Submitted URL: http://www.tumgir.com/
Effective URL: https://www.tumgir.com/
Submission: On April 07 via manual from UA

Summary

This website contacted 33 IPs in 5 countries across 25 domains to perform 159 HTTP transactions. The main IP is 104.131.46.126, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.tumgir.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 17th 2021. Valid for: a year.
This is the only time www.tumgir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 26 104.131.46.126 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
15 192.0.77.3 2635 (AUTOMATTIC)
1 13.32.23.169 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
6 184.30.24.107 16625 (AKAMAI-AS)
13 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
3 3 23.37.42.132 16625 (AKAMAI-AS)
6 104.111.230.142 16625 (AKAMAI-AS)
1 54.237.125.12 14618 (AMAZON-AES)
4 5 69.173.144.139 26667 (RUBICONPR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 184.30.21.162 16625 (AKAMAI-AS)
3 3 69.173.144.138 26667 (RUBICONPR...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
5 5 152.199.21.147 15133 (EDGECAST)
1 192.0.77.40 2635 (AUTOMATTIC)
1 35.244.174.68 15169 (GOOGLE)
1 108.129.45.237 16509 (AMAZON-02)
1 1 185.29.135.234 30419 (MEDIAMATH...)
3 69.173.144.165 26667 (RUBICONPR...)
3 5 172.217.18.98 15169 (GOOGLE)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
2 151.101.36.84 54113 (FASTLY)
3 159.89.25.223 14061 (DIGITALOC...)
5 2a00:1450:400... 15169 (GOOGLE)
159 33
Apex Domain
Subdomains
Transfer
42 googlesyndication.com
68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
tpc.googlesyndication.com
303e5f6e13de36fc35aff54bff7a12aa.safeframe.googlesyndication.com
7e6c37430b76c030e065d96aeaee6c65.safeframe.googlesyndication.com
pagead2.googlesyndication.com
238 KB
26 tumgir.com
www.tumgir.com
204 KB
21 doubleclick.net
pubads.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
390 KB
21 tumblr.com
64.media.tumblr.com
va.media.tumblr.com
api.tumblr.com
assets.tumblr.com
3 MB
20 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
39 KB
7 googletagservices.com
www.googletagservices.com
187 KB
6 google.com
adservice.google.com
www.google.com
1 KB
5 ampproject.org
cdn.ampproject.org
108 KB
5 addthis.com
s7.addthis.com
api-public.addthis.com
191 KB
3 setupad.com
node.setupad.com
625 B
3 google.de
adservice.google.de
2 KB
3 setupad.net
prebid-stag.setupad.net
2 KB
3 stpd.cloud
stpd.cloud
495 KB
3 cloudfront.net
d18g6t7whf8ejf.cloudfront.net
dmmzkfd82wayn.cloudfront.net
207 KB
2 pinterest.com
widgets.pinterest.com
430 B
2 yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
1 KB
2 google-analytics.com
www.google-analytics.com
19 KB
1 mathtag.com
sync.mathtag.com
610 B
1 adsrvr.org
match.adsrvr.org
265 B
1 rlcdn.com
id.rlcdn.com
66 B
1 addthisedge.com
v1.addthisedge.com
691 B
1 moatads.com
z.moatads.com
1 KB
1 ertented.online
ertented.online
1 gstatic.com
fonts.gstatic.com
15 KB
1 googleapis.com
fonts.googleapis.com
729 B
159 25
Domain Requested by
26 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.tumgir.com
68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
tpc.googlesyndication.com
26 www.tumgir.com 1 redirects www.tumgir.com
14 64.media.tumblr.com www.tumgir.com
12 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.tumgir.com
www.googletagservices.com
10 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.tumgir.com
7 www.googletagservices.com www.tumgir.com
securepubads.g.doubleclick.net
68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
6 eus.rubiconproject.com www.tumgir.com
eus.rubiconproject.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 cm.g.doubleclick.net 3 redirects eus.rubiconproject.com
5 api.tumblr.com 5 redirects
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
3 node.setupad.com www.tumgir.com
3 api-public.addthis.com s7.addthis.com
3 www.google.com 2 redirects www.tumgir.com
3 googleads.g.doubleclick.net 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
www.tumgir.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 pixel.rubiconproject.com eus.rubiconproject.com
3 prebid-stag.setupad.net eus.rubiconproject.com
3 pixel-eu.rubiconproject.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 stpd.cloud www.tumgir.com
3 pubads.g.doubleclick.net www.tumgir.com
2 widgets.pinterest.com s7.addthis.com
2 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.tumgir.com
www.google-analytics.com
2 s7.addthis.com www.tumgir.com
s7.addthis.com
2 dmmzkfd82wayn.cloudfront.net www.tumgir.com
1 7e6c37430b76c030e065d96aeaee6c65.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 303e5f6e13de36fc35aff54bff7a12aa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ads.yahoo.com eus.rubiconproject.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 sync.mathtag.com 1 redirects
1 match.adsrvr.org eus.rubiconproject.com
1 id.rlcdn.com eus.rubiconproject.com
1 assets.tumblr.com www.tumgir.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 ertented.online www.tumgir.com
1 fonts.gstatic.com fonts.googleapis.com
1 va.media.tumblr.com www.tumgir.com
1 d18g6t7whf8ejf.cloudfront.net www.tumgir.com
1 fonts.googleapis.com www.tumgir.com
159 43

This site contains links to these domains. Also see Links.

Domain
www.addthis.com
Subject Issuer Validity Valid
tumgir.com
Sectigo RSA Domain Validation Secure Server CA
2021-03-17 -
2022-03-18
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.media.tumblr.com
Sectigo RSA Domain Validation Secure Server CA
2020-02-10 -
2022-02-09
2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2
2021-02-22 -
2022-02-21
a year crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2021-04-06 -
2022-04-11
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-09-21 -
2021-09-21
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-04-01 -
2022-04-04
a year crt.sh
ertented.online
R3
2021-02-28 -
2021-05-29
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-01-21 -
2022-01-25
a year crt.sh
tumblr.com
DigiCert SHA2 Extended Validation Server CA
2020-07-09 -
2022-04-14
2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1
2019-03-07 -
2021-04-19
2 years crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-03-29 -
2021-05-05
a month crt.sh
*.google.de
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA
2020-07-16 -
2021-08-04
a year crt.sh
node.setupad.com
R3
2021-02-03 -
2021-05-04
3 months crt.sh
misc-sni.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh

This page contains 15 frames:

Primary Page: https://www.tumgir.com/
Frame ID: 9779AF8FFA1ABD0B6AA41D9F37F10BDF
Requests: 69 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 0739B577EEA87F8499BEA4A73D7DADC7
Requests: 13 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: DCC0F7614FBA5464A1B32389B1BCC55E
Requests: 12 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 85B35922820715A686B482EBB8CA1FC4
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: E7120E4A7B392C22C7FCDAC566A7953E
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: EAF552361D83F16801E2F6CADE1E7DA4
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 8BE37AF90164565C64C1C8D788DE5617
Requests: 3 HTTP requests in this frame

Frame: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 8B883AF87FC6C5D9E1DB80D20FAA5B2E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html
Frame ID: DCA9AE897FF71206B5FDF5D55D059CE1
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 4695ED16BFAD28636F3CAD8585884BD2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A38E5A604224C3B98D4EC51F5C33CA05
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: DB7AC1E75EDC173D795F60AC0393405E
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAD0kFsktfN0mJxEsir7OYakC4BIOfjj6Kaqv2cHOQKdEJcB44lfvEBuXkX5pD0VpDLjADysR-b5iu8FHdG2s9fFnemftC8dGEqYkxcU8c-lTWqQJlLH6PAwKj7b9hL88Z3xQOq17zNPCSLP39kWZ1feT2ZGH5oiQpczTrWqA4_YC2j_dF_Ny6dAEakkVjQEsicLsFeotKU_ZTFSbSwtnc8cY5E86tIm9VtrwEzpWk9f2f4KLy6rzC099KXBLb6mwRL04BimVIn4ec-VvDYlCEJrYRTyA4lXSsjVQb3noaXtBE8Ygc5TsZEPUDnIQ2kE9gzZLGC6uzzMjX7vMVn8aC5Nrk9MVndfGC083OMtQseesSHt7r&sig=Cg0ArKJSzPw0X_shqmwNEAE&adurl=
Frame ID: 03688835278A96273CFA2CACF5222AB1
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: F191F90A9A53E9456C8E6A04152822A7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 2479F6B373CBBE4763994BF59E1B184B
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.tumgir.com/ HTTP 301
    https://www.tumgir.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

