1048576 age 50438 etag "f08ca6344c23c20c11557448a7db8ec8" access-control-max-age 86400 content-type video/mp4 Content-Range bytes 0-1361/4935370 cache-control public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600 accept-ranges bytes access-control-allow-origin * Content-Length 1362
POST H2	202	/ Show response pl.connatix.com/ Frame BC54	2 B 168 B	176ms 153ms	XHR application/json	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pl.connatix.com/ Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 26 Mar 2022 04:05:16 GMT via 1.1 varnish x-timer S1648267516.163866,VS0,VE143 x-served-by cache-yul12832-YUL x-cache MISS content-type application/json access-control-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes content-length 2 x-cache-hits 0
POST H/1.1	200 OK	postback Show response s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/	0 145 B	23ms 23ms	XHR text/plain	18.204.126.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/postback?sr=connatix.com&ti=x1348625143987662535416127815680&de=2&to=3&ci=234175&dt=2341751597675869250012&di=www.tumgir.com&ui=b2498c856c4342e58396ce9dda68a69b&md=2&ap=undefined&pp=963968048794229&pv=908cdf45-a2f0-413d-a89e-25c1d25ddc6d&sid=ASpDdlIRBZGYTdjI&oz_sc=98b5b4d99faff47334628963&oz_df=1648267516088&oz_l=4021&cv=3 Requested by Host: s.srvsynd.com URL: https://s.srvsynd.com/2/2.52.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.204.126.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-204-126-182.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sat, 26 Mar 2022 04:05:15 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 11ED	32 KB 10 KB	35ms 35ms	Script text/html	104.105.246.248 AS6453
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.105.246.248 Atlanta, United States, ASN6453 (AS6453, US), Reverse DNS a104-105-246-248.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 37064dc6aba44f514022fd8d58670ee76b71f4257db66567305598e1d9849cc1 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 04:05:16 GMT Content-Encoding gzip Last-Modified Wed, 02 Mar 2022 16:28:01 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=60948 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9540 Expires Sat, 26 Mar 2022 21:01:04 GMT
POST H/1.1	200 OK	us Show response capi-tier-2-us-east-2.connatix.com/core/ Frame BC54	0 315 B	35ms 35ms	XHR application/x-protobuf	18.190.16.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi-tier-2-us-east-2.connatix.com/core/us?v=156025 Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.190.16.20 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-190-16-20.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type multipart/form-data Response headers date Sat, 26 Mar 2022 04:05:16 GMT content-encoding gzip server Kestrel vary Accept-Encoding content-type application/x-protobuf access-control-allow-origin https://www.tumgir.com access-control-allow-credentials true Connection keep-alive Content-Length 20
POST H/1.1	200 OK	us Show response capi-tier-2-us-east-2.connatix.com/core/ Frame BC54	0 315 B	71ms 35ms	XHR application/x-protobuf	18.190.16.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi-tier-2-us-east-2.connatix.com/core/us?v=156025 Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.190.16.20 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-190-16-20.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type multipart/form-data Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip server Kestrel vary Accept-Encoding content-type application/x-protobuf access-control-allow-origin https://www.tumgir.com access-control-allow-credentials true Connection keep-alive Content-Length 20
GET H2	206	0.mp4 Show response vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/a636eb58-8a35-4be2-a0d2-aedd87a33df9/424ceb86-a56f-49ee-935c-f5c295840c4f_/ Frame BC54	656 KB 656 KB	10ms 10ms	XHR video/mp4	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/a636eb58-8a35-4be2-a0d2-aedd87a33df9/424ceb86-a56f-49ee-935c-f5c295840c4f_/0.mp4 Requested by Host: cds.connatix.com URL: https://cds.connatix.com/p/156025/hls.5b3b785f487abbe00eee.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 042a7433f0acd94effb8818f149b6fc78588d1a3b0a88cb50c85a1e1a4860852 Request headers Referer Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Range bytes=1362-672821 Response headers date Sat, 26 Mar 2022 04:05:16 GMT last-modified Thu, 25 Feb 2021 20:27:51 GMT fastly-original-body-size 1048576 age 50439 etag "f08ca6344c23c20c11557448a7db8ec8" access-control-max-age 86400 content-type video/mp4 Content-Range bytes 1362-672821/4935370 cache-control public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600 accept-ranges bytes access-control-allow-origin * Content-Length 671460
