www.tumgir.com Open in urlscan Pro
104.131.46.126 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.tumgir.com/
Effective URL:
https://www.tumgir.com/
Submission: On April 07 via manual (April 7th 2021, 4:26:04 pm UTC) from UA

Summary HTTP 159 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 25 domains to perform 159 HTTP transactions. The main IP is 104.131.46.126, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.tumgir.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 17th 2021. Valid for: a year.

This is the only time www.tumgir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	104.131.46.126 104.131.46.126	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
15	192.0.77.3 192.0.77.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	13.32.23.169 13.32.23.169	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:7e00:6:2e3c:5fc0:21	16509 (AMAZON-02) (AMAZON-02)
6	184.30.24.107 184.30.24.107	16625 (AKAMAI-AS) (AKAMAI-AS)
13	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:b5d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.237.125.12 54.237.125.12	14618 (AMAZON-AES) (AMAZON-AES)
4 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	184.30.21.162 184.30.21.162	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3	2606:4700:20:... 2606:4700:20::ac43:44a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	152.199.21.147 152.199.21.147	15133 (EDGECAST) (EDGECAST)
1	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	108.129.45.237 108.129.45.237	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.135.234 185.29.135.234	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 5	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	151.101.36.84 151.101.36.84	54113 (FASTLY) (FASTLY)
3	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
159	33

26 104.131.46.126 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.tumgir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 192.0.77.3 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

64.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.169 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-169.fra56.r.cloudfront.net

d18g6t7whf8ejf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:7e00:6:2e3c:5fc0:21 (United States)

ASN16509 (AMAZON-02, US)

dmmzkfd82wayn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.30.24.107 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-107.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:b5d (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.237.125.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-125-12.compute-1.amazonaws.com

ertented.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-162.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:44a2 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.199.21.147 (United States) 5 redirects

ASN15133 (EDGECAST, US)

api.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.40 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

assets.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.129.45.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-45-237.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.234 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

303e5f6e13de36fc35aff54bff7a12aa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7e6c37430b76c030e065d96aeaee6c65.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.36.84 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com tpc.googlesyndication.com 303e5f6e13de36fc35aff54bff7a12aa.safeframe.googlesyndication.com 7e6c37430b76c030e065d96aeaee6c65.safeframe.googlesyndication.com pagead2.googlesyndication.com	238 KB
26	tumgir.com 1 redirects www.tumgir.com	204 KB
21	doubleclick.net 3 redirects pubads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	390 KB
21	tumblr.com 5 redirects 64.media.tumblr.com va.media.tumblr.com api.tumblr.com assets.tumblr.com	3 MB
20	rubiconproject.com 10 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel-eu.rubiconproject.com pixel.rubiconproject.com	39 KB
7	googletagservices.com www.googletagservices.com	187 KB
6	google.com 2 redirects adservice.google.com www.google.com	1 KB
5	ampproject.org cdn.ampproject.org	108 KB
5	addthis.com s7.addthis.com api-public.addthis.com	191 KB
3	setupad.com node.setupad.com	625 B
3	google.de adservice.google.de	2 KB
3	setupad.net prebid-stag.setupad.net	2 KB
3	stpd.cloud stpd.cloud	495 KB
3	cloudfront.net d18g6t7whf8ejf.cloudfront.net dmmzkfd82wayn.cloudfront.net	207 KB
2	pinterest.com widgets.pinterest.com	430 B
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com ads.yahoo.com	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	mathtag.com 1 redirects sync.mathtag.com	610 B
1	adsrvr.org match.adsrvr.org	265 B
1	rlcdn.com id.rlcdn.com	66 B
1	addthisedge.com v1.addthisedge.com	691 B
1	moatads.com z.moatads.com	1 KB
1	ertented.online ertented.online
1	gstatic.com fonts.gstatic.com	15 KB
1	googleapis.com fonts.googleapis.com	729 B
159	25

	Domain	Requested by
26	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.tumgir.com 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com tpc.googlesyndication.com
26	www.tumgir.com	1 redirects www.tumgir.com
14	64.media.tumblr.com	www.tumgir.com
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.tumgir.com www.googletagservices.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.tumgir.com
7	www.googletagservices.com	www.tumgir.com securepubads.g.doubleclick.net 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
6	eus.rubiconproject.com	www.tumgir.com eus.rubiconproject.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	cm.g.doubleclick.net	3 redirects eus.rubiconproject.com
5	api.tumblr.com	5 redirects
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
3	node.setupad.com	www.tumgir.com
3	api-public.addthis.com	s7.addthis.com
3	www.google.com	2 redirects www.tumgir.com
3	googleads.g.doubleclick.net	68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com www.tumgir.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	pixel.rubiconproject.com	eus.rubiconproject.com
3	prebid-stag.setupad.net	eus.rubiconproject.com
3	pixel-eu.rubiconproject.com	3 redirects
3	secure-assets.rubiconproject.com	3 redirects
3	stpd.cloud	www.tumgir.com
3	pubads.g.doubleclick.net	www.tumgir.com
2	widgets.pinterest.com	s7.addthis.com
2	68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.tumgir.com www.google-analytics.com
2	s7.addthis.com	www.tumgir.com s7.addthis.com
2	dmmzkfd82wayn.cloudfront.net	www.tumgir.com
1	7e6c37430b76c030e065d96aeaee6c65.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	303e5f6e13de36fc35aff54bff7a12aa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ads.yahoo.com	eus.rubiconproject.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	match.adsrvr.org	eus.rubiconproject.com
1	id.rlcdn.com	eus.rubiconproject.com
1	assets.tumblr.com	www.tumgir.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	ertented.online	www.tumgir.com
1	fonts.gstatic.com	fonts.googleapis.com
1	va.media.tumblr.com	www.tumgir.com
1	d18g6t7whf8ejf.cloudfront.net	www.tumgir.com
1	fonts.googleapis.com	www.tumgir.com
159	43

This site contains links to these domains. Also see Links.

Domain
www.addthis.com

Subject Issuer	Validity	Valid
tumgir.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-17` - `2022-03-18`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.media.tumblr.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-10` - `2022-02-09`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-06` - `2022-04-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-21` - `2021-09-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
ertented.online R3	`2021-02-28` - `2021-05-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
tumblr.com DigiCert SHA2 Extended Validation Server CA	`2020-07-09` - `2022-04-14`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-05-05`	a month	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
node.setupad.com R3	`2021-02-03` - `2021-05-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.tumgir.com/
Frame ID: 9779AF8FFA1ABD0B6AA41D9F37F10BDF
Requests: 69 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 0739B577EEA87F8499BEA4A73D7DADC7
Requests: 13 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: DCC0F7614FBA5464A1B32389B1BCC55E
Requests: 12 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 85B35922820715A686B482EBB8CA1FC4
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: E7120E4A7B392C22C7FCDAC566A7953E
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: EAF552361D83F16801E2F6CADE1E7DA4
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 8BE37AF90164565C64C1C8D788DE5617
Requests: 3 HTTP requests in this frame

Frame: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 8B883AF87FC6C5D9E1DB80D20FAA5B2E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html
Frame ID: DCA9AE897FF71206B5FDF5D55D059CE1
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 4695ED16BFAD28636F3CAD8585884BD2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A38E5A604224C3B98D4EC51F5C33CA05
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: DB7AC1E75EDC173D795F60AC0393405E
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAD0kFsktfN0mJxEsir7OYakC4BIOfjj6Kaqv2cHOQKdEJcB44lfvEBuXkX5pD0VpDLjADysR-b5iu8FHdG2s9fFnemftC8dGEqYkxcU8c-lTWqQJlLH6PAwKj7b9hL88Z3xQOq17zNPCSLP39kWZ1feT2ZGH5oiQpczTrWqA4_YC2j_dF_Ny6dAEakkVjQEsicLsFeotKU_ZTFSbSwtnc8cY5E86tIm9VtrwEzpWk9f2f4KLy6rzC099KXBLb6mwRL04BimVIn4ec-VvDYlCEJrYRTyA4lXSsjVQb3noaXtBE8Ygc5TsZEPUDnIQ2kE9gzZLGC6uzzMjX7vMVn8aC5Nrk9MVndfGC083OMtQseesSHt7r&sig=Cg0ArKJSzPw0X_shqmwNEAE&adurl=
Frame ID: 03688835278A96273CFA2CACF5222AB1
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: F191F90A9A53E9456C8E6A04152822A7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 2479F6B373CBBE4763994BF59E1B184B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.tumgir.com/ HTTP 301
https://www.tumgir.com/ Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

159
Requests

100 %
HTTPS

46 %
IPv6

25
Domains

43
Subdomains

33
IPs

5
Countries

5563 kB
Transfer

10078 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.tumgir.com/ HTTP 301
https://www.tumgir.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 45

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 47

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 61

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF

Request Chain 62

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF

Request Chain 69

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF

Request Chain 74

https://api.tumblr.com/v2/blog/sungie-baby.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_980c25a24037_128.png

Request Chain 75

https://api.tumblr.com/v2/blog/skymeteorcom.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_82a34c87a430_128.png

Request Chain 76

https://api.tumblr.com/v2/blog/99xd.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/30b68ae4e458dc117af871486b9bfd19/20f0ad58a55c73b0-a4/s128x128u_c1/d537b680436b4b2fe195b3fbff36e3862544a892.jpg

Request Chain 77

https://api.tumblr.com/v2/blog/sodaprop.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/bf7665e8ebc9363e027af31a1126e94a/b5cb9bb19586e335-34/s128x128u_c1/423c74521eb608cf4626139e0d6bb4a68152cba0.png

Request Chain 78

https://api.tumblr.com/v2/blog/semekurapika.tumblr.com/avatar/128 HTTP 302
https://assets.tumblr.com/images/default_avatar/octahedron_closed_128.png

Request Chain 81

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ae89606d-dd0a-4e00-a19c-060a9a73c74f

Request Chain 82

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWI2NTBkNTI3ZmU2N2VmMDQ0MGIyZGJkZDdmODQyNzJmN2U1NGYzNw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWI2NTBkNTI3ZmU2N2VmMDQ0MGIyZGJkZDdmODQyNzJmN2U1NGYzNw&google_tc=

Request Chain 83

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/yPoreAaryB-m6BVM0_aqiMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7480225752431411037

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJI92WYEKgWQ-oDcWzpmFLc&google_cver=1

Request Chain 85

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KN7NXSEL-1Q-HLCF&sigv=1&esig=2~1ce7e23ce5dcb758d5d6d35c39051144386a08e6

Request Chain 86

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S043TlhTRUwtMVEtSExDRg==

Request Chain 123

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 154

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

159 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.tumgir.com/
Redirect Chain

http://www.tumgir.com/
https://www.tumgir.com/

83 KB
17 KB

681ms
444ms

Document
text/html

104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Next.js
Resource Hash: 475ef694f3a19bf8715e514643ef86fbddd9f2fdd70cfee4521dad97afd811e7

Request headers

Host: www.tumgir.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 07 Apr 2021 16:25:45 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Next.js
ETag: "14aa4-ERQPsLQjsz/XN83fChMkA4aeI2M"
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 07 Apr 2021 16:25:44 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.tumgir.com/