159
Requests

100 %
HTTPS

46 %
IPv6

25
Domains

43
Subdomains

33
IPs

5
Countries

5563 kB
Transfer

10078 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.tumgir.com/ HTTP 301
    https://www.tumgir.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 45
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 47
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 61
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
Request Chain 62
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
Request Chain 69
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
Request Chain 74
  • https://api.tumblr.com/v2/blog/sungie-baby.tumblr.com/avatar/128 HTTP 302
  • https://64.media.tumblr.com/avatar_980c25a24037_128.png
Request Chain 75
  • https://api.tumblr.com/v2/blog/skymeteorcom.tumblr.com/avatar/128 HTTP 302
  • https://64.media.tumblr.com/avatar_82a34c87a430_128.png
Request Chain 76
  • https://api.tumblr.com/v2/blog/99xd.tumblr.com/avatar/128 HTTP 302
  • https://64.media.tumblr.com/30b68ae4e458dc117af871486b9bfd19/20f0ad58a55c73b0-a4/s128x128u_c1/d537b680436b4b2fe195b3fbff36e3862544a892.jpg
Request Chain 77
  • https://api.tumblr.com/v2/blog/sodaprop.tumblr.com/avatar/128 HTTP 302
  • https://64.media.tumblr.com/bf7665e8ebc9363e027af31a1126e94a/b5cb9bb19586e335-34/s128x128u_c1/423c74521eb608cf4626139e0d6bb4a68152cba0.png
Request Chain 78
  • https://api.tumblr.com/v2/blog/semekurapika.tumblr.com/avatar/128 HTTP 302
  • https://assets.tumblr.com/images/default_avatar/octahedron_closed_128.png
Request Chain 81
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ae89606d-dd0a-4e00-a19c-060a9a73c74f
Request Chain 82
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWI2NTBkNTI3ZmU2N2VmMDQ0MGIyZGJkZDdmODQyNzJmN2U1NGYzNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWI2NTBkNTI3ZmU2N2VmMDQ0MGIyZGJkZDdmODQyNzJmN2U1NGYzNw&google_tc=
Request Chain 83
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yPoreAaryB-m6BVM0_aqiMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7480225752431411037
Request Chain 84
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJI92WYEKgWQ-oDcWzpmFLc&google_cver=1
Request Chain 85
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KN7NXSEL-1Q-HLCF&sigv=1&esig=2~1ce7e23ce5dcb758d5d6d35c39051144386a08e6
Request Chain 86
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S043TlhTRUwtMVEtSExDRg==
Request Chain 123
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 154
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

159 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.tumgir.com/
Redirect Chain
  • http://www.tumgir.com/
  • https://www.tumgir.com/
83 KB
17 KB
Document
General
Full URL
https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Next.js
Resource Hash
475ef694f3a19bf8715e514643ef86fbddd9f2fdd70cfee4521dad97afd811e7

Request headers

Host
www.tumgir.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Wed, 07 Apr 2021 16:25:45 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
Next.js
ETag
"14aa4-ERQPsLQjsz/XN83fChMkA4aeI2M"
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx/1.18.0 (Ubuntu)
Date
Wed, 07 Apr 2021 16:25:44 GMT
Content-Type
text/html
Content-Length
178
Connection
keep-alive
Location
https://www.tumgir.com/
84a534406aa48ef892fc.css
www.tumgir.com/_next/static/css/
13 KB
4 KB
Stylesheet
General
Full URL
https://www.tumgir.com/_next/static/css/84a534406aa48ef892fc.css
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e903ad3f02d5e1e8872d0614b28a947649dca80890e8e639d9e71d7c107711a8

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Mar 2021 22:39:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"353d-17880245177"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
webpack-6eacafe1c4ae8e87edf3.js
www.tumgir.com/_next/static/chunks/
2 KB
1 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/webpack-6eacafe1c4ae8e87edf3.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6e21714273010a449616624fad38442cb3a35a20625cbbce0780c7da0c67ef4e

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Mar 2021 22:29:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"78b-1788541c525"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
framework-c4f702b9f4df8c5c50ac.js
www.tumgir.com/_next/static/chunks/
128 KB
42 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/framework-c4f702b9f4df8c5c50ac.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
846ebae4909cae3822f281adf6a0e47b459f90e7984381fcc91e42432df4791d

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Mar 2021 22:39:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1ffd7-17880245177"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
679-ca4d2f44d7a438de95f6.js
www.tumgir.com/_next/static/chunks/
41 KB
14 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a04709563ec1d86a4591aa022c3ddec0acc38afb24763affd3b82401473f8ed8

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Mar 2021 22:39:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"a233-17880245177"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
778-0d52f781083d413dfe3c.js
www.tumgir.com/_next/static/chunks/
18 KB
7 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/778-0d52f781083d413dfe3c.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a45fe4cdd10cd8acacc426def5b29046ed9b70ef900ea7cb8e808ad7d2974af4

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Mar 2021 22:39:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"4856-1788024517b"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
main-b585fbee1813a2c23693.js
www.tumgir.com/_next/static/chunks/
180 B
555 B
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/main-b585fbee1813a2c23693.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d915e2ab9725531064cdc0d9805a5e5d6621a51fb6645d9e2721224e66c1ee2c

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:45 GMT
Last-Modified
Mon, 29 Mar 2021 22:39:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"b4-17880245177"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
180
683-7baf3b0a0b28f1633472.js
www.tumgir.com/_next/static/chunks/
8 KB
4 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/683-7baf3b0a0b28f1633472.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
720ab0a9951974a890813d1e01c1dcd366f54848e6698f0ab480e890ce8df484

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Mar 2021 22:39:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"21d4-17880245177"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
_app-285fe2b53c8f21c1ee83.js
www.tumgir.com/_next/static/chunks/pages/
17 KB
6 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/_app-285fe2b53c8f21c1ee83.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c701ea84a84ea04a94ee44556a004a201d9b62564b043ebf1515c2d2627ea38c

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Mar 2021 22:39:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"4351-17880245177"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
451-e40e8a477de603305dfd.js
www.tumgir.com/_next/static/chunks/
23 KB
6 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/451-e40e8a477de603305dfd.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b309bc576a89bb39717b298e99dd678c182c3923a30446f4e73d339b89b39803

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Mar 2021 22:13:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"5c98-17885335541"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
index-98b7c0e7eb936e0eae8e.js
www.tumgir.com/_next/static/chunks/pages/
5 KB
2 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/index-98b7c0e7eb936e0eae8e.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
13a51d932ed378188705602f8f4f6b42b50123c86aedc01b284adecc538dfd25