GET H3	200	av Show response connatix-d.openx.net/v/1.0/ Frame BC54 Redirect Chain https://connatix-d.openx.net/v/1.0/av?auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&cb=1ac2cbcd-4426-45e... https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&cb=1ac2cbcd-442...	48 B 78 B	34ms 34ms	XHR text/xml	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&cb=1ac2cbcd-4426-45e9-8c8c-e8da4196c956&vwd=522&vht=293&gdpr=0&gdpr_consent=undefined&us_privacy= Protocol H3 Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/17.2.1 / Resource Hash a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 04:05:16 GMT content-encoding gzip server OXGW/17.2.1 vary Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://www.tumgir.com cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type text/xml alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers date Sat, 26 Mar 2022 04:05:16 GMT via 1.1 google server OXGW/17.2.1 location https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&cb=1ac2cbcd-4426-45e9-8c8c-e8da4196c956&vwd=522&vht=293&gdpr=0&gdpr_consent=undefined&us_privacy= p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://www.tumgir.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET BLOB	200 OK	81365571-d790-416f-928d-d3ae61fc4bd2 https://www.tumgir.com/ Frame F576	185 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.tumgir.com/81365571-d790-416f-928d-d3ae61fc4bd2 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Length 185 Content-Type application/javascript
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 11ED	284 B 921 B	100ms 25ms	Image image/jpg	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 29af2665c43893332e84c235bac366c1 Content-Type image/jpg
POST H/1.1	200 OK	postback Show response s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/	0 145 B	23ms 23ms	XHR text/plain	18.204.126.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/postback?sr=connatix.com&ti=x1348625143987662535416127815680&de=2&to=3&ci=234175&dt=2341751597675869250012&di=www.tumgir.com&ui=b2498c856c4342e58396ce9dda68a69b&md=2&ap=undefined&pp=963968048794229&pv=908cdf45-a2f0-413d-a89e-25c1d25ddc6d&sid=ASpDdlIRBZGYTdjI&oz_sc=98b5b4d99faff47334628963&oz_df=1648267516385&oz_l=1222&cv=3 Requested by Host: s.srvsynd.com URL: https://s.srvsynd.com/2/2.52.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.204.126.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-204-126-182.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sat, 26 Mar 2022 04:05:15 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
GET H3	204	generate_204 www.youtube.com/ Frame 8468	0 9 B	20ms 19ms	Image text/plain	2607:f8b0:4006:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?5fL3Uw Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80a::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:16 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	av Show response connatix-d.openx.net/v/1.0/ Frame BC54	48 B 78 B	47ms 46ms	XHR text/xml	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://connatix-d.openx.net/v/1.0/av?auid=540193926&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&cb=ce8e3c78-2d01-4ed1-babb-ba9efc4e0019&vwd=522&vht=293&gdpr=0&gdpr_consent=undefined&us_privacy= Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/17.2.1 / Resource Hash a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 04:05:16 GMT content-encoding gzip server OXGW/17.2.1 vary Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://www.tumgir.com cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type text/xml alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
POST H/1.1	200 OK	us Show response capi-tier-2-us-east-2.connatix.com/core/ Frame BC54	0 315 B	36ms 35ms	XHR application/x-protobuf	18.190.16.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi-tier-2-us-east-2.connatix.com/core/us?v=156025 Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.190.16.20 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-190-16-20.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type multipart/form-data Response headers date Sat, 26 Mar 2022 04:05:16 GMT content-encoding gzip server Kestrel vary Accept-Encoding content-type application/x-protobuf access-control-allow-origin https://www.tumgir.com access-control-allow-credentials true Connection keep-alive Content-Length 20