GET
H/1.1 200
OK 84a534406aa48ef892fc.css
www.tumgir.com/_next/static/css/ 13 KB
4 KB 124ms
116ms Stylesheet
text/css 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/css/84a534406aa48ef892fc.css
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e903ad3f02d5e1e8872d0614b28a947649dca80890e8e639d9e71d7c107711a8

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Mar 2021 22:39:27 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"353d-17880245177"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK webpack-6eacafe1c4ae8e87edf3.js Show response
www.tumgir.com/_next/static/chunks/ 2 KB
1 KB 241ms
116ms Script
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/webpack-6eacafe1c4ae8e87edf3.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6e21714273010a449616624fad38442cb3a35a20625cbbce0780c7da0c67ef4e

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Mar 2021 22:29:43 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"78b-1788541c525"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK framework-c4f702b9f4df8c5c50ac.js Show response
www.tumgir.com/_next/static/chunks/ 128 KB
42 KB 482ms
239ms Script
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/framework-c4f702b9f4df8c5c50ac.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 846ebae4909cae3822f281adf6a0e47b459f90e7984381fcc91e42432df4791d

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Mar 2021 22:39:27 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1ffd7-17880245177"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 679-ca4d2f44d7a438de95f6.js Show response
www.tumgir.com/_next/static/chunks/ 41 KB
14 KB 680ms
437ms Script
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a04709563ec1d86a4591aa022c3ddec0acc38afb24763affd3b82401473f8ed8

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Mar 2021 22:39:27 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"a233-17880245177"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 778-0d52f781083d413dfe3c.js Show response
www.tumgir.com/_next/static/chunks/ 18 KB
7 KB 363ms
120ms Script
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/778-0d52f781083d413dfe3c.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a45fe4cdd10cd8acacc426def5b29046ed9b70ef900ea7cb8e808ad7d2974af4

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Mar 2021 22:39:27 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"4856-1788024517b"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK main-b585fbee1813a2c23693.js Show response
www.tumgir.com/_next/static/chunks/ 180 B
555 B 363ms
120ms Script
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/main-b585fbee1813a2c23693.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d915e2ab9725531064cdc0d9805a5e5d6621a51fb6645d9e2721224e66c1ee2c

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:45 GMT
Last-Modified: Mon, 29 Mar 2021 22:39:27 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"b4-17880245177"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 180

GET
H/1.1 200
OK 683-7baf3b0a0b28f1633472.js Show response
www.tumgir.com/_next/static/chunks/ 8 KB
4 KB 428ms
182ms Script
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/683-7baf3b0a0b28f1633472.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 720ab0a9951974a890813d1e01c1dcd366f54848e6698f0ab480e890ce8df484

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Mar 2021 22:39:27 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"21d4-17880245177"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK _app-285fe2b53c8f21c1ee83.js Show response
www.tumgir.com/_next/static/chunks/pages/ 17 KB
6 KB 680ms
434ms Script
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/_app-285fe2b53c8f21c1ee83.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c701ea84a84ea04a94ee44556a004a201d9b62564b043ebf1515c2d2627ea38c

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Mar 2021 22:39:27 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"4351-17880245177"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 451-e40e8a477de603305dfd.js Show response
www.tumgir.com/_next/static/chunks/ 23 KB
6 KB 498ms
134ms Script
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/451-e40e8a477de603305dfd.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b309bc576a89bb39717b298e99dd678c182c3923a30446f4e73d339b89b39803

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Mar 2021 22:13:57 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"5c98-17885335541"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK index-98b7c0e7eb936e0eae8e.js Show response
www.tumgir.com/_next/static/chunks/pages/ 5 KB
2 KB 497ms
133ms Script
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/index-98b7c0e7eb936e0eae8e.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 13a51d932ed378188705602f8f4f6b42b50123c86aedc01b284adecc538dfd25

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Mar 2021 22:29:43 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"12a6-1788541c525"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
729 B 20ms
14ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Apr 2021 16:25:45 GMT
server: ESF
date: Wed, 07 Apr 2021 16:25:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Apr 2021 16:25:45 GMT

GET
H2 200 6bacc4d9eddcd4fb7b24e3b640fab4e3acf4d3fa.jpg
64.media.tumblr.com/34f748b282900893aebfaf5a36dc2cd0/09bbce6f3984b338-f9/s1280x1920/ 301 KB
302 KB 120ms
60ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/34f748b282900893aebfaf5a36dc2cd0/09bbce6f3984b338-f9/s1280x1920/6bacc4d9eddcd4fb7b24e3b640fab4e3acf4d3fa.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bcd3c6f15cd0b683cddac2f8d72db2821954e35b71e44dfda3c3366daae5430c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 07 Apr 2021 16:25:45 GMT
last-modified: Tue, 02 Feb 2021 14:26:06 GMT
server: nginx
x-frames: 1
etag: "2747d18b59475243ce213144ac95695c-1498089600-fa60115"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_34f748b282900893aebfaf5a36dc2cd0_6bacc4d9_1280.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 308539

GET
H2 200 9d87f9e2e3005ffdfd816e26452295a2b43e8e23.jpg
64.media.tumblr.com/9acfe38cd5e49f6fae70ac732a35b608/6f5d317420ca6aaa-88/s1280x1920/ 185 KB
185 KB 120ms
60ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/9acfe38cd5e49f6fae70ac732a35b608/6f5d317420ca6aaa-88/s1280x1920/9d87f9e2e3005ffdfd816e26452295a2b43e8e23.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2072831dcd870cdb187134a38a9922aafbda03a94cce8408e9c6a452a1772fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 07 Apr 2021 16:25:45 GMT
last-modified: Wed, 10 Mar 2021 05:09:47 GMT
server: nginx
x-frames: 1
etag: "d897c13c13ff450b67062064cab8d4ec-1498089600-21d6383"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_9acfe38cd5e49f6fae70ac732a35b608_9d87f9e2_1280.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 189391

GET
H2 200 ec6f7a11f8536a94f6f84b518b6a23315f8ed4d4.jpg
64.media.tumblr.com/8571cb6c3c48303d8011c01fa751d4e0/cb823877ff4782c5-b9/s1280x1920/ 63 KB
64 KB 92ms
33ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/8571cb6c3c48303d8011c01fa751d4e0/cb823877ff4782c5-b9/s1280x1920/ec6f7a11f8536a94f6f84b518b6a23315f8ed4d4.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c7c83afdc4e1d616c560c926d27d69c570612e131138b535fab2613773f6f153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 07 Apr 2021 16:25:45 GMT
last-modified: Sun, 07 Mar 2021 17:32:15 GMT
server: nginx
x-frames: 1
etag: "b26c1b9ff281559f28c1d4f70e53b45c-1498089600-191451c"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_8571cb6c3c48303d8011c01fa751d4e0_ec6f7a11_1280.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 64809

GET
H2 200 622681dd270e50f6fd920697b600ff75a985db36.jpg
64.media.tumblr.com/04910506666de1b36b94618b34871b61/fcd5f46f5c8b973e-99/s1280x1920/ 99 KB
99 KB 123ms
63ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/04910506666de1b36b94618b34871b61/fcd5f46f5c8b973e-99/s1280x1920/622681dd270e50f6fd920697b600ff75a985db36.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

79098f88c1786bfdf3965ecdabf9d91c45f40f059be90f15e138b09ca0c2e3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 07 Apr 2021 16:25:45 GMT
last-modified: Tue, 09 Mar 2021 10:23:09 GMT
server: nginx
x-frames: 1
etag: "c0c219e581fd5cc215f190e006ffa6d7-1498089600-191451c"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_04910506666de1b36b94618b34871b61_622681dd_1280.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 101246

GET
H2 200 2379acf05bf5f7736be45b8ba72ae0419ea0422e.gifv
64.media.tumblr.com/9d811a8959d0314bfa0243ee1d3a6010/d27d89652352ac03-77/s640x960/ 207 KB
208 KB 123ms
64ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/9d811a8959d0314bfa0243ee1d3a6010/d27d89652352ac03-77/s640x960/2379acf05bf5f7736be45b8ba72ae0419ea0422e.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a40cdd6e5d27df9240d37e3fc431dbd107aa2f8d508f8022f88f7131ba930fbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:45 GMT
vary: Accept
content-disposition: inline; filename="tumblr_9d811a8959d0314bfa0243ee1d3a6010_2379acf0_640.webp"
strict-transport-security: max-age=31536000; preload
content-length: 212234
x-nc: HIT hhn 4
last-modified: Wed, 24 Mar 2021 19:50:14 GMT
server: nginx
etag: "58285f8e3a82ead0aaf5164c7e18151a-1523937600-add5f34"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 128e7909dd2695148af3855d6a0f16bbcae831b0.jpg
64.media.tumblr.com/ad94091f5fb5567225a52dd2ecbecafa/0f8696aa73a8a35d-f2/s2048x3072/ 629 KB
630 KB 122ms
63ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/ad94091f5fb5567225a52dd2ecbecafa/0f8696aa73a8a35d-f2/s2048x3072/128e7909dd2695148af3855d6a0f16bbcae831b0.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ae3772004d4ea08d89a4eeac003bd02b3d311baad221079f3bf2fb9236b74da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 07 Apr 2021 16:25:45 GMT
last-modified: Thu, 25 Mar 2021 17:33:17 GMT
server: nginx
x-frames: 1
etag: "50a2570a250f0b934ddf6495b9a0bd3c-1498089600-add5f34"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_ad94091f5fb5567225a52dd2ecbecafa_128e7909_2048.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 644055

GET
H2 200 557792041a558658802002eed4245f4737720e64.jpg
64.media.tumblr.com/e46734b70d7b764fe2552006c55307f9/0f8696aa73a8a35d-4d/s2048x3072/ 495 KB
496 KB 97ms
94ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/e46734b70d7b764fe2552006c55307f9/0f8696aa73a8a35d-4d/s2048x3072/557792041a558658802002eed4245f4737720e64.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1c55ebc35b281da4a20c75a93ace05c8ddcbb2f9764d32f255f8dac79bcd2a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 07 Apr 2021 16:25:45 GMT
last-modified: Thu, 25 Mar 2021 17:33:36 GMT
server: nginx
x-frames: 1
etag: "7c45e4e7a2db464c0efa9ca23204b56f-1498089600-add5f34"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_e46734b70d7b764fe2552006c55307f9_55779204_2048.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 507157

GET
H2 200 bc4c4b8333172c6d9a3edbcb0e37c98364ab5514.jpg
64.media.tumblr.com/1a5836b41a97438be2465d84e36b0dbe/0f8696aa73a8a35d-61/s2048x3072/ 503 KB
504 KB 96ms
94ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/1a5836b41a97438be2465d84e36b0dbe/0f8696aa73a8a35d-61/s2048x3072/bc4c4b8333172c6d9a3edbcb0e37c98364ab5514.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

db1b6637e9ecea50f1cfd55176ac83f478cb45b977aa06094cc5f78677629ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 07 Apr 2021 16:25:45 GMT
last-modified: Thu, 25 Mar 2021 17:33:38 GMT
server: nginx
x-frames: 1
etag: "208c4853fbccad0cc4ee76be5dee3de9-1498089600-add5f34"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_1a5836b41a97438be2465d84e36b0dbe_bc4c4b83_2048.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 515424