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Mar 2021 22:29:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"12a6-1788541c525"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
css2
fonts.googleapis.com/
4 KB
729 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 16:25:45 GMT
server
ESF
date
Wed, 07 Apr 2021 16:25:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Apr 2021 16:25:45 GMT
6bacc4d9eddcd4fb7b24e3b640fab4e3acf4d3fa.jpg
64.media.tumblr.com/34f748b282900893aebfaf5a36dc2cd0/09bbce6f3984b338-f9/s1280x1920/
301 KB
302 KB
Image
General
Full URL
https://64.media.tumblr.com/34f748b282900893aebfaf5a36dc2cd0/09bbce6f3984b338-f9/s1280x1920/6bacc4d9eddcd4fb7b24e3b640fab4e3acf4d3fa.jpg
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bcd3c6f15cd0b683cddac2f8d72db2821954e35b71e44dfda3c3366daae5430c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 07 Apr 2021 16:25:45 GMT
last-modified
Tue, 02 Feb 2021 14:26:06 GMT
server
nginx
x-frames
1
etag
"2747d18b59475243ce213144ac95695c-1498089600-fa60115"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_34f748b282900893aebfaf5a36dc2cd0_6bacc4d9_1280.jpg"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
308539
9d87f9e2e3005ffdfd816e26452295a2b43e8e23.jpg
64.media.tumblr.com/9acfe38cd5e49f6fae70ac732a35b608/6f5d317420ca6aaa-88/s1280x1920/
185 KB
185 KB
Image
General
Full URL
https://64.media.tumblr.com/9acfe38cd5e49f6fae70ac732a35b608/6f5d317420ca6aaa-88/s1280x1920/9d87f9e2e3005ffdfd816e26452295a2b43e8e23.jpg
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2072831dcd870cdb187134a38a9922aafbda03a94cce8408e9c6a452a1772fad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 07 Apr 2021 16:25:45 GMT
last-modified
Wed, 10 Mar 2021 05:09:47 GMT
server
nginx
x-frames
1
etag
"d897c13c13ff450b67062064cab8d4ec-1498089600-21d6383"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_9acfe38cd5e49f6fae70ac732a35b608_9d87f9e2_1280.jpg"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
189391
ec6f7a11f8536a94f6f84b518b6a23315f8ed4d4.jpg
64.media.tumblr.com/8571cb6c3c48303d8011c01fa751d4e0/cb823877ff4782c5-b9/s1280x1920/
63 KB
64 KB
Image
General
Full URL
https://64.media.tumblr.com/8571cb6c3c48303d8011c01fa751d4e0/cb823877ff4782c5-b9/s1280x1920/ec6f7a11f8536a94f6f84b518b6a23315f8ed4d4.jpg
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
c7c83afdc4e1d616c560c926d27d69c570612e131138b535fab2613773f6f153
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 07 Apr 2021 16:25:45 GMT
last-modified
Sun, 07 Mar 2021 17:32:15 GMT
server
nginx
x-frames
1
etag
"b26c1b9ff281559f28c1d4f70e53b45c-1498089600-191451c"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_8571cb6c3c48303d8011c01fa751d4e0_ec6f7a11_1280.jpg"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
64809
622681dd270e50f6fd920697b600ff75a985db36.jpg
64.media.tumblr.com/04910506666de1b36b94618b34871b61/fcd5f46f5c8b973e-99/s1280x1920/
99 KB
99 KB
Image
General
Full URL
https://64.media.tumblr.com/04910506666de1b36b94618b34871b61/fcd5f46f5c8b973e-99/s1280x1920/622681dd270e50f6fd920697b600ff75a985db36.jpg
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
79098f88c1786bfdf3965ecdabf9d91c45f40f059be90f15e138b09ca0c2e3a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 07 Apr 2021 16:25:45 GMT
last-modified
Tue, 09 Mar 2021 10:23:09 GMT
server
nginx
x-frames
1
etag
"c0c219e581fd5cc215f190e006ffa6d7-1498089600-191451c"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_04910506666de1b36b94618b34871b61_622681dd_1280.jpg"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
101246
2379acf05bf5f7736be45b8ba72ae0419ea0422e.gifv
64.media.tumblr.com/9d811a8959d0314bfa0243ee1d3a6010/d27d89652352ac03-77/s640x960/
207 KB
208 KB
Image
General
Full URL
https://64.media.tumblr.com/9d811a8959d0314bfa0243ee1d3a6010/d27d89652352ac03-77/s640x960/2379acf05bf5f7736be45b8ba72ae0419ea0422e.gifv
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a40cdd6e5d27df9240d37e3fc431dbd107aa2f8d508f8022f88f7131ba930fbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:45 GMT
vary
Accept
content-disposition
inline; filename="tumblr_9d811a8959d0314bfa0243ee1d3a6010_2379acf0_640.webp"
strict-transport-security
max-age=31536000; preload
content-length
212234
x-nc
HIT hhn 4
last-modified
Wed, 24 Mar 2021 19:50:14 GMT
server
nginx
etag
"58285f8e3a82ead0aaf5164c7e18151a-1523937600-add5f34"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
128e7909dd2695148af3855d6a0f16bbcae831b0.jpg
64.media.tumblr.com/ad94091f5fb5567225a52dd2ecbecafa/0f8696aa73a8a35d-f2/s2048x3072/
629 KB
630 KB
Image
General
Full URL
https://64.media.tumblr.com/ad94091f5fb5567225a52dd2ecbecafa/0f8696aa73a8a35d-f2/s2048x3072/128e7909dd2695148af3855d6a0f16bbcae831b0.jpg
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ae3772004d4ea08d89a4eeac003bd02b3d311baad221079f3bf2fb9236b74da9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 07 Apr 2021 16:25:45 GMT
last-modified
Thu, 25 Mar 2021 17:33:17 GMT
server
nginx
x-frames
1
etag
"50a2570a250f0b934ddf6495b9a0bd3c-1498089600-add5f34"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_ad94091f5fb5567225a52dd2ecbecafa_128e7909_2048.jpg"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
644055
557792041a558658802002eed4245f4737720e64.jpg
64.media.tumblr.com/e46734b70d7b764fe2552006c55307f9/0f8696aa73a8a35d-4d/s2048x3072/
495 KB
496 KB
Image
General
Full URL
https://64.media.tumblr.com/e46734b70d7b764fe2552006c55307f9/0f8696aa73a8a35d-4d/s2048x3072/557792041a558658802002eed4245f4737720e64.jpg
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
1c55ebc35b281da4a20c75a93ace05c8ddcbb2f9764d32f255f8dac79bcd2a7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 07 Apr 2021 16:25:45 GMT
last-modified
Thu, 25 Mar 2021 17:33:36 GMT
server
nginx
x-frames
1
etag
"7c45e4e7a2db464c0efa9ca23204b56f-1498089600-add5f34"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_e46734b70d7b764fe2552006c55307f9_55779204_2048.jpg"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
507157
bc4c4b8333172c6d9a3edbcb0e37c98364ab5514.jpg
64.media.tumblr.com/1a5836b41a97438be2465d84e36b0dbe/0f8696aa73a8a35d-61/s2048x3072/
503 KB
504 KB
Image
General
Full URL
https://64.media.tumblr.com/1a5836b41a97438be2465d84e36b0dbe/0f8696aa73a8a35d-61/s2048x3072/bc4c4b8333172c6d9a3edbcb0e37c98364ab5514.jpg
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
db1b6637e9ecea50f1cfd55176ac83f478cb45b977aa06094cc5f78677629ee8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 07 Apr 2021 16:25:45 GMT
last-modified
Thu, 25 Mar 2021 17:33:38 GMT
server
nginx
x-frames
1
etag
"208c4853fbccad0cc4ee76be5dee3de9-1498089600-add5f34"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_1a5836b41a97438be2465d84e36b0dbe_bc4c4b83_2048.jpg"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
515424
f8cadae5dacfa214af1d2fcf31bfa4f16b94019f.jpg
64.media.tumblr.com/e2f48bef910187e9ae6cb106be3a3705/0f8696aa73a8a35d-45/s2048x3072/
465 KB
466 KB
Image
General
Full URL
https://64.media.tumblr.com/e2f48bef910187e9ae6cb106be3a3705/0f8696aa73a8a35d-45/s2048x3072/f8cadae5dacfa214af1d2fcf31bfa4f16b94019f.jpg
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2dec7955e2c09f75a338ebafbda202d86820c13964e97eb41d9110717cb9c15b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 07 Apr 2021 16:25:45 GMT
last-modified
Thu, 25 Mar 2021 17:33:42 GMT
server
nginx
x-frames
1
etag
"54be41e22e21c035f7af82a2c9964126-1498089600-add5f34"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_e2f48bef910187e9ae6cb106be3a3705_f8cadae5_2048.jpg"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
476404
0078260256b8c7043a6fa368755f41783597f20e.jpg
64.media.tumblr.com/b8475baf4354767d3b9dada7c5a483d6/0f8696aa73a8a35d-9f/s2048x3072/
440 KB
440 KB
Image
General
Full URL
https://64.media.tumblr.com/b8475baf4354767d3b9dada7c5a483d6/0f8696aa73a8a35d-9f/s2048x3072/0078260256b8c7043a6fa368755f41783597f20e.jpg
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
efd51931d74217a3e0509d427bbfccdd15d6cda58eb0420a0f99ec7bd8be4e9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 07 Apr 2021 16:25:45 GMT
last-modified
Thu, 25 Mar 2021 17:33:45 GMT
server
nginx
x-frames
1
etag
"8bffdf2f53430f70c45f4d90f0e7f588-1498089600-add5f34"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_b8475baf4354767d3b9dada7c5a483d6_00782602_2048.jpg"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
450385
sw.js
www.tumgir.com/
160 KB
62 KB
Script
General
Full URL
https://www.tumgir.com/sw.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2226817fa4c105adcb289f1dd78fd1353bacf8b7a467517b8b7cf2a554ab16d0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:45 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Mar 2021 13:43:16 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"28145-17830fa0bf0"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
/
d18g6t7whf8ejf.cloudfront.net/
144 KB
45 KB
Script
General
Full URL
https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-169.fra56.r.cloudfront.net
Software
/
Resource Hash
d2c254d122ad8059772e7d216e5a3b677738c0f1d28f40d738f8a2ada654a7ef

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:45 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
45401
via
1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
x-amz-cf-id
9rR_idR0o00-BdcM9EydFJifly9QGe1ix3WYSwU4k49v_lgp7C9-Rg==
/
dmmzkfd82wayn.cloudfront.net/
247 KB
81 KB
Script
General
Full URL
https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7e00:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f39e72543d96597123db564b645092680c6487a64761dd0795db3c8fc12da104