GET H2	200	us capi.connatix.com/core/ Frame 11ED Redirect Chain https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&khaos=L17BX7B2-Z-A5K0 https://ck.connatix.com/cks?pid=11&uid=L17BX7B2-Z-A5K0 https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L17BX7B2-Z-A5K0&UserId=	0 28 B	41ms 40ms	Image application/json	151.101.130.137 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L17BX7B2-Z-A5K0&UserId= Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east Protocol H2 Server 151.101.130.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:16 GMT access-control-allow-credentials true accept-ranges bytes content-length 0 access-control-max-age 86400 content-type application/json Redirect headers date Sat, 26 Mar 2022 04:05:16 GMT location https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L17BX7B2-Z-A5K0&UserId= access-control-max-age 86400 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, max-age=0 accept-ranges bytes content-length 0 retry-after 0
GET H2	206	0.mp4 Show response vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/a636eb58-8a35-4be2-a0d2-aedd87a33df9/424ceb86-a56f-49ee-935c-f5c295840c4f_/ Frame BC54	628 KB 629 KB	13ms 11ms	XHR video/mp4	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/a636eb58-8a35-4be2-a0d2-aedd87a33df9/424ceb86-a56f-49ee-935c-f5c295840c4f_/0.mp4 Requested by Host: cds.connatix.com URL: https://cds.connatix.com/p/156025/hls.5b3b785f487abbe00eee.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 293753792b8dfd96e04abf7336c93c2b0018f1ebb8ec3783ed3b637ccc9c3b95 Request headers Referer Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Range bytes=672822-1316229 Response headers date Sat, 26 Mar 2022 04:05:16 GMT last-modified Thu, 25 Feb 2021 20:27:51 GMT fastly-original-body-size 1048576 age 50439 etag "f08ca6344c23c20c11557448a7db8ec8" access-control-max-age 86400 content-type video/mp4 Content-Range bytes 672822-1316229/4935370 cache-control public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600 accept-ranges bytes access-control-allow-origin * Content-Length 643408
POST H/1.1	200 OK	postback Show response s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/	0 145 B	23ms 23ms	XHR text/plain	18.204.126.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/postback?sr=connatix.com&ti=x1348625143987662535416127815680&de=2&to=3&ci=234175&dt=2341751597675869250012&di=www.tumgir.com&ui=b2498c856c4342e58396ce9dda68a69b&md=2&ap=undefined&pp=963968048794229&pv=908cdf45-a2f0-413d-a89e-25c1d25ddc6d&sid=ASpDdlIRBZGYTdjI&oz_sc=98b5b4d99faff47334628963&oz_df=1648267516581&oz_l=233&cv=3 Requested by Host: s.srvsynd.com URL: https://s.srvsynd.com/2/2.52.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.204.126.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-204-126-182.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sat, 26 Mar 2022 04:05:15 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
GET H3	200	av Show response connatix-d.openx.net/v/1.0/ Frame BC54	48 B 78 B	79ms 78ms	XHR text/xml	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://connatix-d.openx.net/v/1.0/av?auid=540193920&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2F2023%2520Jeep%2520Wrangler%25204xe&cb=550a754b-2c67-4cb8-9e31-934478408ee4&vwd=522&vht=293&gdpr=0&gdpr_consent=undefined&us_privacy= Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/17.2.1 / Resource Hash a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 04:05:16 GMT content-encoding gzip server OXGW/17.2.1 vary Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://www.tumgir.com cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type text/xml alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
POST H/1.1	200 OK	mq Show response capi-tier-2-us-east-2.connatix.com/tr/ Frame BC54	0 315 B	37ms 37ms	XHR application/x-protobuf	18.190.16.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi-tier-2-us-east-2.connatix.com/tr/mq?v=156025&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.190.16.20 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-190-16-20.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type multipart/form-data Response headers date Sat, 26 Mar 2022 04:05:16 GMT content-encoding gzip server Kestrel vary Accept-Encoding content-type application/x-protobuf access-control-allow-origin https://www.tumgir.com access-control-allow-credentials true Connection keep-alive Content-Length 20