GET
H2 200 f8cadae5dacfa214af1d2fcf31bfa4f16b94019f.jpg
64.media.tumblr.com/e2f48bef910187e9ae6cb106be3a3705/0f8696aa73a8a35d-45/s2048x3072/ 465 KB
466 KB 97ms
95ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/e2f48bef910187e9ae6cb106be3a3705/0f8696aa73a8a35d-45/s2048x3072/f8cadae5dacfa214af1d2fcf31bfa4f16b94019f.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2dec7955e2c09f75a338ebafbda202d86820c13964e97eb41d9110717cb9c15b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 07 Apr 2021 16:25:45 GMT
last-modified: Thu, 25 Mar 2021 17:33:42 GMT
server: nginx
x-frames: 1
etag: "54be41e22e21c035f7af82a2c9964126-1498089600-add5f34"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_e2f48bef910187e9ae6cb106be3a3705_f8cadae5_2048.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 476404

GET
H2 200 0078260256b8c7043a6fa368755f41783597f20e.jpg
64.media.tumblr.com/b8475baf4354767d3b9dada7c5a483d6/0f8696aa73a8a35d-9f/s2048x3072/ 440 KB
440 KB 103ms
101ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/b8475baf4354767d3b9dada7c5a483d6/0f8696aa73a8a35d-9f/s2048x3072/0078260256b8c7043a6fa368755f41783597f20e.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

efd51931d74217a3e0509d427bbfccdd15d6cda58eb0420a0f99ec7bd8be4e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 07 Apr 2021 16:25:45 GMT
last-modified: Thu, 25 Mar 2021 17:33:45 GMT
server: nginx
x-frames: 1
etag: "8bffdf2f53430f70c45f4d90f0e7f588-1498089600-add5f34"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_b8475baf4354767d3b9dada7c5a483d6_00782602_2048.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 450385

GET
H/1.1 200
OK sw.js Show response
www.tumgir.com/ 160 KB
62 KB 415ms
323ms Script
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/sw.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2226817fa4c105adcb289f1dd78fd1353bacf8b7a467517b8b7cf2a554ab16d0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding: gzip
Last-Modified: Sun, 14 Mar 2021 13:43:16 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"28145-17830fa0bf0"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 / Show response
d18g6t7whf8ejf.cloudfront.net/ 144 KB
45 KB 254ms
179ms Script
text/plain 13.32.23.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-169.fra56.r.cloudfront.net
Software: /
Resource Hash: d2c254d122ad8059772e7d216e5a3b677738c0f1d28f40d738f8a2ada654a7ef

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:45 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 45401
via: 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
x-amz-cf-id: 9rR_idR0o00-BdcM9EydFJifly9QGe1ix3WYSwU4k49v_lgp7C9-Rg==

GET
H2 200 / Show response
dmmzkfd82wayn.cloudfront.net/ 247 KB
81 KB 203ms
165ms Script
text/plain 2600:9000:2057:7e00:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7e00:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f39e72543d96597123db564b645092680c6487a64761dd0795db3c8fc12da104

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:45 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 82906
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-id: VgEJwcuIT1DXuZ9qFNy5TJIenFveUFLjWdBibmv8OVSNhmaT7V38lQ==

GET
H/1.1 200
OK _buildManifest.js Show response
www.tumgir.com/_next/static/a5a2031d1d4c6ba71c23d0064e612cd996085d16/ 801 B
1 KB 116ms
115ms Script
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/a5a2031d1d4c6ba71c23d0064e612cd996085d16/_buildManifest.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 18070ec05aa1fbbeaae382050d03705bc2025b2f0c0beb0092012d86daad2a61

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:45 GMT
Last-Modified: Tue, 30 Mar 2021 22:29:43 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"321-1788541c525"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 801

GET
H/1.1 200
OK _ssgManifest.js Show response
www.tumgir.com/_next/static/a5a2031d1d4c6ba71c23d0064e612cd996085d16/ 77 B
451 B 121ms
120ms Script
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/a5a2031d1d4c6ba71c23d0064e612cd996085d16/_ssgManifest.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:45 GMT
Last-Modified: Tue, 30 Mar 2021 22:29:43 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"4d-1788541c525"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 97ms
35ms Script
application/javascript 184.30.24.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-107.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 07 Apr 2021 16:25:45 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 57 KB
13 KB 149ms
81ms XHR
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/tumgir.com_300x600_sticky_left_desktop_DFP&sz=300x600&t=Placement_type%3Dserving&1617812745497

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ce5bf385a911f710c9e4e84e08586c99c0abb8f749ea5bb2565588bf617cbb7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13416
x-xss-protection: 0
google-lineitem-id: 5653592300
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138344855354
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 58 KB
14 KB 141ms
78ms XHR
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/tumgir.com_300x600_sticky_right_desktop_DFP&sz=300x600&t=Placement_type%3Dserving&1617812745502

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

77bc0d1c5e227bb4b26ce12fc045b61307495d61317fb121571de80294c7ebec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13561
x-xss-protection: 0
google-lineitem-id: 5651907510
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138344234064
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 206 tumblr_qqrzsna66P1qejbir.mp4
va.media.tumblr.com/ 128 KB
0 26ms
25ms Media
video/mp4 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://va.media.tumblr.com/tumblr_qqrzsna66P1qejbir.mp4

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-nc: HIT hhn 2
date: Wed, 07 Apr 2021 16:25:45 GMT
last-modified: Tue, 30 Mar 2021 09:31:47 GMT
server: nginx
access-control-allow-origin: *
etag: "1007d6e25bb139ba55de4471eb3679e3"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: video/mp4
Content-Range: bytes 0-4733540/4733541
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
Content-Length: 4733541
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 adx Show response
pubads.g.doubleclick.net/gampad/ 56 KB
14 KB 154ms
107ms XHR
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/tumgir.com_970x90_sticky_anchorad_desktop_DFP&sz=970x90&t=Placement_type%3Dserving&1617812745706

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

1ea77a57ca0b95c035c3eca9f0660e8580c8fae6b89681276edeae9f0093c45a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
google-lineitem-id: 5651910225
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138344197877
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 178 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 352 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 243 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.tumgir.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 21:15:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 155397
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 05 Apr 2022 21:15:48 GMT

GET
H2 200 stpd201221.js Show response
stpd.cloud/assets/postbid/ Frame 0739 668 KB
165 KB 85ms
59ms Script
application/javascript 2606:4700:20::681a:b5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd201221.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Apr 2021 16:25:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
content-md5: Z31KcnNREDgCG5fqQFS/wA==
age: 1805
cf-request-id: 094ec0866200004a9e09a64000000001
x-ms-lease-status: unlocked
last-modified: Wed, 07 Apr 2021 13:54:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BLQRT7fPuYeMjKTjue7Jm6nTiXm3VxtC4kbH1XPy6UsWh%2BLC0SqkkAL%2B4cZZKGh2459rubfV6lS5oneZo9jVqodwjFr2nyb8F2%2BhlEma1TVzDufhOn%2FU"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-ms-request-id: 6dc9a078-f01e-0055-61b5-2bef1c000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 63c49d1d5f7e4a9e-FRA

GET
H2 200 stpd201221.js Show response
stpd.cloud/assets/postbid/ Frame DCC0 668 KB
165 KB 74ms
52ms Script
application/javascript 2606:4700:20::681a:b5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd201221.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Apr 2021 16:25:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
content-md5: Z31KcnNREDgCG5fqQFS/wA==
age: 1805
cf-request-id: 094ec0866300004a9e2f3fd000000001
x-ms-lease-status: unlocked
last-modified: Wed, 07 Apr 2021 13:54:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6HGTEheIRJ6Uq9m%2B4AJn9%2F%2Fhk0RWa5QuM2PXZIvIN9zKeaMEMLVYzq%2Bg6vEYpp4fPeGQ1JBwuD5OECjJG3uK2Fc0gHBaljjhttOJSmvmAttnCehwWHSR"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-ms-request-id: 6dc9a078-f01e-0055-61b5-2bef1c000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 63c49d1d6f8e4a9e-FRA

GET
H2 200 stpd201221.js Show response
stpd.cloud/assets/postbid/ Frame 85B3 668 KB
165 KB 40ms
38ms Script
application/javascript 2606:4700:20::681a:b5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd201221.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Apr 2021 16:25:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
content-md5: Z31KcnNREDgCG5fqQFS/wA==
age: 1805
cf-request-id: 094ec0869400004a9e7e245000000001
x-ms-lease-status: unlocked
last-modified: Wed, 07 Apr 2021 13:54:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fr9ldeGsP3pFPpqnn7AIZ9RRkCVf4cX1Y8c0chjqUz4MMV2PmnPhpaZJJyDGV0mDx%2FuXBwG1iVN9%2BpXUTxYykYNc0cQ0MTa8N6V3M%2BYTvrOgNJfOptvC"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-ms-request-id: 6dc9a078-f01e-0055-61b5-2bef1c000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 63c49d1db86a4a9e-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 0739 59 KB
20 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

842fd99acd0ab8b7df9e91adb905c588e55c34506783b2876833a1753ccdbd58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "835 / 906 of 1000 / last-modified: 1617810914"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20287
x-xss-protection: 0
expires: Wed, 07 Apr 2021 16:25:46 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E712
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

93ms
30ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tumgir.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tumgir.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Apr 2021 16:25:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date: Wed, 07 Apr 2021 16:25:46 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame DCC0 59 KB
20 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

842fd99acd0ab8b7df9e91adb905c588e55c34506783b2876833a1753ccdbd58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "835 / 672 of 1000 / last-modified: 1617810914"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20287
x-xss-protection: 0
expires: Wed, 07 Apr 2021 16:25:46 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame EAF5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

107ms
46ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tumgir.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tumgir.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Apr 2021 16:25:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date: Wed, 07 Apr 2021 16:25:46 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 85B3 59 KB
20 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

842fd99acd0ab8b7df9e91adb905c588e55c34506783b2876833a1753ccdbd58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "835 / 754 of 1000 / last-modified: 1617810914"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20287
x-xss-protection: 0
expires: Wed, 07 Apr 2021 16:25:46 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 8BE3
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

53ms
30ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tumgir.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tumgir.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Apr 2021 16:25:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date: Wed, 07 Apr 2021 16:25:46 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 pubads_impl_2021040101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0739 286 KB
101 KB 89ms
32ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 08:39:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103004
x-xss-protection: 0
expires: Wed, 07 Apr 2021 16:25:46 GMT

GET
H2 200 pubads_impl_2021040101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DCC0 286 KB
101 KB 114ms
61ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 08:39:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103004
x-xss-protection: 0
expires: Wed, 07 Apr 2021 16:25:46 GMT

GET
H2 200 pubads_impl_2021040101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 85B3 286 KB
101 KB 94ms
48ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 08:39:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103004
x-xss-protection: 0
expires: Wed, 07 Apr 2021 16:25:46 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E712 31 KB
10 KB 61ms
33ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bf97d54048ff565046af3d9dbb31300a9b12c8a3b8e3ac73a49abef835c7d225

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Mar 2021 23:26:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=41030
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9418
Expires: Thu, 08 Apr 2021 03:49:36 GMT