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:45 GMT
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
82906
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-id
VgEJwcuIT1DXuZ9qFNy5TJIenFveUFLjWdBibmv8OVSNhmaT7V38lQ==
_buildManifest.js
www.tumgir.com/_next/static/a5a2031d1d4c6ba71c23d0064e612cd996085d16/
801 B
1 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/a5a2031d1d4c6ba71c23d0064e612cd996085d16/_buildManifest.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
18070ec05aa1fbbeaae382050d03705bc2025b2f0c0beb0092012d86daad2a61

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:45 GMT
Last-Modified
Tue, 30 Mar 2021 22:29:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"321-1788541c525"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
801
_ssgManifest.js
www.tumgir.com/_next/static/a5a2031d1d4c6ba71c23d0064e612cd996085d16/
77 B
451 B
Script
General
Full URL
https://www.tumgir.com/_next/static/a5a2031d1d4c6ba71c23d0064e612cd996085d16/_ssgManifest.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:45 GMT
Last-Modified
Tue, 30 Mar 2021 22:29:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"4d-1788541c525"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77
addthis_widget.js
s7.addthis.com/js/300/
353 KB
114 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-107.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Wed, 07 Apr 2021 16:25:45 GMT
x-host
s7.addthis.com
content-length
116325
adx
pubads.g.doubleclick.net/gampad/
57 KB
13 KB
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/tumgir.com_300x600_sticky_left_desktop_DFP&sz=300x600&t=Placement_type%3Dserving&1617812745497
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ce5bf385a911f710c9e4e84e08586c99c0abb8f749ea5bb2565588bf617cbb7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13416
x-xss-protection
0
google-lineitem-id
5653592300
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138344855354
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.tumgir.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adx
pubads.g.doubleclick.net/gampad/
58 KB
14 KB
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/tumgir.com_300x600_sticky_right_desktop_DFP&sz=300x600&t=Placement_type%3Dserving&1617812745502
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
77bc0d1c5e227bb4b26ce12fc045b61307495d61317fb121571de80294c7ebec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13561
x-xss-protection
0
google-lineitem-id
5651907510
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138344234064
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.tumgir.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
381 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
tumblr_qqrzsna66P1qejbir.mp4
va.media.tumblr.com/
128 KB
0
Media
General
Full URL
https://va.media.tumblr.com/tumblr_qqrzsna66P1qejbir.mp4
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-nc
HIT hhn 2
date
Wed, 07 Apr 2021 16:25:45 GMT
last-modified
Tue, 30 Mar 2021 09:31:47 GMT
server
nginx
access-control-allow-origin
*
etag
"1007d6e25bb139ba55de4471eb3679e3"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
video/mp4
Content-Range
bytes 0-4733540/4733541
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; preload
Content-Length
4733541
expires
Thu, 31 Dec 2037 23:55:55 GMT
adx
pubads.g.doubleclick.net/gampad/
56 KB
14 KB
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/tumgir.com_970x90_sticky_anchorad_desktop_DFP&sz=970x90&t=Placement_type%3Dserving&1617812745706
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
1ea77a57ca0b95c035c3eca9f0660e8580c8fae6b89681276edeae9f0093c45a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13260
x-xss-protection
0
google-lineitem-id
5651910225
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138344197877
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.tumgir.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
547 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
552 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
178 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
352 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
243 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.tumgir.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 21:15:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
155397
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 05 Apr 2022 21:15:48 GMT
stpd201221.js
stpd.cloud/assets/postbid/ Frame 0739
668 KB
165 KB
Script
General
Full URL
https://stpd.cloud/assets/postbid/stpd201221.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Apr 2021 16:25:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
content-md5
Z31KcnNREDgCG5fqQFS/wA==
age
1805
cf-request-id
094ec0866200004a9e09a64000000001
x-ms-lease-status
unlocked
last-modified
Wed, 07 Apr 2021 13:54:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BLQRT7fPuYeMjKTjue7Jm6nTiXm3VxtC4kbH1XPy6UsWh%2BLC0SqkkAL%2B4cZZKGh2459rubfV6lS5oneZo9jVqodwjFr2nyb8F2%2BhlEma1TVzDufhOn%2FU"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
x-ms-request-id
6dc9a078-f01e-0055-61b5-2bef1c000000
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
63c49d1d5f7e4a9e-FRA
stpd201221.js
stpd.cloud/assets/postbid/ Frame DCC0
668 KB
165 KB
Script
General
Full URL
https://stpd.cloud/assets/postbid/stpd201221.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Apr 2021 16:25:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
content-md5
Z31KcnNREDgCG5fqQFS/wA==
age
1805
cf-request-id
094ec0866300004a9e2f3fd000000001
x-ms-lease-status
unlocked
last-modified
Wed, 07 Apr 2021 13:54:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6HGTEheIRJ6Uq9m%2B4AJn9%2F%2Fhk0RWa5QuM2PXZIvIN9zKeaMEMLVYzq%2Bg6vEYpp4fPeGQ1JBwuD5OECjJG3uK2Fc0gHBaljjhttOJSmvmAttnCehwWHSR"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
x-ms-request-id
6dc9a078-f01e-0055-61b5-2bef1c000000
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
63c49d1d6f8e4a9e-FRA
stpd201221.js
stpd.cloud/assets/postbid/ Frame 85B3
668 KB
165 KB
Script
General
Full URL
https://stpd.cloud/assets/postbid/stpd201221.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Apr 2021 16:25:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
content-md5
Z31KcnNREDgCG5fqQFS/wA==
age
1805
cf-request-id
094ec0869400004a9e7e245000000001
x-ms-lease-status
unlocked
last-modified
Wed, 07 Apr 2021 13:54:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fr9ldeGsP3pFPpqnn7AIZ9RRkCVf4cX1Y8c0chjqUz4MMV2PmnPhpaZJJyDGV0mDx%2FuXBwG1iVN9%2BpXUTxYykYNc0cQ0MTa8N6V3M%2BYTvrOgNJfOptvC"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
x-ms-request-id
6dc9a078-f01e-0055-61b5-2bef1c000000
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
63c49d1db86a4a9e-FRA
gpt.js
www.googletagservices.com/tag/js/ Frame 0739
59 KB
20 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
842fd99acd0ab8b7df9e91adb905c588e55c34506783b2876833a1753ccdbd58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"835 / 906 of 1000 / last-modified: 1617810914"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20287
x-xss-protection
0
expires
Wed, 07 Apr 2021 16:25:46 GMT
usync.html
eus.rubiconproject.com/ Frame E712
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.tumgir.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.tumgir.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 07 Apr 2021 16:25:46 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date
Wed, 07 Apr 2021 16:25:46 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
gpt.js
www.googletagservices.com/tag/js/ Frame DCC0
59 KB
20 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
842fd99acd0ab8b7df9e91adb905c588e55c34506783b2876833a1753ccdbd58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"835 / 672 of 1000 / last-modified: 1617810914"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20287
x-xss-protection
0
expires
Wed, 07 Apr 2021 16:25:46 GMT
usync.html
eus.rubiconproject.com/ Frame EAF5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.tumgir.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.tumgir.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 07 Apr 2021 16:25:46 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date
Wed, 07 Apr 2021 16:25:46 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
gpt.js
www.googletagservices.com/tag/js/ Frame 85B3
59 KB
20 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
842fd99acd0ab8b7df9e91adb905c588e55c34506783b2876833a1753ccdbd58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"835 / 754 of 1000 / last-modified: 1617810914"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20287
x-xss-protection
0
expires
Wed, 07 Apr 2021 16:25:46 GMT
usync.html
eus.rubiconproject.com/ Frame 8BE3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.tumgir.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.tumgir.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 07 Apr 2021 16:25:46 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date
Wed, 07 Apr 2021 16:25:46 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
pubads_impl_2021040101.js
securepubads.g.doubleclick.net/gpt/ Frame 0739
286 KB
101 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Apr 2021 08:39:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103004
x-xss-protection
0
expires
Wed, 07 Apr 2021 16:25:46 GMT
pubads_impl_2021040101.js
securepubads.g.doubleclick.net/gpt/ Frame DCC0
286 KB
101 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Apr 2021 08:39:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103004
x-xss-protection
0
expires
Wed, 07 Apr 2021 16:25:46 GMT
pubads_impl_2021040101.js
securepubads.g.doubleclick.net/gpt/ Frame 85B3
286 KB
101 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Apr 2021 08:39:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103004
x-xss-protection
0
expires
Wed, 07 Apr 2021 16:25:46 GMT
usync.js
eus.rubiconproject.com/ Frame E712
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bf97d54048ff565046af3d9dbb31300a9b12c8a3b8e3ac73a49abef835c7d225