POST H/1.1	200 OK	ps Show response capi-tier-2-us-east-2.connatix.com/tr/ Frame BC54	0 315 B	73ms 35ms	XHR application/x-protobuf	18.190.16.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi-tier-2-us-east-2.connatix.com/tr/ps?v=156025&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.190.16.20 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-190-16-20.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type multipart/form-data Response headers date Sat, 26 Mar 2022 04:05:15 GMT content-encoding gzip server Kestrel vary Accept-Encoding content-type application/x-protobuf access-control-allow-origin https://www.tumgir.com access-control-allow-credentials true Connection keep-alive Content-Length 20
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 11ED Redirect Chain https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 https://pr-bh.ybp.yahoo.com/sync/rubicon/ZCJxOywLEzDIHXyKa2ZbvQ?csrc= https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6908164200161978813	42 B 678 B	52ms 25ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6908164200161978813 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 42 X-RPHost 9a0c641c0479142b55591fdf2031b15f Content-Type image/gif Redirect headers date Sat, 26 Mar 2022 04:05:16 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 location https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6908164200161978813 x-xss-protection 1; mode=block content-length 0 x-content-type-options nosniff
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 11ED Redirect Chain https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0IgVjUL9TrKImY-lyDVkhQ&rk=usync-na https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0IgVjUL9TrKImY-lyDVkhQ	43 B 556 B	31ms 31ms	Image image/gif	209.54.176.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0IgVjUL9TrKImY-lyDVkhQ Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east Protocol HTTP/1.1 Server 209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sat, 26 Mar 2022 04:05:16 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 13A8686M6VRC4KR6J5D7 Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0IgVjUL9TrKImY-lyDVkhQ Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 0228ab361cece0438ff9eb16e4e5890e P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	ecm3 aax-eu.amazon-adsystem.com/s/ Frame 11ED Redirect Chain https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=B56Ay34aTKSQsXthB5t-Xw&rk=usync-other https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=B56Ay34aTKSQsXthB5t-Xw	43 B 556 B	104ms 103ms	Image image/gif	52.94.222.140 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=B56Ay34aTKSQsXthB5t-Xw Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east Protocol HTTP/1.1 Server 52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sat, 26 Mar 2022 04:05:17 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 5XKG6GN3CRD59BC4ZQ8T Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=B56Ay34aTKSQsXthB5t-Xw Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 84e0f527cd81a00b0210e20b4ee7ed94 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	setuid px.ads.linkedin.com/ Frame 11ED Redirect Chain https://token.rubiconproject.com/token?pid=36584 https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L17BX7B2-Z-A5K0	0 574 B	85ms 48ms	Image text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L17BX7B2-Z-A5K0 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east Protocol H2 Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:16 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 4676FEB47439460AAF623BD53887CB20 Ref B: YTO01EDGE0517 Ref C: 2022-03-26T04:05:16Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAXbFy/VP4i/z4A6ZteZUg== Redirect headers Location https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L17BX7B2-Z-A5K0 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 0228ab361cece0438ff9eb16e4e5890e P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	709414.gif id.rlcdn.com/ Frame 11ED	42 B 449 B	72ms 41ms	Image image/gif	35.190.60.146 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://id.rlcdn.com/709414.gif Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 146.60.190.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * date Sat, 26 Mar 2022 04:05:16 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 11ED Redirect Chain https://match.adsrvr.org/track/cmf/rubicon https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8ef3f8fa-2170-4fb8-b7ae-f65e03770976&gdpr=0&gdpr_consent=&expires=30	42 B 678 B	103ms 26ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8ef3f8fa-2170-4fb8-b7ae-f65e03770976&gdpr=0&gdpr_consent=&expires=30 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 42 X-RPHost 9e7742894a018a40b59a2ed2117c85b5 Content-Type image/gif Redirect headers pragma no-cache date Sat, 26 Mar 2022 04:05:16 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8ef3f8fa-2170-4fb8-b7ae-f65e03770976&gdpr=0&gdpr_consent=&expires=30 cache-control private,no-cache, must-revalidate content-type text/html content-length 289