GET
H2 502 MTdxZ3NKFQIQLERFHUVJE18FEwNCDV5IBEZAXxMGXFAYFV1SWBxIAEYZGxRRHRUCChUTDUBLUUJaB0VJEwRfUVEdFQUGFG5eFUVJEw9FUUQAB1NLUUJCEzgaVQVTXVEBVkJeSwIGQUpFBw4XSkdUURNKEgkPEkoVBQYQBUNXD0RQSwYVDA
ertented.online/ 0
0 380ms
137ms Script
text/plain 54.237.125.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ertented.online/MTdxZ3NKFQIQLERFHUVJE18FEwNCDV5IBEZAXxMGXFAYFV1SWBxIAEYZGxRRHRUCChUTDUBLUUJaB0VJEwRfUVEdFQUGFG5eFUVJEw9FUUQAB1NLUUJCEzgaVQVTXVEBVkJeSwIGQUpFBw4XSkdUURNKEgkPEkoVBQYQBUNXD0RQSwYVDA
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.237.125.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-125-12.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type
x-powered-by: Express
access-control-allow-methods: GET, POST

GET
H2 200 / Show response
dmmzkfd82wayn.cloudfront.net/ 247 KB
81 KB 17ms
13ms Script
text/plain 2600:9000:2057:7e00:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7e00:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f39e72543d96597123db564b645092680c6487a64761dd0795db3c8fc12da104

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:45 GMT
content-encoding: gzip
age: 1
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop: FRA6-C1
content-length: 82906
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-id: oKRQ76Y-Qi7nMZpvPXZnOEquCRCW6Y1jomlzjUsSEJGBmLB7NkbMDQ==

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8BE3 31 KB
10 KB 34ms
33ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bf97d54048ff565046af3d9dbb31300a9b12c8a3b8e3ac73a49abef835c7d225

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Mar 2021 23:26:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=41030
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9418
Expires: Thu, 08 Apr 2021 03:49:36 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame EAF5 31 KB
10 KB 34ms
33ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bf97d54048ff565046af3d9dbb31300a9b12c8a3b8e3ac73a49abef835c7d225

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Mar 2021 23:26:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=41030
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9418
Expires: Thu, 08 Apr 2021 03:49:36 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E712 284 B
932 B 215ms
26ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 3438
date: Wed, 07 Apr 2021 15:28:28 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Wed, 07 Apr 2021 17:28:28 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 84ms
29ms Script
application/x-javascript 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:46 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: B402EDC6F7271ED7
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=40097
accept-ranges: bytes
content-length: 948
x-amz-id-2: 3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5c61e9923da745ae/ 1 KB
691 B 135ms
133ms Script
application/javascript 184.30.24.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5c61e9923da745ae/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-107.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b1407278f2000cc72b2c477790dd5b22eb51167d6dafc9ddc1c31b81b12a3434

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:46 GMT
content-encoding: gzip
etag: 1208431126--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=40, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 515

GET
H/1.1 200
OK last-seen-blog Show response
www.tumgir.com/api/tumblr/ 604 B
1 KB 122ms
122ms Fetch
application/json 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tumgir.com/api/tumblr/last-seen-blog

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/451-e40e8a477de603305dfd.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

057f63afb012452bdc4bc1e51e067993dc667e49dad07dae7d041ae99beae778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Express
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 604
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
Date: Wed, 07 Apr 2021 16:25:46 GMT
Expect-CT: max-age=0
Vary: Accept-Encoding
X-Download-Options: noopen
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
ETag: W/"25c-QYFMgzibam+Eg8A3/phoiTGxbhI"

GET
H2

200

setuid
prebid-stag.setupad.net/ Frame 8BE3
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF

0
882 B

51ms
23ms

Image
text/plain

2606:4700:20::ac43:44a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:46 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=psewyE%2BFQEhD9WQYIFn9uQ%2FwMybIAHESplbbGTHabgm1RSho1ZRs4Oc9fHlX7O7Z8dnIqhC8WKdn1Lfmr2on6d%2F6vZpPWs02o7rfQSOwAqxakJ8d1rjvHBcvN6rYYmF5JkuEVQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 63c49d230d654e1a-FRA
content-length: 0
cf-request-id: 094ec089ea00004e1abdbb7000000001
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H2

200

setuid
prebid-stag.setupad.net/ Frame EAF5
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF

0
486 B

19ms
18ms

Image
text/plain

2606:4700:20::ac43:44a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:46 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SdgjeIPiqjyQQowQ0%2Fupo5EmkJTHAuNT%2FBbU%2Fy39oYLpelnZyG2Vk1rBclPwfjP6i0iHnrWUE%2FsKs9d4JKg6RwgGiiI0XNlQyocS8kXKeWeQ6DR%2FRd1uMTO%2B51kUMn%2BzaWd1DQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 63c49d232db74e1a-FRA
content-length: 0
cf-request-id: 094ec089fa00004e1a8928c000000001
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H/1.1 200
OK 451-e40e8a477de603305dfd.js
www.tumgir.com/_next/static/chunks/ 0
6 KB 120ms
118ms Other
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/451-e40e8a477de603305dfd.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Mar 2021 22:13:57 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"5c98-17885335541"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK index-98b7c0e7eb936e0eae8e.js
www.tumgir.com/_next/static/chunks/pages/ 0
2 KB 117ms
115ms Other
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/index-98b7c0e7eb936e0eae8e.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Mar 2021 22:29:43 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"12a6-1788541c525"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK about-de7ad01c836ce835b66d.js
www.tumgir.com/_next/static/chunks/pages/static/ 0
3 KB 119ms
117ms Other
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/static/about-de7ad01c836ce835b66d.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Mar 2021 22:39:27 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"2151-17880245177"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK privacy-policy-6d7a35cc56cbfe9ac775.js
www.tumgir.com/_next/static/chunks/pages/static/ 0
5 KB 117ms
116ms Other
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/static/privacy-policy-6d7a35cc56cbfe9ac775.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Mar 2021 22:39:27 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"2fc7-17880245177"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK %5Bname%5D-78fbf6b90845acf54af6.js
www.tumgir.com/_next/static/chunks/pages/ 0
3 KB 116ms
115ms Other
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/%5Bname%5D-78fbf6b90845acf54af6.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Mar 2021 22:29:43 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1f23-1788541c525"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK %5Bname%5D-1eb3c64fe04ba7b8c244.js
www.tumgir.com/_next/static/chunks/pages/tag/ 0
2 KB 124ms
120ms Other
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/tag/%5Bname%5D-1eb3c64fe04ba7b8c244.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Mar 2021 22:29:43 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1130-1788541c525"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2

200

setuid
prebid-stag.setupad.net/ Frame E712
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF

0
486 B

17ms
16ms

Image
text/plain

2606:4700:20::ac43:44a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:46 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nU7%2Bgh2rMlBhrb%2FzPm3g7jItZ5GGC%2FC6HaAkS%2BiDcEU6i3je4PUVG2bga1cFS9pYeaoybBJ%2FJULQNsAyIJKNIqi36ruPiVLBqiHZ%2Bw7LCv92DUCbLn3ioMQ98dXiaGwu%2FmzxtA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 63c49d232dba4e1a-FRA
content-length: 0
cf-request-id: 094ec089fa00004e1a84a48000000001
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
315 B 13ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=59990815&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumgir.com%2F&ul=en-us&de=UTF-8&dt=Tumblr%20Online%20Web%20Viewer%20and%20Statistics%20%7C%20Tumgir&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1904160270&gjid=1903522822&cid=2005154171.1617812747&tid=UA-134279593-1&_gid=2069373855.1617812747&_r=1&_slc=1&z=166413125

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 36ms
35ms Script
application/javascript 184.30.24.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-107.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 07 Apr 2021 16:25:46 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H/1.1 200
OK %5Bname%5D-78fbf6b90845acf54af6.js Show response
www.tumgir.com/_next/static/chunks/pages/ 8 KB
3 KB 119ms
118ms Script
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/%5Bname%5D-78fbf6b90845acf54af6.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e271df2a3400788e8fe92cb51022cf119b04aabe9bc5fa07b9439d3bf03cd419

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Mar 2021 22:29:43 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1f23-1788541c525"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK %5Bname%5D-1eb3c64fe04ba7b8c244.js Show response
www.tumgir.com/_next/static/chunks/pages/tag/ 4 KB
2 KB 127ms
122ms Script
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/tag/%5Bname%5D-1eb3c64fe04ba7b8c244.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69f976ee5ca0a16cdc3ad7aeaf5347a9a695152065f4166dcee520d36a523ef5

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Mar 2021 22:29:43 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1130-1788541c525"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2

200

avatar_980c25a24037_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/sungie-baby.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_980c25a24037_128.png

20 KB
20 KB

269ms
269ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_980c25a24037_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0e99b5a8d2aa72a72ef69dc973c4aa755f6bfa2bbcaeef87c0fe464258f2b351

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS hhn 2
date: Wed, 07 Apr 2021 16:25:47 GMT
last-modified: Wed, 12 Jun 2019 22:48:59 GMT
server: nginx
x-frames: 1
etag: "00d034ba2733ef17136cc52a6cbd4e87-1498089600-21d6383"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-disposition: inline; filename="avatar_980c25a24037_128.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 20441

Redirect headers

date: Wed, 07 Apr 2021 16:25:47 GMT
server: openresty
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_980c25a24037_128.png#_=_
x-rid: 180701504702009696352867968353747850813
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

avatar_82a34c87a430_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/skymeteorcom.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_82a34c87a430_128.png

22 KB
22 KB

254ms
253ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_82a34c87a430_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2f6cfa4f18cbd9d60d893fafcc320cdad165a6ee853bf1da88e914fa471f762e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Wed, 07 Apr 2021 16:25:47 GMT
last-modified: Fri, 11 Dec 2020 10:17:38 GMT
server: nginx
x-frames: 1
etag: "f4454340f832ed3cb71b28add1f08a8a-1498089600-21d6383"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-disposition: inline; filename="avatar_82a34c87a430_128.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 22562

Redirect headers

date: Wed, 07 Apr 2021 16:25:47 GMT
server: openresty
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_82a34c87a430_128.png#_=_
x-rid: 162110624628747634281934814715074976642
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

d537b680436b4b2fe195b3fbff36e3862544a892.jpg
64.media.tumblr.com/30b68ae4e458dc117af871486b9bfd19/20f0ad58a55c73b0-a4/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/99xd.tumblr.com/avatar/128
https://64.media.tumblr.com/30b68ae4e458dc117af871486b9bfd19/20f0ad58a55c73b0-a4/s128x128u_c1/d537b680436b4b2fe195b3fbff36e3862544a892.jpg

8 KB
8 KB

24ms
24ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/30b68ae4e458dc117af871486b9bfd19/20f0ad58a55c73b0-a4/s128x128u_c1/d537b680436b4b2fe195b3fbff36e3862544a892.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

06b07f078cefc254bc18dd22273f6e9e58521257b395a2614c89567ad0b2560d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 07 Apr 2021 16:25:47 GMT
last-modified: Fri, 01 Jan 2021 08:49:45 GMT
server: nginx
x-frames: 1
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_30b68ae4e458dc117af871486b9bfd19_d537b680_128.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 7935

Redirect headers

date: Wed, 07 Apr 2021 16:25:47 GMT
server: openresty
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/30b68ae4e458dc117af871486b9bfd19/20f0ad58a55c73b0-a4/s128x128u_c1/d537b680436b4b2fe195b3fbff36e3862544a892.jpg#_=_
x-rid: 91042363479368369315558281696741040155
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