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 23:26:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41030
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9418
Expires
Thu, 08 Apr 2021 03:49:36 GMT
MTdxZ3NKFQIQLERFHUVJE18FEwNCDV5IBEZAXxMGXFAYFV1SWBxIAEYZGxRRHRUCChUTDUBLUUJaB0VJEwRfUVEdFQUGFG5eFUVJEw9FUUQAB1NLUUJCEzgaVQVTXVEBVkJeSwIGQUpFBw4XSkdUURNKEgkPEkoVBQYQBUNXD0RQSwYVDA
ertented.online/
0
0
Script
General
Full URL
https://ertented.online/MTdxZ3NKFQIQLERFHUVJE18FEwNCDV5IBEZAXxMGXFAYFV1SWBxIAEYZGxRRHRUCChUTDUBLUUJaB0VJEwRfUVEdFQUGFG5eFUVJEw9FUUQAB1NLUUJCEzgaVQVTXVEBVkJeSwIGQUpFBw4XSkdUURNKEgkPEkoVBQYQBUNXD0RQSwYVDA
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/sw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.237.125.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-125-12.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
x-powered-by
Express
access-control-allow-methods
GET, POST
/
dmmzkfd82wayn.cloudfront.net/
247 KB
81 KB
Script
General
Full URL
https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7e00:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f39e72543d96597123db564b645092680c6487a64761dd0795db3c8fc12da104

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:45 GMT
content-encoding
gzip
age
1
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop
FRA6-C1
content-length
82906
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-id
oKRQ76Y-Qi7nMZpvPXZnOEquCRCW6Y1jomlzjUsSEJGBmLB7NkbMDQ==
usync.js
eus.rubiconproject.com/ Frame 8BE3
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bf97d54048ff565046af3d9dbb31300a9b12c8a3b8e3ac73a49abef835c7d225

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 23:26:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41030
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9418
Expires
Thu, 08 Apr 2021 03:49:36 GMT
usync.js
eus.rubiconproject.com/ Frame EAF5
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bf97d54048ff565046af3d9dbb31300a9b12c8a3b8e3ac73a49abef835c7d225

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 23:26:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41030
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9418
Expires
Thu, 08 Apr 2021 03:49:36 GMT
khaos.jpg
token.rubiconproject.com/ Frame E712
284 B
932 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
3438
date
Wed, 07 Apr 2021 15:28:28 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Wed, 07 Apr 2021 17:28:28 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/
2 KB
1 KB
Script
General
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-162.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:46 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
B402EDC6F7271ED7
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=40097
accept-ranges
bytes
content-length
948
x-amz-id-2
3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5c61e9923da745ae/
1 KB
691 B
Script
General
Full URL
https://v1.addthisedge.com/live/boost/ra-5c61e9923da745ae/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1407278f2000cc72b2c477790dd5b22eb51167d6dafc9ddc1c31b81b12a3434

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:46 GMT
content-encoding
gzip
etag
1208431126--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=40, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
515
last-seen-blog
www.tumgir.com/api/tumblr/
604 B
1 KB
Fetch
General
Full URL
https://www.tumgir.com/api/tumblr/last-seen-blog
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/451-e40e8a477de603305dfd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
057f63afb012452bdc4bc1e51e067993dc667e49dad07dae7d041ae99beae778
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Powered-By
Express
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
604
X-XSS-Protection
0
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
X-Frame-Options
SAMEORIGIN
Date
Wed, 07 Apr 2021 16:25:46 GMT
Expect-CT
max-age=0
Vary
Accept-Encoding
X-Download-Options
noopen
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
ETag
W/"25c-QYFMgzibam+Eg8A3/phoiTGxbhI"
setuid
prebid-stag.setupad.net/ Frame 8BE3
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
  • https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
0
882 B
Image
General
Full URL
https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:46 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=psewyE%2BFQEhD9WQYIFn9uQ%2FwMybIAHESplbbGTHabgm1RSho1ZRs4Oc9fHlX7O7Z8dnIqhC8WKdn1Lfmr2on6d%2F6vZpPWs02o7rfQSOwAqxakJ8d1rjvHBcvN6rYYmF5JkuEVQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cache-control
no-cache, no-store, must-revalidate
cf-ray
63c49d230d654e1a-FRA
content-length
0
cf-request-id
094ec089ea00004e1abdbb7000000001
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
setuid
prebid-stag.setupad.net/ Frame EAF5
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
  • https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
0
486 B
Image
General
Full URL
https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:46 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SdgjeIPiqjyQQowQ0%2Fupo5EmkJTHAuNT%2FBbU%2Fy39oYLpelnZyG2Vk1rBclPwfjP6i0iHnrWUE%2FsKs9d4JKg6RwgGiiI0XNlQyocS8kXKeWeQ6DR%2FRd1uMTO%2B51kUMn%2BzaWd1DQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cache-control
no-cache, no-store, must-revalidate
cf-ray
63c49d232db74e1a-FRA
content-length
0
cf-request-id
094ec089fa00004e1a8928c000000001
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
451-e40e8a477de603305dfd.js
www.tumgir.com/_next/static/chunks/
0
6 KB
Other
General
Full URL
https://www.tumgir.com/_next/static/chunks/451-e40e8a477de603305dfd.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Mar 2021 22:13:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"5c98-17885335541"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
index-98b7c0e7eb936e0eae8e.js
www.tumgir.com/_next/static/chunks/pages/
0
2 KB
Other
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/index-98b7c0e7eb936e0eae8e.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Mar 2021 22:29:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"12a6-1788541c525"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
about-de7ad01c836ce835b66d.js
www.tumgir.com/_next/static/chunks/pages/static/
0
3 KB
Other
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/static/about-de7ad01c836ce835b66d.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Mar 2021 22:39:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"2151-17880245177"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
privacy-policy-6d7a35cc56cbfe9ac775.js
www.tumgir.com/_next/static/chunks/pages/static/
0
5 KB
Other
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/static/privacy-policy-6d7a35cc56cbfe9ac775.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Mar 2021 22:39:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"2fc7-17880245177"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
%5Bname%5D-78fbf6b90845acf54af6.js
www.tumgir.com/_next/static/chunks/pages/
0
3 KB
Other
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/%5Bname%5D-78fbf6b90845acf54af6.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Mar 2021 22:29:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1f23-1788541c525"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
%5Bname%5D-1eb3c64fe04ba7b8c244.js
www.tumgir.com/_next/static/chunks/pages/tag/
0
2 KB
Other
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/tag/%5Bname%5D-1eb3c64fe04ba7b8c244.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Mar 2021 22:29:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1130-1788541c525"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
setuid
prebid-stag.setupad.net/ Frame E712
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
  • https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
0
486 B
Image
General
Full URL
https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:46 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nU7%2Bgh2rMlBhrb%2FzPm3g7jItZ5GGC%2FC6HaAkS%2BiDcEU6i3je4PUVG2bga1cFS9pYeaoybBJ%2FJULQNsAyIJKNIqi36ruPiVLBqiHZ%2Bw7LCv92DUCbLn3ioMQ98dXiaGwu%2FmzxtA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cache-control
no-cache, no-store, must-revalidate
cf-ray
63c49d232dba4e1a-FRA
content-length
0
cf-request-id
094ec089fa00004e1a84a48000000001
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid-stag.setupad.net/setuid?bidder=rubicon&uid=KN7NXSEL-1Q-HLCF
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
collect
www.google-analytics.com/j/
2 B
315 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=59990815&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumgir.com%2F&ul=en-us&de=UTF-8&dt=Tumblr%20Online%20Web%20Viewer%20and%20Statistics%20%7C%20Tumgir&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1904160270&gjid=1903522822&cid=2005154171.1617812747&tid=UA-134279593-1&_gid=2069373855.1617812747&_r=1&_slc=1&z=166413125
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tumgir.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/
263 KB
76 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-107.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Wed, 07 Apr 2021 16:25:46 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
%5Bname%5D-78fbf6b90845acf54af6.js
www.tumgir.com/_next/static/chunks/pages/
8 KB
3 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/%5Bname%5D-78fbf6b90845acf54af6.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e271df2a3400788e8fe92cb51022cf119b04aabe9bc5fa07b9439d3bf03cd419

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Mar 2021 22:29:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1f23-1788541c525"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
%5Bname%5D-1eb3c64fe04ba7b8c244.js
www.tumgir.com/_next/static/chunks/pages/tag/
4 KB
2 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/tag/%5Bname%5D-1eb3c64fe04ba7b8c244.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69f976ee5ca0a16cdc3ad7aeaf5347a9a695152065f4166dcee520d36a523ef5