GET H3	200	pixel cm.g.doubleclick.net/ Frame 11ED Redirect Chain https://token.rubiconproject.com/token?pid=2249&pt=n https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYzMmY5Y2VjOTg2ODUyYTVlMjVkY2E5YjgwMjU1ZmQyM2Y3MDM2Zg	170 B 188 B	61ms 35ms	Image image/png	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYzMmY5Y2VjOTg2ODUyYTVlMjVkY2E5YjgwMjU1ZmQyM2Y3MDM2Zg Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east Protocol H3 Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 26 Mar 2022 04:05:16 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYzMmY5Y2VjOTg2ODUyYTVlMjVkY2E5YjgwMjU1ZmQyM2Y3MDM2Zg Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 9e7742894a018a40b59a2ed2117c85b5 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	204	v1 ads.yahoo.com/cms/ Frame 11ED Redirect Chain https://token.rubiconproject.com/token?pid=26594 https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L17BX7B2-Z-A5K0&sigv=1&esig=2~9e1981741e6bdb77cb7ff52265c488e50e3de716	0 194 B	150ms 22ms	Image text/plain	2001:4998:1c:800::1001 YAHOO
General Check archive.org Show headers Download Go to Show image Full URL https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L17BX7B2-Z-A5K0&sigv=1&esig=2~9e1981741e6bdb77cb7ff52265c488e50e3de716 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east Protocol H2 Server 2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:16 GMT cache-control no-store x-content-type-options nosniff server ATS strict-transport-security max-age=15552000 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-xss-protection 1; mode=block Redirect headers Location https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L17BX7B2-Z-A5K0&sigv=1&esig=2~9e1981741e6bdb77cb7ff52265c488e50e3de716 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 9a0c641c0479142b55591fdf2031b15f P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
POST H/1.1	200 OK	postback Show response s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/	0 145 B	23ms 23ms	XHR text/plain	18.204.126.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/postback?sr=connatix.com&ti=x1348625143987662535416127815680&de=2&to=3&ci=234175&dt=2341751597675869250012&di=www.tumgir.com&ui=b2498c856c4342e58396ce9dda68a69b&md=2&ap=undefined&pp=963968048794229&pv=908cdf45-a2f0-413d-a89e-25c1d25ddc6d&sid=ASpDdlIRBZGYTdjI&oz_sc=98b5b4d99faff47334628963&oz_df=1648267516756&oz_l=6551&cv=3 Requested by Host: s.srvsynd.com URL: https://s.srvsynd.com/2/2.52.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.204.126.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-204-126-182.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sat, 26 Mar 2022 04:05:15 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
POST H/1.1	200 OK	postback Show response s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/	0 145 B	23ms 23ms	XHR text/plain	18.204.126.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/postback?sr=connatix.com&ti=x1348625143987662535416127815680&de=2&to=3&ci=234175&dt=2341751597675869250012&di=www.tumgir.com&ui=b2498c856c4342e58396ce9dda68a69b&md=2&ap=undefined&pp=963968048794229&pv=908cdf45-a2f0-413d-a89e-25c1d25ddc6d&sid=ASpDdlIRBZGYTdjI&oz_sc=98b5b4d99faff47334628963&oz_df=1648267516914&oz_l=149&cv=3 Requested by Host: s.srvsynd.com URL: https://s.srvsynd.com/2/2.52.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.204.126.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-204-126-182.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sat, 26 Mar 2022 04:05:16 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
GET BLOB	200 OK	ffc2aa17-8c07-40e6-b8a7-ac12c0e67e2e https://www.tumgir.com/	772 B 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://www.tumgir.com/ffc2aa17-8c07-40e6-b8a7-ac12c0e67e2e Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 566b9670644559b5460f2b0e0f217709742edb5f53197b537e48c208fc698853 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Length 772