423c74521eb608cf4626139e0d6bb4a68152cba0.png
64.media.tumblr.com/bf7665e8ebc9363e027af31a1126e94a/b5cb9bb19586e335-34/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/sodaprop.tumblr.com/avatar/128
https://64.media.tumblr.com/bf7665e8ebc9363e027af31a1126e94a/b5cb9bb19586e335-34/s128x128u_c1/423c74521eb608cf4626139e0d6bb4a68152cba0.png

19 KB
20 KB

195ms
194ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/bf7665e8ebc9363e027af31a1126e94a/b5cb9bb19586e335-34/s128x128u_c1/423c74521eb608cf4626139e0d6bb4a68152cba0.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cccc8917674b72efa6842b9766e6c7138b3f9d6eee75da0dc5eafb39f32d4be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Wed, 07 Apr 2021 16:25:47 GMT
last-modified: Fri, 11 Dec 2020 17:40:08 GMT
server: nginx
x-frames: 1
etag: "adacfd7b5c0b23917438268708529065-1498089600-21d6383"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_bf7665e8ebc9363e027af31a1126e94a_423c7452_128.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 19811

Redirect headers

date: Wed, 07 Apr 2021 16:25:47 GMT
server: openresty
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/bf7665e8ebc9363e027af31a1126e94a/b5cb9bb19586e335-34/s128x128u_c1/423c74521eb608cf4626139e0d6bb4a68152cba0.png#_=_
x-rid: 62156719779263758891050793830850014961
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

octahedron_closed_128.png
assets.tumblr.com/images/default_avatar/
Redirect Chain

https://api.tumblr.com/v2/blog/semekurapika.tumblr.com/avatar/128
https://assets.tumblr.com/images/default_avatar/octahedron_closed_128.png

2 KB
2 KB

81ms
26ms

Image
image/png

192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.tumblr.com/images/default_avatar/octahedron_closed_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

33286a33dd55d0303e5eda261b22b53934f5c0488725b2e351d816e5a84c4c9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 07 Apr 2021 16:25:47 GMT
last-modified: Sun, 01 Nov 2020 05:26:35 GMT
server: nginx
etag: "5f9e470b-8eb"
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
timing-allow-origin: *
content-length: 2283
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Wed, 07 Apr 2021 16:25:47 GMT
server: openresty
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://assets.tumblr.com/images/default_avatar/octahedron_closed_128.png#_=_
x-rid: 1073727500879925285717539592082063731129
content-type: application/json
content-length: 139
x-ua-compatible: IE=Edge,chrome=1

GET
H2 451 709414.gif
id.rlcdn.com/ Frame E712 0
66 B 75ms
30ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:46 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame E712 70 B
265 B 394ms
289ms Image
image/gif 108.129.45.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.129.45.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-129-45-237.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E712
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ae89606d-dd0a-4e00-a19c-060a9a73c74f

42 B
689 B

110ms
29ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ae89606d-dd0a-4e00-a19c-060a9a73c74f
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

Date: Wed, 07 Apr 2021 16:25:17 GMT
Server: MT3 3628 75f709e master cdg-pixel-x6
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ae89606d-dd0a-4e00-a19c-060a9a73c74f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 07 Apr 2021 16:25:16 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame E712
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWI2NTBkNTI3ZmU2N2VmMDQ0MGIyZGJkZDdmODQyNzJmN2U1NGYzNw
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWI2NTBkNTI3ZmU2N2VmMDQ0MGIyZGJkZDdmODQyNzJmN2U1NGYzNw&google_tc=

170 B
484 B

81ms
47ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWI2NTBkNTI3ZmU2N2VmMDQ0MGIyZGJkZDdmODQyNzJmN2U1NGYzNw&google_tc=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWI2NTBkNTI3ZmU2N2VmMDQ0MGIyZGJkZDdmODQyNzJmN2U1NGYzNw&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E712
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/yPoreAaryB-m6BVM0_aqiMn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7480225752431411037

42 B
689 B

101ms
26ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7480225752431411037
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

date: Wed, 07 Apr 2021 16:25:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7480225752431411037
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E712
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJI92WYEKgWQ-oDcWzpmFLc&google_cver=1

42 B
689 B

99ms
28ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJI92WYEKgWQ-oDcWzpmFLc&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJI92WYEKgWQ-oDcWzpmFLc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame E712
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KN7NXSEL-1Q-HLCF&sigv=1&esig=2~1ce7e23ce5dcb758d5d6d35c39051144386a08e6

0
442 B

25ms
6ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KN7NXSEL-1Q-HLCF&sigv=1&esig=2~1ce7e23ce5dcb758d5d6d35c39051144386a08e6

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:46 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KN7NXSEL-1Q-HLCF&sigv=1&esig=2~1ce7e23ce5dcb758d5d6d35c39051144386a08e6
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame E712
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S043TlhTRUwtMVEtSExDRg==

170 B
190 B

78ms
49ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S043TlhTRUwtMVEtSExDRg==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S043TlhTRUwtMVEtSExDRg==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK about-de7ad01c836ce835b66d.js Show response
www.tumgir.com/_next/static/chunks/pages/static/ 8 KB
3 KB 117ms
116ms Script
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/static/about-de7ad01c836ce835b66d.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fa0fbb38e12c743b2cfafc9750b1bb584f30a014a4c7beef0024efad8f7f64a4

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Mar 2021 22:39:27 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"2151-17880245177"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK privacy-policy-6d7a35cc56cbfe9ac775.js Show response
www.tumgir.com/_next/static/chunks/pages/static/ 12 KB
5 KB 116ms
115ms Script
application/javascript 104.131.46.126
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/static/privacy-policy-6d7a35cc56cbfe9ac775.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0d5d7ac369c22eb5f80d24484369bc71ff59061c46f204fd0dc147150552c228

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Mar 2021 22:39:27 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"2fc7-17880245177"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0739 107 B
799 B 35ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumgir.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 16:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0739 107 B
553 B 37ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumgir.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 16:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0739 80 KB
27 KB 480ms
449ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4170046648401150&correlator=3540228573681344&output=ldjh&impl=fifs&eid=31060550%2C31060704%2C44733568%2C44739387&vrg=2021040101&ptt=17&gdpr_consent=CPESqJjPESqJjAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210407&iu_parts=147246189%2Ctumgir.com_300x600_sticky_right_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C300x300%7C160x600%7C250x600%7C120x600%7C240x400%7C240x500%7C250x360%7C250x500%7C200x600%7C240x600&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=www.tumgir.com&bc=31&abxe=1&dt=1617812746812&dlt=1617812745738&idt=848&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=1247&adys=159&adks=77475313&ucis=9yuim5pq6vsy&ifi=1&ifk=1963032681&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=tumgir.com&loc=https%3A%2F%2Fwww.tumgir.com%2F&top=www.tumgir.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x150&msz=300x600&ga_vid=2005154171.1617812747&ga_sid=1617812747&ga_hid=1757035145&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f9fbf1ee2fcf0d569186a9ac283093db220882e8c16257882c5277949c6f5b83

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COLD35DG7O8CFRo-4AodLUYN3Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COLD35DG7O8CFRo-4AodLUYN3Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25942
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Wed, 07 Apr 2021 16:25:47 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0739 0
0 46ms
14ms Other
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 0739 0
0 27ms
6ms Other
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame DCC0 107 B
777 B 42ms
29ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumgir.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame DCC0 107 B
531 B 43ms
29ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumgir.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DCC0 41 KB
10 KB 799ms
799ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4308192197042860&correlator=858748396790874&output=ldjh&impl=fifs&eid=31060313%2C31060550%2C31060320%2C31060673%2C44739387&vrg=2021040101&ptt=17&gdpr_consent=CPESqJkPESqJkAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210407&iu_parts=147246189%2Ctumgir.com_300x600_sticky_left_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C300x300%7C160x600%7C250x600%7C300x200%7C120x600%7C240x400%7C240x500%7C250x360%7C250x500&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=www.tumgir.com&bc=31&abxe=1&dt=1617812747056&dlt=1617812745753&idt=857&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=352&adys=467&adks=1457529228&ucis=425y7le9v80s&ifi=1&ifk=1963032681&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=tumgir.com&loc=https%3A%2F%2Fwww.tumgir.com%2F&top=www.tumgir.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x150&msz=300x600&ga_vid=2005154171.1617812747&ga_sid=1617812747&ga_hid=122844170&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

d241fba233fcca3e29f0bf55bc0c6cabbb4354dbd77935c8e0cda11aa0d1b770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10464
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumgir.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
303e5f6e13de36fc35aff54bff7a12aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DCC0 0
0 50ms
14ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://303e5f6e13de36fc35aff54bff7a12aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame DCC0 0
0 30ms
15ms Other
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 85B3 107 B
123 B 15ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumgir.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 85B3 107 B
123 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumgir.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 85B3 16 KB
8 KB 713ms
713ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1279489878249558&correlator=1768600346628299&output=ldjh&impl=fifs&eid=31060550%2C44739387%2C44740387&vrg=2021040101&ptt=17&gdpr_consent=CPESqJlPESqJlAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210407&iu_parts=147246189%2Ctumgir.com_970x90_sticky_anchorad_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C950x90%7C900x90%7C728x90%7C768x90&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=www.tumgir.com&bc=31&abxe=1&dt=1617812747173&dlt=1617812745869&idt=734&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=0&adys=8648&adks=2725430866&ucis=rouktuxltp65&ifi=1&ifk=1963032681&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=tumgir.com&loc=https%3A%2F%2Fwww.tumgir.com%2F&top=www.tumgir.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x150&msz=300x90&ga_vid=2005154171.1617812747&ga_sid=1617812747&ga_hid=1445212496&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

7f2dde4dd23d7108fd3cdfec4b53ec8d2e5cd76f9f2fa551fdfc40d36910f428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7634
x-xss-protection: 0
google-lineitem-id: 5561571268
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138333769532
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7e6c37430b76c030e065d96aeaee6c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 85B3 0
0 29ms
13ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7e6c37430b76c030e065d96aeaee6c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 85B3 0
0 6ms
6ms Other
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html Show response
68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8B88 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tumgir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 07 Apr 2021 16:25:46 GMT
expires: Thu, 07 Apr 2022 16:25:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0739 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fa5e01e38d554ca21f9c4aa9e7a6345d7d8f017520925a73648e4f3ee3a7b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617660453263920"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28267
x-xss-protection: 0
expires: Wed, 07 Apr 2021 16:25:47 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0739 8 KB
7 KB 39ms
17ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c52a69e6cc8fa814e9ce202a9039ce0de09a30263e8ee76305ebb1890ea6be1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6623
x-xss-protection: 0

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/ Frame DCA9 14 KB
4 KB 10ms
8ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f72fb9ef6d4e8e66630e4e9d16fd85dc80eb3fdf6656519deed3a9e88758443