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Mar 2021 22:29:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1130-1788541c525"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
avatar_980c25a24037_128.png
64.media.tumblr.com/
Redirect Chain
  • https://api.tumblr.com/v2/blog/sungie-baby.tumblr.com/avatar/128
  • https://64.media.tumblr.com/avatar_980c25a24037_128.png
20 KB
20 KB
Image
General
Full URL
https://64.media.tumblr.com/avatar_980c25a24037_128.png
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
0e99b5a8d2aa72a72ef69dc973c4aa755f6bfa2bbcaeef87c0fe464258f2b351
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Wed, 07 Apr 2021 16:25:47 GMT
last-modified
Wed, 12 Jun 2019 22:48:59 GMT
server
nginx
x-frames
1
etag
"00d034ba2733ef17136cc52a6cbd4e87-1498089600-21d6383"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-disposition
inline; filename="avatar_980c25a24037_128.png"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
20441

Redirect headers

date
Wed, 07 Apr 2021 16:25:47 GMT
server
openresty
x-cache-avatar
true
strict-transport-security
max-age=31536000; preload
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location
https://64.media.tumblr.com/avatar_980c25a24037_128.png#_=_
x-rid
180701504702009696352867968353747850813
content-type
application/json
content-length
121
x-ua-compatible
IE=Edge,chrome=1
avatar_82a34c87a430_128.png
64.media.tumblr.com/
Redirect Chain
  • https://api.tumblr.com/v2/blog/skymeteorcom.tumblr.com/avatar/128
  • https://64.media.tumblr.com/avatar_82a34c87a430_128.png
22 KB
22 KB
Image
General
Full URL
https://64.media.tumblr.com/avatar_82a34c87a430_128.png
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2f6cfa4f18cbd9d60d893fafcc320cdad165a6ee853bf1da88e914fa471f762e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Wed, 07 Apr 2021 16:25:47 GMT
last-modified
Fri, 11 Dec 2020 10:17:38 GMT
server
nginx
x-frames
1
etag
"f4454340f832ed3cb71b28add1f08a8a-1498089600-21d6383"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-disposition
inline; filename="avatar_82a34c87a430_128.png"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
22562

Redirect headers

date
Wed, 07 Apr 2021 16:25:47 GMT
server
openresty
x-cache-avatar
true
strict-transport-security
max-age=31536000; preload
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location
https://64.media.tumblr.com/avatar_82a34c87a430_128.png#_=_
x-rid
162110624628747634281934814715074976642
content-type
application/json
content-length
121
x-ua-compatible
IE=Edge,chrome=1
d537b680436b4b2fe195b3fbff36e3862544a892.jpg
64.media.tumblr.com/30b68ae4e458dc117af871486b9bfd19/20f0ad58a55c73b0-a4/s128x128u_c1/
Redirect Chain
  • https://api.tumblr.com/v2/blog/99xd.tumblr.com/avatar/128
  • https://64.media.tumblr.com/30b68ae4e458dc117af871486b9bfd19/20f0ad58a55c73b0-a4/s128x128u_c1/d537b680436b4b2fe195b3fbff36e3862544a892.jpg
8 KB
8 KB
Image
General
Full URL
https://64.media.tumblr.com/30b68ae4e458dc117af871486b9bfd19/20f0ad58a55c73b0-a4/s128x128u_c1/d537b680436b4b2fe195b3fbff36e3862544a892.jpg
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
06b07f078cefc254bc18dd22273f6e9e58521257b395a2614c89567ad0b2560d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 07 Apr 2021 16:25:47 GMT
last-modified
Fri, 01 Jan 2021 08:49:45 GMT
server
nginx
x-frames
1
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_30b68ae4e458dc117af871486b9bfd19_d537b680_128.jpg"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
7935

Redirect headers

date
Wed, 07 Apr 2021 16:25:47 GMT
server
openresty
x-cache-avatar
true
strict-transport-security
max-age=31536000; preload
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location
https://64.media.tumblr.com/30b68ae4e458dc117af871486b9bfd19/20f0ad58a55c73b0-a4/s128x128u_c1/d537b680436b4b2fe195b3fbff36e3862544a892.jpg#_=_
x-rid
91042363479368369315558281696741040155
content-type
application/json
content-length
204
x-ua-compatible
IE=Edge,chrome=1
423c74521eb608cf4626139e0d6bb4a68152cba0.png
64.media.tumblr.com/bf7665e8ebc9363e027af31a1126e94a/b5cb9bb19586e335-34/s128x128u_c1/
Redirect Chain
  • https://api.tumblr.com/v2/blog/sodaprop.tumblr.com/avatar/128
  • https://64.media.tumblr.com/bf7665e8ebc9363e027af31a1126e94a/b5cb9bb19586e335-34/s128x128u_c1/423c74521eb608cf4626139e0d6bb4a68152cba0.png
19 KB
20 KB
Image
General
Full URL
https://64.media.tumblr.com/bf7665e8ebc9363e027af31a1126e94a/b5cb9bb19586e335-34/s128x128u_c1/423c74521eb608cf4626139e0d6bb4a68152cba0.png
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
cccc8917674b72efa6842b9766e6c7138b3f9d6eee75da0dc5eafb39f32d4be1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
MISS hhn 3
date
Wed, 07 Apr 2021 16:25:47 GMT
last-modified
Fri, 11 Dec 2020 17:40:08 GMT
server
nginx
x-frames
1
etag
"adacfd7b5c0b23917438268708529065-1498089600-21d6383"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_bf7665e8ebc9363e027af31a1126e94a_423c7452_128.png"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
19811

Redirect headers

date
Wed, 07 Apr 2021 16:25:47 GMT
server
openresty
x-cache-avatar
true
strict-transport-security
max-age=31536000; preload
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location
https://64.media.tumblr.com/bf7665e8ebc9363e027af31a1126e94a/b5cb9bb19586e335-34/s128x128u_c1/423c74521eb608cf4626139e0d6bb4a68152cba0.png#_=_
x-rid
62156719779263758891050793830850014961
content-type
application/json
content-length
204
x-ua-compatible
IE=Edge,chrome=1
octahedron_closed_128.png
assets.tumblr.com/images/default_avatar/
Redirect Chain
  • https://api.tumblr.com/v2/blog/semekurapika.tumblr.com/avatar/128
  • https://assets.tumblr.com/images/default_avatar/octahedron_closed_128.png
2 KB
2 KB
Image
General
Full URL
https://assets.tumblr.com/images/default_avatar/octahedron_closed_128.png
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
33286a33dd55d0303e5eda261b22b53934f5c0488725b2e351d816e5a84c4c9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 07 Apr 2021 16:25:47 GMT
last-modified
Sun, 01 Nov 2020 05:26:35 GMT
server
nginx
etag
"5f9e470b-8eb"
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
accept-ranges
bytes
timing-allow-origin
*
content-length
2283
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 07 Apr 2021 16:25:47 GMT
server
openresty
x-cache-avatar
true
strict-transport-security
max-age=31536000; preload
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location
https://assets.tumblr.com/images/default_avatar/octahedron_closed_128.png#_=_
x-rid
1073727500879925285717539592082063731129
content-type
application/json
content-length
139
x-ua-compatible
IE=Edge,chrome=1
709414.gif
id.rlcdn.com/ Frame E712
0
66 B
Image
General
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:46 GMT
via
1.1 google
alt-svc
clear
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame E712
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.45.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-45-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame E712
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ae89606d-dd0a-4e00-a19c-060a9a73c74f
42 B
689 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ae89606d-dd0a-4e00-a19c-060a9a73c74f
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