POST H/1.1	200 OK	postback Show response s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/	0 145 B	23ms 23ms	XHR text/plain	18.204.126.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/postback?sr=connatix.com&ti=x1348625143987662535416127815680&de=2&to=3&ci=234175&dt=2341751597675869250012&di=www.tumgir.com&ui=b2498c856c4342e58396ce9dda68a69b&md=2&ap=undefined&pp=963968048794229&pv=908cdf45-a2f0-413d-a89e-25c1d25ddc6d&sid=ASpDdlIRBZGYTdjI&oz_sc=98b5b4d99faff47334628963&oz_df=1648267517084&oz_l=683&cv=3 Requested by Host: s.srvsynd.com URL: https://s.srvsynd.com/2/2.52.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.204.126.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-204-126-182.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sat, 26 Mar 2022 04:05:16 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame 8468	28 B 50 B	44ms 44ms	XHR application/json	2607:f8b0:4006:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c6736352/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80a::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/json X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/JWf7VZ8zXG4?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque X-YouTube-Client-Version 1.20220323.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id CgtNQXBPZXQ4ZWRIWSj6ofqRBg%3D%3D X-YouTube-Ad-Signals dt=1648267514541&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C356%2C200&vis=1&wgl=true&ca_type=image Response headers date Sat, 26 Mar 2022 04:05:17 GMT content-encoding br x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31 x-xss-protection 0
POST H/1.1	200 OK	postback Show response s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/	0 145 B	25ms 24ms	XHR text/plain	18.204.126.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/postback?sr=connatix.com&ti=x1348625143987662535416127815680&de=2&to=3&ci=234175&dt=2341751597675869250012&di=www.tumgir.com&ui=b2498c856c4342e58396ce9dda68a69b&md=2&ap=undefined&pp=963968048794229&pv=908cdf45-a2f0-413d-a89e-25c1d25ddc6d&sid=ASpDdlIRBZGYTdjI&oz_sc=98b5b4d99faff47334628963&oz_df=1648267517241&oz_l=4156&cv=3 Requested by Host: s.srvsynd.com URL: https://s.srvsynd.com/2/2.52.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.204.126.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-204-126-182.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sat, 26 Mar 2022 04:05:16 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
POST H/1.1	200 OK	postback Show response s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/	0 145 B	24ms 24ms	XHR text/plain	18.204.126.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/postback?sr=connatix.com&ti=x1348625143987662535416127815680&de=2&to=3&ci=234175&dt=2341751597675869250012&di=www.tumgir.com&ui=b2498c856c4342e58396ce9dda68a69b&md=2&ap=undefined&pp=963968048794229&pv=908cdf45-a2f0-413d-a89e-25c1d25ddc6d&sid=ASpDdlIRBZGYTdjI&oz_sc=98b5b4d99faff47334628963&oz_df=1648267517413&oz_l=3338&cv=3 Requested by Host: s.srvsynd.com URL: https://s.srvsynd.com/2/2.52.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.204.126.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-204-126-182.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sat, 26 Mar 2022 04:05:16 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
POST H3	204	bHhIdHBDRysHTTk8EiEhOUEkNUI6AS1GOSgiEBxEDTkSHRMCIW4AGQhFcEFCVU98UgAFHHVHQkoLPBUEGQt1RkBcTW4dHgoXdUZAXE54REBcTm1DMwQMPAQDSUsJUUIqXXoyBwkaOB0TB1UrEB5CC3taEQEZMhseDQ87WhMDFW1GNh8WKQQVDxkgAF4cFi9RRy8WP... mookiyooki.com/	0 484 B	31ms 30ms	Ping text/plain	2606:4700:3036::ac43:c061 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mookiyooki.com/bHhIdHBDRysHTTk8EiEhOUEkNUI6AS1GOSgiEBxEDTkSHRMCIW4AGQhFcEFCVU98UgAFHHVHQkoLPBUEGQt1RkBcTW4dHgoXdUZAXE54REBcTm1DMwQMPAQDSUsJUUIqXXoyBwkaOB0TB1UrEB5CC3taEQEZMhseDQ87WhMDFW1GNh8WKQQVDxkgAF4cFi9RRy8WPRgcSU8LRUlZSHFMSVVAe0xCVUt+TUVYSm4CTVxWcFpHQkhuAU1eSXtDQ19Le0NBXEl5QkhbXjwEEQtFeVIAGAwkSUFaTHBGRltNeUNFVEo Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c061 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.tumgir.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 04:05:17 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5%2Bwm4LyoUlSVwjF5KVucXD%2B8jz%2Fvx%2FAsb04DQRhejNN57ZkXYrl8bjSGdIl4A82L1jzyZRagx8%2FBGfLsKycYGOM6ileBKodLtJYa3WxCNkS%2F%2FAiHElF48BfUue0iMKD%2BqGN%2B17oXt%2BDBfu7hw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6f1d01d0ed0a4bb8-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		snapecaht.png webpick-cdn.s3.amazonaws.com/	0 0