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3236
date: Fri, 02 Apr 2021 09:45:34 GMT
expires: Sat, 02 Apr 2022 09:45:34 GMT
last-modified: Thu, 25 Feb 2021 07:59:08 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 456013
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8B88 0
0 61ms
60ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3mGxCt1tYOKWOJr8gAetjLXoDe-0s5hi3dm1vY4N3aq81_ICEAEgjeS9KWD1lc6B4ASgAYbikdMDyAEJqQLG2vHH-A2yPuACAKgDAcgDCKoEzAFP0K1b55qTfpOJJ9n5AgGjqt6jstac6sbsl2ARzkGMpev__ZVZ2I1pRq4KtAsLZ_FudT61kAusQeGElpFWOkgnCfnLwJ8xksKRA4dyggxxQn08N43n7ihpcjG6ACbvRU4k2jylg1h3XUqNhv3SydcJnSc0dCRhYAS0X18I5UfmE6Rp0mtt_dB9D6gBGI5lJr7zm3kHKQmGCUjOIRfA8vd2EWc0sFGaJ8hUhHdRwa68mGBHSgK14i4ymCfRsTjZeAlHcI6BVLsVkAPL5TPABKj-9PXBA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfine4sqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEMTFF9IICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tNTU0MjkzNzM4Mzg4OTc1NoAKA8gLAdgTDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi03MzgzMTcxODMwNjE0MjE2&sigh=tMmpYKVncSQ&template_id=419&tpd=AGWhJmuqmrx9drRmdrrepntx31gVouCBEAWhkj5LO9r8dq9RXA
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/ Frame 8B88 17 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/abg_lite_fy2019.js

Requested by

Host: 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
URL: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2a4352595bb834d956d7ae260ecf56b9f1b9785b46f3314ed7b82ef506b2f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:19:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 360627091892979634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 16:19:01 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/ Frame 8B88 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/window_focus_fy2019.js

Requested by

Host: 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
URL: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 16:23:52 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B88 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
URL: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0518695a30c166fb5ef9104028ce570005450472c3f120a7d2904fae59f2423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617660447179276"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Wed, 07 Apr 2021 16:25:47 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/ Frame 8B88 13 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
URL: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 16:25:41 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0739 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 07 Apr 2021 16:25:47 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 4695 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tumgir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 07 Apr 2021 16:13:56 GMT
expires: Thu, 07 Apr 2022 16:13:56 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 711
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A38E 143 B
225 B 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
URL: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk5SIBF881WhVRyrox9lYnXKIR-AK18AP52_lXGCI04OD6NaYjUH5_8_YGErnE; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 07 Apr 2021 16:23:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 142
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8B88 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a27286ad9ae8f6b660c57d19e3a7500464f0ea8acb70d1ad424b1a07bbcf105

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame DCA9 9 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 08 Apr 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DCA9 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 07 Apr 2021 18:54:37 GMT

GET
H3-Q050 200 d403ba94cc52740a2f685e1bcfa736c8.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/ Frame DCA9 72 KB
20 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/d403ba94cc52740a2f685e1bcfa736c8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4399ea76ac2797eb121205cf59643f766a4a111ba563758d5fada53e7f78558a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 556384
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18912
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 07:59:08 GMT
server: sffe
date: Thu, 01 Apr 2021 05:52:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Apr 2022 05:52:43 GMT

GET
H3-Q050 200 e4a468ef72489bd511295a3653310e33.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/ Frame DCA9 22 KB
22 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/e4a468ef72489bd511295a3653310e33.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3d016a26b6f5e60d62038b0e6415a0e329c1929cef2603d880323d02a842d47

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 456013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22652
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 07:59:08 GMT
server: sffe
date: Fri, 02 Apr 2021 09:45:34 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 09:45:34 GMT

GET
H3-Q050 200 7c446c5f4e885ff1da7204ea253ad643.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/ Frame DCA9 13 KB
4 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/7c446c5f4e885ff1da7204ea253ad643.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100b6f6b8b50473a692d1b32926a55df5f24eefc13f63141bd7bd1a323653369

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 556383
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3875
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 07:59:08 GMT
server: sffe
date: Thu, 01 Apr 2021 05:52:44 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Apr 2022 05:52:44 GMT

GET
H3-Q050 200 eb6eece6a05d7ac32e0032dfaade998c.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/ Frame DCA9 6 KB
2 KB 9ms
9ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/eb6eece6a05d7ac32e0032dfaade998c.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93f965d3bc757cda81de1a729bd4aa249e83e807cba24884ae09c7b088f039f1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 456013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2278
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 07:59:08 GMT
server: sffe
date: Fri, 02 Apr 2021 09:45:34 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 09:45:34 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A38E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
187 B

39ms
39ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
URL: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk5SIBF881WhVRyrox9lYnXKIR-AK18AP52_lXGCI04OD6NaYjUH5_8_YGErnE; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 07 Apr 2021 16:25:47 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 07-Apr-2021 17:25:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Apr 2021 16:25:47 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 07 Apr 2021 16:25:47 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4695 14 KB
6 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 14:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 5827
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Thu, 07 Apr 2022 14:48:40 GMT

GET
H3-Q050 200 ce749fbeabd1b04af8b5d551bce6f864.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/ Frame DCA9 8 KB
2 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/ce749fbeabd1b04af8b5d551bce6f864.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a5725a6ef4f317380626d19baf09ca63dddcab2fb6fadf69e5dec42010d40df

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 456013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2074
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 07:59:08 GMT
server: sffe
date: Fri, 02 Apr 2021 09:45:34 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 09:45:34 GMT

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
255 B 371ms
369ms XHR
application/json 184.30.24.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tumgir.com%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-107.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.tumgir.com/
last-modified: Wed, 07 Apr 2021 16:00:00 GMT
server: nginx/1.15.8
date: Wed, 07 Apr 2021 16:25:47 GMT
content-type: application/json
access-control-allow-origin: https://www.tumgir.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 70 B
131 B 193ms
124ms Script
application/javascript 151.101.36.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.tumgir.com%2F&callback=window._ate.cbs.rcb_cxhd0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

33df4c2e930aed93451e88270191f32f57f4a861806ec322a2144f728663f496

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 1361582049313083
expires: Wed, 07 Apr 2021 16:40:47 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
285 B 197ms
196ms Script
application/json 184.30.24.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tumgir.com%2F&callback=_ate.cbs.rcb_5htt0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-107.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

c4b10af72961e44217d47661629dbf312333e1773a115ffd1eea8f7bc6fadc27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.tumgir.com/
last-modified: Wed, 07 Apr 2021 16:25:47 GMT
server: nginx/1.15.8
date: Wed, 07 Apr 2021 16:25:47 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 72 B
299 B 191ms
122ms Script
application/javascript 151.101.36.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.tumgir.com%2F&callback=window._ate.cbs.rcb_70xe0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7dcedf4c8826a82562d22422980dc92e281cbb1962f9e027f8cf91f2f8b8797d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 9382097034610285
expires: Wed, 07 Apr 2021 16:40:47 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 35 B
284 B 276ms
276ms Script
application/json 184.30.24.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tumgir.com%2F&callback=_ate.cbs.rcb_eiy0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-107.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

22b54d681d4cdc8b12561c2e222cc5081ce0ff39795bba9677158028db84618d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.tumgir.com/
last-modified: Wed, 07 Apr 2021 16:25:47 GMT
server: nginx/1.15.8
date: Wed, 07 Apr 2021 16:25:47 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 55

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 0739 0
209 B 72ms
23ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0739 0
224 B 39ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040101&jk=4170046648401150&bg=!ISKlImbNAAY56aLOOek7ACkAdvg8WlC1upznjRFUPsfvyyBYFYeAI054sLV9oEx0wvTH1A0lqesoMwIAAAC_UgAAAA1oAQcKAEJj2gpagMxq0sp_oy61jSFXIXSvaVhhRCbcgFkJI9hTmGdrzmENcLhhbPx15FFjRXHhbf2YAk3gi3ywrDDEpXUbn4eZAgSvJlL4Djb7bKkM9ov08znbE6PmoJ5VBC3Fq1i6ibFGai3N3PWm8YZ0kljWG8Waun1X7jl1zb_dnuMGvwx5g9P3gPn9JGs8ed0rlZN8WjhXCeL6Ciahb6R-kate0baiB0erqd39IiDt98EpvoeuNwHloIeNG8CLxzvVFppnhGtI_pi5Y_JGyd5FUEAeGpYPNiBWGFff_P5lYwb7qRVAQkJ3EXNSh6OBOYNXO_WBTK_uStLxvfEvBFh05_cHH702kHGjTyvPZwBoAwrRjuyPbmHKdL_26nmn43_dlxcfig6m6Q5uk2xDPrI9etDJnePRy_GCFKVRnS02aZL--spFVMM79WqyVH9HdHrgCKG6c1K7O-yC1SQNpwUhqmyjZuwfFCtWYnEa9_dUzMrNKzu3jO-t1bHSty8j9CXUv0FqbIJHOk58BXfXzITdTdcS27L4-glG65HK0OXHFl-kU-cg3kRgHDnXt6wwu5rd27TWtqq5wf8ZG2hjTvV1g7o2SJIQNOjLSnB0548veMzHu4yW8-SeCyj8vsKIIQigrLN_KDOFWTPhTInGtdh9qA366ggbLUb7SlMMzH6SQcwKRPq2jh_FqcBwSEKmPcaqUlLLuaVUrpERwormQlb2PelL6KdsVfk3AJT8wyaETCSkhTCMwc_XwWE0KO6gLrtuBBgCG5SHTlIcvdM

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame DB7A 190 KB
55 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 467722
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Fri, 02 Apr 2021 06:30:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 06:30:25 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame DB7A 12 KB
5 KB 42ms
17ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 467711
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Fri, 02 Apr 2021 06:30:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 06:30:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame DB7A 87 KB
27 KB 43ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 467787
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 06:29:20 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame DB7A 27 KB
9 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 467787
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 06:29:20 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame DB7A 40 KB
13 KB 44ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 467787
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 06:29:20 GMT

GET
DATA 200
OK truncated
/ Frame DB7A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef7adec8308bdea24dcd098842482f008ee00566b274197eb826f49f48e50953

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 11734052577369779822
tpc.googlesyndication.com/simgad/ Frame DB7A 35 KB
35 KB 8ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11734052577369779822?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnD3MzDzl3qqMPZso4VO4lhFD-31A