Date
Wed, 07 Apr 2021 16:25:17 GMT
Server
MT3 3628 75f709e master cdg-pixel-x6
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ae89606d-dd0a-4e00-a19c-060a9a73c74f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 07 Apr 2021 16:25:16 GMT
pixel
cm.g.doubleclick.net/ Frame E712
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWI2NTBkNTI3ZmU2N2VmMDQ0MGIyZGJkZDdmODQyNzJmN2U1NGYzNw
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWI2NTBkNTI3ZmU2N2VmMDQ0MGIyZGJkZDdmODQyNzJmN2U1NGYzNw&google_tc=
170 B
484 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWI2NTBkNTI3ZmU2N2VmMDQ0MGIyZGJkZDdmODQyNzJmN2U1NGYzNw&google_tc=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWI2NTBkNTI3ZmU2N2VmMDQ0MGIyZGJkZDdmODQyNzJmN2U1NGYzNw&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame E712
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yPoreAaryB-m6BVM0_aqiMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7480225752431411037
42 B
689 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7480225752431411037
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

date
Wed, 07 Apr 2021 16:25:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7480225752431411037
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame E712
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJI92WYEKgWQ-oDcWzpmFLc&google_cver=1
42 B
689 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJI92WYEKgWQ-oDcWzpmFLc&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJI92WYEKgWQ-oDcWzpmFLc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame E712
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KN7NXSEL-1Q-HLCF&sigv=1&esig=2~1ce7e23ce5dcb758d5d6d35c39051144386a08e6
0
442 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KN7NXSEL-1Q-HLCF&sigv=1&esig=2~1ce7e23ce5dcb758d5d6d35c39051144386a08e6
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:46 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KN7NXSEL-1Q-HLCF&sigv=1&esig=2~1ce7e23ce5dcb758d5d6d35c39051144386a08e6
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame E712
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S043TlhTRUwtMVEtSExDRg==
170 B
190 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S043TlhTRUwtMVEtSExDRg==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S043TlhTRUwtMVEtSExDRg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
about-de7ad01c836ce835b66d.js
www.tumgir.com/_next/static/chunks/pages/static/
8 KB
3 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/static/about-de7ad01c836ce835b66d.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fa0fbb38e12c743b2cfafc9750b1bb584f30a014a4c7beef0024efad8f7f64a4

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Mar 2021 22:39:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"2151-17880245177"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
privacy-policy-6d7a35cc56cbfe9ac775.js
www.tumgir.com/_next/static/chunks/pages/static/
12 KB
5 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/static/privacy-policy-6d7a35cc56cbfe9ac775.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/679-ca4d2f44d7a438de95f6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0d5d7ac369c22eb5f80d24484369bc71ff59061c46f204fd0dc147150552c228

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 16:25:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Mar 2021 22:39:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"2fc7-17880245177"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
integrator.js
adservice.google.de/adsid/ Frame 0739
107 B
799 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.tumgir.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 16:25:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0739
107 B
553 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.tumgir.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 16:25:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0739
80 KB
27 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4170046648401150&correlator=3540228573681344&output=ldjh&impl=fifs&eid=31060550%2C31060704%2C44733568%2C44739387&vrg=2021040101&ptt=17&gdpr_consent=CPESqJjPESqJjAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210407&iu_parts=147246189%2Ctumgir.com_300x600_sticky_right_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C300x300%7C160x600%7C250x600%7C120x600%7C240x400%7C240x500%7C250x360%7C250x500%7C200x600%7C240x600&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=www.tumgir.com&bc=31&abxe=1&dt=1617812746812&dlt=1617812745738&idt=848&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=1247&adys=159&adks=77475313&ucis=9yuim5pq6vsy&ifi=1&ifk=1963032681&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=tumgir.com&loc=https%3A%2F%2Fwww.tumgir.com%2F&top=www.tumgir.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x150&msz=300x600&ga_vid=2005154171.1617812747&ga_sid=1617812747&ga_hid=1757035145&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
f9fbf1ee2fcf0d569186a9ac283093db220882e8c16257882c5277949c6f5b83
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COLD35DG7O8CFRo-4AodLUYN3Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COLD35DG7O8CFRo-4AodLUYN3Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25942
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Wed, 07 Apr 2021 16:25:47 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tumgir.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0739
0
0
Other
General
Full URL
https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 0739
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

integrator.js
adservice.google.de/adsid/ Frame DCC0
107 B
777 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.tumgir.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DCC0
107 B
531 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.tumgir.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame DCC0
41 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4308192197042860&correlator=858748396790874&output=ldjh&impl=fifs&eid=31060313%2C31060550%2C31060320%2C31060673%2C44739387&vrg=2021040101&ptt=17&gdpr_consent=CPESqJkPESqJkAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210407&iu_parts=147246189%2Ctumgir.com_300x600_sticky_left_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C300x300%7C160x600%7C250x600%7C300x200%7C120x600%7C240x400%7C240x500%7C250x360%7C250x500&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=www.tumgir.com&bc=31&abxe=1&dt=1617812747056&dlt=1617812745753&idt=857&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=352&adys=467&adks=1457529228&ucis=425y7le9v80s&ifi=1&ifk=1963032681&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=tumgir.com&loc=https%3A%2F%2Fwww.tumgir.com%2F&top=www.tumgir.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x150&msz=300x600&ga_vid=2005154171.1617812747&ga_sid=1617812747&ga_hid=122844170&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d241fba233fcca3e29f0bf55bc0c6cabbb4354dbd77935c8e0cda11aa0d1b770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10464
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tumgir.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
303e5f6e13de36fc35aff54bff7a12aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DCC0
0
0
Other
General
Full URL
https://303e5f6e13de36fc35aff54bff7a12aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame DCC0
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

integrator.js
adservice.google.de/adsid/ Frame 85B3
107 B
123 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.tumgir.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 85B3
107 B
123 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.tumgir.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 85B3
16 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1279489878249558&correlator=1768600346628299&output=ldjh&impl=fifs&eid=31060550%2C44739387%2C44740387&vrg=2021040101&ptt=17&gdpr_consent=CPESqJlPESqJlAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210407&iu_parts=147246189%2Ctumgir.com_970x90_sticky_anchorad_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C950x90%7C900x90%7C728x90%7C768x90&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=www.tumgir.com&bc=31&abxe=1&dt=1617812747173&dlt=1617812745869&idt=734&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=0&adys=8648&adks=2725430866&ucis=rouktuxltp65&ifi=1&ifk=1963032681&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=tumgir.com&loc=https%3A%2F%2Fwww.tumgir.com%2F&top=www.tumgir.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x150&msz=300x90&ga_vid=2005154171.1617812747&ga_sid=1617812747&ga_hid=1445212496&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
7f2dde4dd23d7108fd3cdfec4b53ec8d2e5cd76f9f2fa551fdfc40d36910f428
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7634
x-xss-protection
0
google-lineitem-id
5561571268
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138333769532
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tumgir.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7e6c37430b76c030e065d96aeaee6c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 85B3
0
0
Other
General
Full URL
https://7e6c37430b76c030e065d96aeaee6c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 85B3
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

container.html
68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8B88
6 KB
3 KB
Document
General
Full URL
https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.tumgir.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.tumgir.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 07 Apr 2021 16:25:46 GMT
expires
Thu, 07 Apr 2022 16:25:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 0739
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa5e01e38d554ca21f9c4aa9e7a6345d7d8f017520925a73648e4f3ee3a7b79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617660453263920"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28267
x-xss-protection
0
expires
Wed, 07 Apr 2021 16:25:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0739
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c52a69e6cc8fa814e9ce202a9039ce0de09a30263e8ee76305ebb1890ea6be1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6623
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/ Frame DCA9
14 KB
4 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f72fb9ef6d4e8e66630e4e9d16fd85dc80eb3fdf6656519deed3a9e88758443
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3236
date
Fri, 02 Apr 2021 09:45:34 GMT
expires
Sat, 02 Apr 2022 09:45:34 GMT
last-modified
Thu, 25 Feb 2021 07:59:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
456013
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 8B88
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C3mGxCt1tYOKWOJr8gAetjLXoDe-0s5hi3dm1vY4N3aq81_ICEAEgjeS9KWD1lc6B4ASgAYbikdMDyAEJqQLG2vHH-A2yPuACAKgDAcgDCKoEzAFP0K1b55qTfpOJJ9n5AgGjqt6jstac6sbsl2ARzkGMpev__ZVZ2I1pRq4KtAsLZ_FudT61kAusQeGElpFWOkgnCfnLwJ8xksKRA4dyggxxQn08N43n7ihpcjG6ACbvRU4k2jylg1h3XUqNhv3SydcJnSc0dCRhYAS0X18I5UfmE6Rp0mtt_dB9D6gBGI5lJr7zm3kHKQmGCUjOIRfA8vd2EWc0sFGaJ8hUhHdRwa68mGBHSgK14i4ymCfRsTjZeAlHcI6BVLsVkAPL5TPABKj-9PXBA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfine4sqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEMTFF9IICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tNTU0MjkzNzM4Mzg4OTc1NoAKA8gLAdgTDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi03MzgzMTcxODMwNjE0MjE2&sigh=tMmpYKVncSQ&template_id=419&tpd=AGWhJmuqmrx9drRmdrrepntx31gVouCBEAWhkj5LO9r8dq9RXA
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/ Frame 8B88
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/abg_lite_fy2019.js
Requested by
Host: 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
URL: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2a4352595bb834d956d7ae260ecf56b9f1b9785b46f3314ed7b82ef506b2f00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7115
x-xss-protection
0
server
cafe
etag
360627091892979634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Apr 2021 16:19:01 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/ Frame 8B88
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/window_focus_fy2019.js
Requested by
Host: 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
URL: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Apr 2021 16:23:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8B88
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
URL: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0518695a30c166fb5ef9104028ce570005450472c3f120a7d2904fae59f2423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617660447179276"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Wed, 07 Apr 2021 16:25:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/ Frame 8B88
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
URL: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Apr 2021 16:25:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0739
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 07 Apr 2021 16:25:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 4695
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.tumgir.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.tumgir.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 07 Apr 2021 16:13:56 GMT
expires
Thu, 07 Apr 2022 16:13:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
711
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame A38E
143 B
225 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
URL: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk5SIBF881WhVRyrox9lYnXKIR-AK18AP52_lXGCI04OD6NaYjUH5_8_YGErnE; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 07 Apr 2021 16:23:25 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
142
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 8B88
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a27286ad9ae8f6b660c57d19e3a7500464f0ea8acb70d1ad424b1a07bbcf105