POST H/1.1	200 OK	postback Show response s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/	0 145 B	23ms 23ms	XHR text/plain	18.204.126.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://s.srvsynd.com/2/2.52.0/234175/ASpDdlIRBZGYTdjI/postback?sr=connatix.com&ti=x1348625143987662535416127815680&de=2&to=3&ci=234175&dt=2341751597675869250012&di=www.tumgir.com&ui=b2498c856c4342e58396ce9dda68a69b&md=2&ap=undefined&pp=963968048794229&pv=908cdf45-a2f0-413d-a89e-25c1d25ddc6d&sid=ASpDdlIRBZGYTdjI&oz_sc=98b5b4d99faff47334628963&oz_df=1648267517587&oz_l=205&cv=3 Requested by Host: s.srvsynd.com URL: https://s.srvsynd.com/2/2.52.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.204.126.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-204-126-182.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tumgir.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sat, 26 Mar 2022 04:05:16 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
POST H/1.1	200 OK	ao Show response capi-tier-2-us-east-2.connatix.com/tr/ Frame BC54	0 315 B	36ms 36ms	XHR application/x-protobuf	18.190.16.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi-tier-2-us-east-2.connatix.com/tr/ao?v=156025&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.190.16.20 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-190-16-20.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type multipart/form-data Response headers date Sat, 26 Mar 2022 04:05:16 GMT content-encoding gzip server Kestrel vary Accept-Encoding content-type application/x-protobuf access-control-allow-origin https://www.tumgir.com access-control-allow-credentials true Connection keep-alive Content-Length 20
GET H/1.1	200 OK	snapecaht.png webpick-cdn.s3.amazonaws.com/ Frame 13FB	3 KB 3 KB	265ms 96ms	Image image/png	52.218.182.171 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://webpick-cdn.s3.amazonaws.com/snapecaht.png Requested by Host: d18g6t7whf8ejf.cloudfront.net URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.182.171 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2-w.amazonaws.com Software AmazonS3 / Resource Hash 5af1e32d6499ad2c5e9249164daa9a39860fb4e6f64b223b04fe0afa0c0b6ee2 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 04:05:18 GMT Last-Modified Tue, 25 Dec 2018 13:48:43 GMT Server AmazonS3 x-amz-request-id ZVVFHP5996SPX6DF ETag "84cde431b32705bc6e18c3d7ccc2dd29" Content-Type image/png Accept-Ranges bytes Content-Length 2888 x-amz-id-2 cFiKrSsg6r5ajecsoVXFWiPxqzBHtpbNhLSShTRvV1w29Xnrw61vUuEyE3fbx96zZN4/fAcSXqk= x-amz-meta-s3b-last-modified 20181225T134720Z
GET DATA	200 OK	truncated / Frame 13FB	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 13FB	814 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/svg+xml
POST H/1.1	200 OK	sv Show response capi-tier-2-us-east-2.connatix.com/tr/ Frame BC54	0 315 B	37ms 36ms	XHR application/x-protobuf	18.190.16.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi-tier-2-us-east-2.connatix.com/tr/sv?v=156025&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.190.16.20 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-190-16-20.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type multipart/form-data Response headers date Sat, 26 Mar 2022 04:05:17 GMT content-encoding gzip server Kestrel vary Accept-Encoding content-type application/x-protobuf access-control-allow-origin https://www.tumgir.com access-control-allow-credentials true Connection keep-alive Content-Length 20
POST H/1.1	200 OK	abt Show response capi-tier-2-us-east-2.connatix.com/tr/ Frame BC54	0 315 B	36ms 36ms	XHR application/x-protobuf	18.190.16.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi-tier-2-us-east-2.connatix.com/tr/abt?v=156025&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Requested by Host: cd.connatix.com URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.190.16.20 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-190-16-20.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type multipart/form-data Response headers date Sat, 26 Mar 2022 04:05:19 GMT content-encoding gzip server Kestrel vary Accept-Encoding content-type application/x-protobuf access-control-allow-origin https://www.tumgir.com access-control-allow-credentials true Connection keep-alive Content-Length 20

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.tumgir.com

URL

https://www.tumgir.com/sw.js?ejB5ejMhEkFOBU0BSVgfWBJVWANCVUxJA0tSVEJSTwhUTldKAlQYBh9TVEwGGwhMTgUcUhwbBVgcW0JWSVUdHARDHUFPUEwdTR4ESR1BQgQeHU4cUE4GT08HTVYbThFWEgoNEVYSFBRdHl4XGF0UHhoVXlgcW0sDVAVbVlUbXAofHxxRFQlWVlYYFkAfbQ

Domain

s7.addthis.com

URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTc0NWZmYmUtNzE0NS02ODc1LTQ1YTgtMzk4NmUwMDJlYjJm&gdpr=0&gdpr_consent=undefined

Domain

vid.connatix.com

URL

https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/a636eb58-8a35-4be2-a0d2-aedd87a33df9/424ceb86-a56f-49ee-935c-f5c295840c4f_/0.mp4

Domain

webpick-cdn.s3.amazonaws.com

URL

https://webpick-cdn.s3.amazonaws.com/snapecaht.png