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

700e9d84f223718a795369a283fe07f8d2c2d626aa883993a80974abbb60edfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 10:07:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 08 Nov 2020 01:31:08 GMT
server: sffe
age: 22680
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36133
x-xss-protection: 0
expires: Thu, 07 Apr 2022 10:07:47 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DB7A 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 14:36:54 GMT
x-content-type-options: nosniff
server: cafe
age: 6533
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 08 Apr 2021 14:36:54 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DB7A 295 B
389 B 8ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 65322
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 07 Apr 2021 22:17:05 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame DB7A 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQu2PQYeZHkTc88_24MKucQYaEdeo_TncFrZmqK91GMGmH97zxD8GRhCH3-SA8MtHtVFeVpaCJMgi6hJIBCxjb8cVh_A
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DB7A 0
0 61ms
59ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvFtqC91tYKGrB9ii-gbIrZKgCNmdmNNh7ae3o48NnZ7-q8siEAEgjeS9KWD1lc6B4ASgAabblpUCyAECqQIY1JzPraGqPuACAKgDAcgDCKoE3wFP0FBFwzj6SjXjIwdAZG7Bn23XOznZdc01S8q3NVKxusUG81KtAGd9YNz0HnXbHVNudMUYuKVPtSjOnpcC7cQDAPsEi_MSYdWdZSEe5a_-hd0KDkvfvRB2AoNFaOpdPyWfBT3SOfBDUyLy1XOYq6XV48lDtlfctrwHmAaqNwTmowseNVAa87mcQJttwh26yAVRSq-y38a_5hTF2SEE2-_ZTJir24uNEdVNr_XMaAx5IjWUgRujmPs-QVaJu_GU1nPLWGP5wB1ZQsWdCWgL_E56QihCbUkrqcBE65br_7tzwASatqqawwPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHwqTp6gGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQzu8O0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi01NTQyOTM3MzgzODg5NzU2gAoDyAsB2BMMshcaChgIABIUcHViLTczODMxNzE4MzA2MTQyMTY&sigh=SSVZ9wh3dvg&tpd=AGWhJmsaZxSypLEvZPNXdBSYO_B5jKRqsmzQtl4peyKM6NTEvA
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DCC0 8 KB
7 KB 45ms
31ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6d0cdf7893b5073a5ee554e24d8defd2223d4643638fa084323849b73a5511b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0368 0
0 61ms
60ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAD0kFsktfN0mJxEsir7OYakC4BIOfjj6Kaqv2cHOQKdEJcB44lfvEBuXkX5pD0VpDLjADysR-b5iu8FHdG2s9fFnemftC8dGEqYkxcU8c-lTWqQJlLH6PAwKj7b9hL88Z3xQOq17zNPCSLP39kWZ1feT2ZGH5oiQpczTrWqA4_YC2j_dF_Ny6dAEakkVjQEsicLsFeotKU_ZTFSbSwtnc8cY5E86tIm9VtrwEzpWk9f2f4KLy6rzC099KXBLb6mwRL04BimVIn4ec-VvDYlCEJrYRTyA4lXSsjVQb3noaXtBE8Ygc5TsZEPUDnIQ2kE9gzZLGC6uzzMjX7vMVn8aC5Nrk9MVndfGC083OMtQseesSHt7r&sig=Cg0ArKJSzPw0X_shqmwNEAE&adurl=

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 16:25:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/ Frame 0368 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 16:23:52 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0368 118 KB
36 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0518695a30c166fb5ef9104028ce570005450472c3f120a7d2904fae59f2423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617660447179276"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Wed, 07 Apr 2021 16:25:47 GMT

GET
H3-Q050 200 14920084787415796477
tpc.googlesyndication.com/simgad/ Frame 0368 40 KB
40 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14920084787415796477

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37547a546685340849a0625000729d08a5d7e5e66c53ff9065b84977fd1f431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:05:15 GMT
x-content-type-options: nosniff
age: 454832
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40475
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 07:35:36 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 10:05:15 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85B3 73 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fa5e01e38d554ca21f9c4aa9e7a6345d7d8f017520925a73648e4f3ee3a7b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617660453263920"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28267
x-xss-protection: 0
expires: Wed, 07 Apr 2021 16:25:47 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 85B3 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf53d9e77b7e01c56ce4d008b3717cdc6878a4db1447e89b68f359dbfe196925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6552
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DCC0 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 07 Apr 2021 16:25:47 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 85B3 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 07 Apr 2021 16:25:47 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame DB7A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
39ms

Image
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Wed, 07 Apr 2021 16:25:47 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0368 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a0b812fb0d90bd947ef86652460679b22481e9b9122bae19bcfa0d18b504d48

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 85B3 0
208 B 26ms
25ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 07 Apr 2021 16:25:48 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0368 0
0 60ms
59ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvux6Km-gG-DdvN4y_JGtEISz_74ldT-MhgLIpPd6raAHn255zKawYRUXdlpZAMw-d5Ae5f4wprt_rKTHfb0JD9BMlLHlkxmh8LesJ3twTBCNz3Fw14NZgFwpGmXXft-vu1y9UmtcrSSmbDivXPSliRkPMr1ZGzdNA-sQVOFpftacmlOmYgkGu8Gk6TUXSlPXYe2BSSsoMMqNRmnrVsxiLjMeqKH36Z45bHUknTIvUGi8r2UhJfYqT01Bo4DGaoqvEhamVZ8aqaL2oc8eSDQJNIFoV7l4WRzDqlheBdCgx54JKKp9P2PkRbJReY7X4A-vFkNtgjDB-PvdhJhQ&sig=Cg0ArKJSzIM5SqoKTJRoEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 16:25:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 07 Apr 2021 16:25:48 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame F191 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tumgir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 07 Apr 2021 16:13:56 GMT
expires: Thu, 07 Apr 2022 16:13:56 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 712
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 2479 12 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tumgir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 07 Apr 2021 16:13:56 GMT
expires: Thu, 07 Apr 2022 16:13:56 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 712
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame DCC0 0
208 B 24ms
24ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 07 Apr 2021 16:25:48 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame F191 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 14:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 5828
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Thu, 07 Apr 2022 14:48:40 GMT

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2479 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 14:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 5828
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Thu, 07 Apr 2022 14:48:40 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DCC0 0
46 B 40ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040101&jk=4308192197042860&bg=!TU6lTgrNAAY56aLOOek7ACkAdvg8WkUNxk5PomvwuRdfABSxAytyQVH36-4J2_eGtXviEpv_ddOUFQIAAADqUgAAAAxoAQcKAD77xGWDNK5h6kQzk1iHOJtzF8JM9cQumoE1jl-pj_6-qPk8q0MR0VIh2kpGvDK49unvLu-SLLqYjhbk4vHYwZkB9W5c7aN0yJ-6Sso25lxi7qTsmt1uauBj3NmhYgl4utqQ3EaCBecNCd-3Mkzd2Q6GNmqM_FXXdyjdlvYIi1-5kvvlFDDLWGxe8IizTy0G7KxlAtzCg1_t1P8FWYd9wesNS0psUckua-evc_LOUDTDoouYTiUujgcBYzavH_Y1Wvn6Hc8wHLbKsziXgWEpJuUrlqEJJllep9qENsTykTTGeSY4iCtvrRhaVWIDiSPFS9k9gKy12CVX7TLiEENohhuXtir0woLDnLgsGGFagSuq3qvGy3wb4pt1ONd29mM4gy1Yy6qm9QImrhzqLdPtQR2Zjod8NPYT-kjDjmONS1F3Dhi8nsBTdHcOLO2RKuFENJ3ptL1Hn2nq9d7xkV9lWyip7Z_wnWxB6uuCsuimmhYrnkVn0XLEf4w7gdEtLstI0lZkUc--OLo3fF12RmAPpuX3ZBSECI78YOyIMoi7jf1ECLxuQ2SiuY1kVVDUu23dKzTbwoh75X1Jqem1THXuGzctw3_ahwoXmdP_jiw9_bAgu9fHo8a7DfL0zn4OA_e-LIRApsODBW2CSBSrJ3bymlSK5Q1JYjmXBeN7Zda57DE1qXudMuUT6lkrIrGSUmVmTQx-clz395jtYZGpB1udcxhX7JeASxaFefN6Ppda5CiKyYBWSRjjkA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85B3 0
23 B 41ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040101&jk=1279489878249558&bg=!ZWalZiLNAAY56aLOOek7ACkAdvg8Wkg1mK5hSSNJFbYZqtftIbP6_RRCdwUC7ZC9505PHqhCRn1gIgIAAADEUgAAAA1oAQcKAVPyAH7rGGh4PxoMO1jQdpn8WTX19Dh4fJAq8DiV08dq920CeVVJVRhcKyvrv_Sl3rCCpepAkp77itnrd4JE_DvTZBWWLJeRm-nF8TiltjVWm-lGQVzFEmKytSWHiqslGxmpuI8Y2VWaCuOwceUhyS-tzq3U0IYGtKbA08t1Vg4u9WHPpOyAMSx1NbOuIo2X0NhRXxRH3WOXTgsaVMwI2gcpH--JgT_6jMYbSb89e0xMpWs9_vM-PDxvjXZ3ABQt8f4sGQWx6eGSYBjmdLGaAT1_jOl44B9RwG0P3XHIV7tzJ0ArcadsUDFSHKzpwtcko8Vet5ViAHmIPv1xcd9Q9HxzRBoMmMyuCrRTtYGKbd_gy6d8mfVVSe4R4QELg-khztNmtcNIXRLhVDZksMwZ5mzj68JqdSLhFWjvpaKs66Ek5hAWj-mETmwKZF9RLcsvn59lPiGZAe1wqdMs5qIwpJCImfQjh_bjSh6k6pmWh_LflC76eF9Y46M9F8WKqQ9SvEzBRrGkkITGvRzu51kYQepz9g0R_KB-rlGcq0g5GA1hoJ-xYXYIx0vBiQeN_bsr8GSKHNRdunGoc7KHudFbmOxzq9klG6mwehOHRVXWhzeNfoKDwke2kGwA8_u35O2nym1BLmouR5nPEUfOesThwQFlzXKYpObQDkb06A8BRreJUN9YmLkS0OFV7fFqfaMGW2qPhMYPsMMV3dmkM0bPiwblRpOSuevGwZr_T9uzddAS1pX7pBdEt7bqRzUTZA7dNyWoxLOWhXL__RUL5RCoEIG0VxLmi8qEjW5qUIYYRdA0vDLR6CcKsC4dor1ENU8hJLzHMJxGaEW-ODecNnOybzzzQ7CsAZ5rL-hkUfNImc45KlHcOC1lV0A3hj5WGt58zX59aN_5XV87eH9QaFDk_5gCFX0cPeH0G4FBNovuh7fJSL5Au470Wqs0G4i1hd59LU9hvyNiqnsdwkZNrtfiYM4sOrXIAkI4RGdAyACV86uZhaEvy2aGcMEv-OdmT6aXCGSeoi9b6ZZbUuQd-U--DzZMWlGRFjxTYyQMdg-X7E0lWi7MbMk-8IewlpIld7lqgyVUXdCpwOU8GLDYvMci1_yOBTsH

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8B88 42 B
155 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXNd2PsznIHBCRQR3wlum9Ag6CA-eqK9N5p0luTkylq6uXVAKNeTKs57k7fM0qtqEbAAsPuXRXGxQ5FirZushJ0cx9ypgwU3X6pywjuNfDp7tZJqcxKc6kRZm2mNs7fPMrw1F_k6zSkWTICuEmikeA&sai=AMfl-YTpiiQnccxPKj-s82Ebwcczm9MZ64g8733-0vBnQCNRzxM1YBhJW--LC3I5tmIQ4t_ArpmGlmmSUCbPqOzfJibylQ0l1xDOMeAVIOaD70Obgc5-6w9ekSICrfsPH1o&sig=Cg0ArKJSzI-829nDq1ufEAE&cid=CAASPeRoNmUvcXXuP7jhSdLwZBwXfacNtS7oQBp5Zr9QFB9PbfqcvYIdwKKxpYfrpRE_DCvNcfIi_nkjbaqdMEc&id=osdim&mcvt=1003&p=0,0,600,300&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210405&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=77475313&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617812747330&dlt=14&rpt=141.67499914765358&msd=0&r=v&uup=0&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0368 42 B
89 B 38ms
38ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueyK0i5loi9kbdNa175eVvV0BVWlQ-UU5VA23KbZGSzjMskkFo5kgnamX1VUyEABFmBcm4LM0ZqfCtOGlXb4LQmtqdJi8Nd2Ppyu13aws&sig=Cg0ArKJSzON8F54JJkzSEAE&id=osdim&mcvt=1001&p=36,436,126,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210405&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2725430866&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617812747903&dlt=0&rpt=146&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9a2d7112c61c8f2fa204827aade5c37e.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/ Frame DCA9 2 KB
2 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/9a2d7112c61c8f2fa204827aade5c37e.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c26721426517d82d89c7879d5ef24b2ddaad65eaca9386df4891e416bc3420f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 556382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 971
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 07:59:08 GMT
server: sffe
date: Thu, 01 Apr 2021 05:52:49 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Apr 2022 05:52:49 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DCA9 0
446 B 57ms
38ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=187.0000&a1=https&f1=layout_html&s1=0&d1=16.0000&i=500858189206&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F12449698153975860630%2FSubsite-IC-CC_A_EN-300x600px%2Findex.html&qqi=COLD35DG7O8CFRo-4AodLUYN3Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 16:25:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:23:36	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 10:54:44	Name: IDE Value: AHWqTUk5SIBF881WhVRyrox9lYnXKIR-AK18AP52_lXGCI04OD6NaYjUH5_8_YGErnE
eus.rubiconproject.com/	1970-01-19 19:33:08	Name: pux Value: 1512%3D98753%262249%3D98753%262307%3D98753%262974%3D98753%26idl%3D98753%262249-DV360-Hosted%3D98753%26brx%3D98753%26goog%3D98753%26
.tumgir.com/	1970-01-19 17:23:32	Name: _gat Value: 1
.rubiconproject.com/	1970-01-20 02:09:08	Name: audit Value: 1\|3dwyxT4/Yr9qqmiLcnNCZoV4PKLPJVogloKlLUrIR496eP0zD2PV8GE8Hl1Mo8Tv2GgT32LI87rqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.rubiconproject.com/	1970-01-20 02:09:08	Name: khaos Value: KN7NXSEL-1Q-HLCF
.tumgir.com/	1970-01-20 02:45:08	Name: __gads Value: ID=6745cb686f1a7868:T=1617812747:S=ALNI_MYBvNt8cfzjw5M-xl2U63Yd6NAA0g
.doubleclick.net/	1970-01-19 17:23:33	Name: test_cookie Value: CheckForPermission
.tumgir.com/	1970-01-19 17:24:59	Name: _gid Value: GA1.2.2069373855.1617812747
.tumgir.com/	1970-01-20 10:54:44	Name: _ga Value: GA1.2.2005154171.1617812747
www.tumgir.com/	1970-01-19 17:23:34	Name: __atuvs Value: 606ddd0aea58cfd9000
www.tumgir.com/	1970-01-20 02:52:20	Name: __atuvc Value: 1%7C14

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://www.tumgir.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

303e5f6e13de36fc35aff54bff7a12aa.safeframe.googlesyndication.com
64.media.tumblr.com
68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
7e6c37430b76c030e065d96aeaee6c65.safeframe.googlesyndication.com
ads.yahoo.com
adservice.google.com
adservice.google.de
api-public.addthis.com
api.tumblr.com
assets.tumblr.com
cdn.ampproject.org
cm.g.doubleclick.net
d18g6t7whf8ejf.cloudfront.net
dmmzkfd82wayn.cloudfront.net
ertented.online
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
match.adsrvr.org
node.setupad.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-stag.setupad.net
pubads.g.doubleclick.net
s7.addthis.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
stpd.cloud
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
v1.addthisedge.com
va.media.tumblr.com
widgets.pinterest.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.tumgir.com
z.moatads.com
104.111.230.142
104.131.46.126
108.129.45.237
13.32.23.169
142.250.185.98
151.101.36.84
152.199.21.147
159.89.25.223
172.217.18.98
184.30.21.162
184.30.24.107
185.29.135.234
192.0.77.3
192.0.77.40
23.37.42.132
2600:9000:2057:7e00:6:2e3c:5fc0:21
2606:4700:20::681a:b5d
2606:4700:20::ac43:44a2
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200a
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
35.244.174.68
54.237.125.12
69.173.144.138
69.173.144.139
69.173.144.165
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
057f63afb012452bdc4bc1e51e067993dc667e49dad07dae7d041ae99beae778
06b07f078cefc254bc18dd22273f6e9e58521257b395a2614c89567ad0b2560d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
0d5d7ac369c22eb5f80d24484369bc71ff59061c46f204fd0dc147150552c228
0e99b5a8d2aa72a72ef69dc973c4aa755f6bfa2bbcaeef87c0fe464258f2b351
100b6f6b8b50473a692d1b32926a55df5f24eefc13f63141bd7bd1a323653369
13a51d932ed378188705602f8f4f6b42b50123c86aedc01b284adecc538dfd25
18070ec05aa1fbbeaae382050d03705bc2025b2f0c0beb0092012d86daad2a61
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c55ebc35b281da4a20c75a93ace05c8ddcbb2f9764d32f255f8dac79bcd2a7b
1ea77a57ca0b95c035c3eca9f0660e8580c8fae6b89681276edeae9f0093c45a
2072831dcd870cdb187134a38a9922aafbda03a94cce8408e9c6a452a1772fad
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
2226817fa4c105adcb289f1dd78fd1353bacf8b7a467517b8b7cf2a554ab16d0
22b54d681d4cdc8b12561c2e222cc5081ce0ff39795bba9677158028db84618d
2dec7955e2c09f75a338ebafbda202d86820c13964e97eb41d9110717cb9c15b
2f6cfa4f18cbd9d60d893fafcc320cdad165a6ee853bf1da88e914fa471f762e
33286a33dd55d0303e5eda261b22b53934f5c0488725b2e351d816e5a84c4c9d
33df4c2e930aed93451e88270191f32f57f4a861806ec322a2144f728663f496
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37547a546685340849a0625000729d08a5d7e5e66c53ff9065b84977fd1f431a
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4399ea76ac2797eb121205cf59643f766a4a111ba563758d5fada53e7f78558a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
475ef694f3a19bf8715e514643ef86fbddd9f2fdd70cfee4521dad97afd811e7
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a5725a6ef4f317380626d19baf09ca63dddcab2fb6fadf69e5dec42010d40df
5c52a69e6cc8fa814e9ce202a9039ce0de09a30263e8ee76305ebb1890ea6be1
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66
5fa5e01e38d554ca21f9c4aa9e7a6345d7d8f017520925a73648e4f3ee3a7b79
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69f976ee5ca0a16cdc3ad7aeaf5347a9a695152065f4166dcee520d36a523ef5
6a27286ad9ae8f6b660c57d19e3a7500464f0ea8acb70d1ad424b1a07bbcf105
6e21714273010a449616624fad38442cb3a35a20625cbbce0780c7da0c67ef4e
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6f72fb9ef6d4e8e66630e4e9d16fd85dc80eb3fdf6656519deed3a9e88758443
700e9d84f223718a795369a283fe07f8d2c2d626aa883993a80974abbb60edfd
720ab0a9951974a890813d1e01c1dcd366f54848e6698f0ab480e890ce8df484
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
77bc0d1c5e227bb4b26ce12fc045b61307495d61317fb121571de80294c7ebec
79098f88c1786bfdf3965ecdabf9d91c45f40f059be90f15e138b09ca0c2e3a5
7a0b812fb0d90bd947ef86652460679b22481e9b9122bae19bcfa0d18b504d48
7c26721426517d82d89c7879d5ef24b2ddaad65eaca9386df4891e416bc3420f
7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002
7dcedf4c8826a82562d22422980dc92e281cbb1962f9e027f8cf91f2f8b8797d
7f2dde4dd23d7108fd3cdfec4b53ec8d2e5cd76f9f2fa551fdfc40d36910f428
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
842fd99acd0ab8b7df9e91adb905c588e55c34506783b2876833a1753ccdbd58
846ebae4909cae3822f281adf6a0e47b459f90e7984381fcc91e42432df4791d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
93f965d3bc757cda81de1a729bd4aa249e83e807cba24884ae09c7b088f039f1
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
a04709563ec1d86a4591aa022c3ddec0acc38afb24763affd3b82401473f8ed8
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a40cdd6e5d27df9240d37e3fc431dbd107aa2f8d508f8022f88f7131ba930fbc
a45fe4cdd10cd8acacc426def5b29046ed9b70ef900ea7cb8e808ad7d2974af4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae3772004d4ea08d89a4eeac003bd02b3d311baad221079f3bf2fb9236b74da9
b1407278f2000cc72b2c477790dd5b22eb51167d6dafc9ddc1c31b81b12a3434
b2a4352595bb834d956d7ae260ecf56b9f1b9785b46f3314ed7b82ef506b2f00
b309bc576a89bb39717b298e99dd678c182c3923a30446f4e73d339b89b39803
b3d016a26b6f5e60d62038b0e6415a0e329c1929cef2603d880323d02a842d47
bcd3c6f15cd0b683cddac2f8d72db2821954e35b71e44dfda3c3366daae5430c
bf97d54048ff565046af3d9dbb31300a9b12c8a3b8e3ac73a49abef835c7d225
c4b10af72961e44217d47661629dbf312333e1773a115ffd1eea8f7bc6fadc27
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6d0cdf7893b5073a5ee554e24d8defd2223d4643638fa084323849b73a5511b
c701ea84a84ea04a94ee44556a004a201d9b62564b043ebf1515c2d2627ea38c
c7c83afdc4e1d616c560c926d27d69c570612e131138b535fab2613773f6f153
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cccc8917674b72efa6842b9766e6c7138b3f9d6eee75da0dc5eafb39f32d4be1
ce5bf385a911f710c9e4e84e08586c99c0abb8f749ea5bb2565588bf617cbb7d
cf53d9e77b7e01c56ce4d008b3717cdc6878a4db1447e89b68f359dbfe196925
d241fba233fcca3e29f0bf55bc0c6cabbb4354dbd77935c8e0cda11aa0d1b770
d2c254d122ad8059772e7d216e5a3b677738c0f1d28f40d738f8a2ada654a7ef
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d915e2ab9725531064cdc0d9805a5e5d6621a51fb6645d9e2721224e66c1ee2c
db1b6637e9ecea50f1cfd55176ac83f478cb45b977aa06094cc5f78677629ee8
e0518695a30c166fb5ef9104028ce570005450472c3f120a7d2904fae59f2423
e271df2a3400788e8fe92cb51022cf119b04aabe9bc5fa07b9439d3bf03cd419
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e903ad3f02d5e1e8872d0614b28a947649dca80890e8e639d9e71d7c107711a8
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7adec8308bdea24dcd098842482f008ee00566b274197eb826f49f48e50953
efd51931d74217a3e0509d427bbfccdd15d6cda58eb0420a0f99ec7bd8be4e9a
f39e72543d96597123db564b645092680c6487a64761dd0795db3c8fc12da104
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f9fbf1ee2fcf0d569186a9ac283093db220882e8c16257882c5277949c6f5b83
fa0fbb38e12c743b2cfafc9750b1bb584f30a014a4c7beef0024efad8f7f64a4

www.tumgir.com Open in urlscan Pro 104.131.46.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

159 Requests

100 %HTTPS

46 %IPv6

25 Domains

43 Subdomains

33 IPs

5 Countries

5563 kBTransfer

10078 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tumgir.com Open in urlscan Pro
104.131.46.126 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

100 %
HTTPS

46 %
IPv6

25
Domains

43
Subdomains

33
IPs

5
Countries

5563 kB
Transfer

10078 kB
Size

12
Cookies

159 HTTP transactions
11 data transactions