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame DCA9
9 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 12:33:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 08 Apr 2021 12:33:25 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DCA9
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 18:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 07 Apr 2021 18:54:37 GMT
d403ba94cc52740a2f685e1bcfa736c8.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/ Frame DCA9
72 KB
20 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/d403ba94cc52740a2f685e1bcfa736c8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4399ea76ac2797eb121205cf59643f766a4a111ba563758d5fada53e7f78558a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
556384
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18912
x-xss-protection
0
last-modified
Thu, 25 Feb 2021 07:59:08 GMT
server
sffe
date
Thu, 01 Apr 2021 05:52:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Apr 2022 05:52:43 GMT
e4a468ef72489bd511295a3653310e33.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/ Frame DCA9
22 KB
22 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/e4a468ef72489bd511295a3653310e33.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3d016a26b6f5e60d62038b0e6415a0e329c1929cef2603d880323d02a842d47
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
456013
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22652
x-xss-protection
0
last-modified
Thu, 25 Feb 2021 07:59:08 GMT
server
sffe
date
Fri, 02 Apr 2021 09:45:34 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 09:45:34 GMT
7c446c5f4e885ff1da7204ea253ad643.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/ Frame DCA9
13 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/7c446c5f4e885ff1da7204ea253ad643.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100b6f6b8b50473a692d1b32926a55df5f24eefc13f63141bd7bd1a323653369
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
556383
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3875
x-xss-protection
0
last-modified
Thu, 25 Feb 2021 07:59:08 GMT
server
sffe
date
Thu, 01 Apr 2021 05:52:44 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Apr 2022 05:52:44 GMT
eb6eece6a05d7ac32e0032dfaade998c.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/ Frame DCA9
6 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/eb6eece6a05d7ac32e0032dfaade998c.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93f965d3bc757cda81de1a729bd4aa249e83e807cba24884ae09c7b088f039f1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
456013
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2278
x-xss-protection
0
last-modified
Thu, 25 Feb 2021 07:59:08 GMT
server
sffe
date
Fri, 02 Apr 2021 09:45:34 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 09:45:34 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A38E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
187 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
URL: https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk5SIBF881WhVRyrox9lYnXKIR-AK18AP52_lXGCI04OD6NaYjUH5_8_YGErnE; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 07 Apr 2021 16:25:47 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 07-Apr-2021 17:25:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 07 Apr 2021 16:25:47 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 07 Apr 2021 16:25:47 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
pagead2.googlesyndication.com/bg/ Frame 4695
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 14:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
5827
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
expires
Thu, 07 Apr 2022 14:48:40 GMT
ce749fbeabd1b04af8b5d551bce6f864.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/ Frame DCA9
8 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/ce749fbeabd1b04af8b5d551bce6f864.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a5725a6ef4f317380626d19baf09ca63dddcab2fb6fadf69e5dec42010d40df
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
456013
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2074
x-xss-protection
0
last-modified
Thu, 25 Feb 2021 07:59:08 GMT
server
sffe
date
Fri, 02 Apr 2021 09:45:34 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 09:45:34 GMT
shares-post.json
api-public.addthis.com/url/serviceapi/
2 B
255 B
XHR
General
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tumgir.com%2F
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-107.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://www.tumgir.com/
last-modified
Wed, 07 Apr 2021 16:00:00 GMT
server
nginx/1.15.8
date
Wed, 07 Apr 2021 16:25:47 GMT
content-type
application/json
access-control-allow-origin
https://www.tumgir.com
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
count.json
widgets.pinterest.com/v1/urls/
70 B
131 B
Script
General
Full URL
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.tumgir.com%2F&callback=window._ate.cbs.rcb_cxhd0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
33df4c2e930aed93451e88270191f32f57f4a861806ec322a2144f728663f496
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=887
x-envoy-upstream-service-time
1
accept-ranges
none
x-pinterest-rid
1361582049313083
expires
Wed, 07 Apr 2021 16:40:47 GMT
shares.json
api-public.addthis.com/url/
36 B
285 B
Script
General
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tumgir.com%2F&callback=_ate.cbs.rcb_5htt0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-107.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
c4b10af72961e44217d47661629dbf312333e1773a115ffd1eea8f7bc6fadc27
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.tumgir.com/
last-modified
Wed, 07 Apr 2021 16:25:47 GMT
server
nginx/1.15.8
date
Wed, 07 Apr 2021 16:25:47 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
56
count.json
widgets.pinterest.com/v1/urls/
72 B
299 B
Script
General
Full URL
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.tumgir.com%2F&callback=window._ate.cbs.rcb_70xe0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7dcedf4c8826a82562d22422980dc92e281cbb1962f9e027f8cf91f2f8b8797d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=887
x-envoy-upstream-service-time
1
accept-ranges
none
x-pinterest-rid
9382097034610285
expires
Wed, 07 Apr 2021 16:40:47 GMT
shares.json
api-public.addthis.com/url/
35 B
284 B
Script
General
Full URL
https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tumgir.com%2F&callback=_ate.cbs.rcb_eiy0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-107.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
22b54d681d4cdc8b12561c2e222cc5081ce0ff39795bba9677158028db84618d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.tumgir.com/
last-modified
Wed, 07 Apr 2021 16:25:47 GMT
server
nginx/1.15.8
date
Wed, 07 Apr 2021 16:25:47 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
55
truncated
/
443 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
node.php
node.setupad.com/node/ Frame 0739
0
209 B
XHR
General
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0739
0
224 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040101&jk=4170046648401150&bg=!ISKlImbNAAY56aLOOek7ACkAdvg8WlC1upznjRFUPsfvyyBYFYeAI054sLV9oEx0wvTH1A0lqesoMwIAAAC_UgAAAA1oAQcKAEJj2gpagMxq0sp_oy61jSFXIXSvaVhhRCbcgFkJI9hTmGdrzmENcLhhbPx15FFjRXHhbf2YAk3gi3ywrDDEpXUbn4eZAgSvJlL4Djb7bKkM9ov08znbE6PmoJ5VBC3Fq1i6ibFGai3N3PWm8YZ0kljWG8Waun1X7jl1zb_dnuMGvwx5g9P3gPn9JGs8ed0rlZN8WjhXCeL6Ciahb6R-kate0baiB0erqd39IiDt98EpvoeuNwHloIeNG8CLxzvVFppnhGtI_pi5Y_JGyd5FUEAeGpYPNiBWGFff_P5lYwb7qRVAQkJ3EXNSh6OBOYNXO_WBTK_uStLxvfEvBFh05_cHH702kHGjTyvPZwBoAwrRjuyPbmHKdL_26nmn43_dlxcfig6m6Q5uk2xDPrI9etDJnePRy_GCFKVRnS02aZL--spFVMM79WqyVH9HdHrgCKG6c1K7O-yC1SQNpwUhqmyjZuwfFCtWYnEa9_dUzMrNKzu3jO-t1bHSty8j9CXUv0FqbIJHOk58BXfXzITdTdcS27L4-glG65HK0OXHFl-kU-cg3kRgHDnXt6wwu5rd27TWtqq5wf8ZG2hjTvV1g7o2SJIQNOjLSnB0548veMzHu4yW8-SeCyj8vsKIIQigrLN_KDOFWTPhTInGtdh9qA366ggbLUb7SlMMzH6SQcwKRPq2jh_FqcBwSEKmPcaqUlLLuaVUrpERwormQlb2PelL6KdsVfk3AJT8wyaETCSkhTCMwc_XwWE0KO6gLrtuBBgCG5SHTlIcvdM
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame DB7A
190 KB
55 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
467722
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:30:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:30:25 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame DB7A
12 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
467711
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:30:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:30:36 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame DB7A
87 KB
27 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
467787
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame DB7A
27 KB
9 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
467787
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame DB7A
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
467787
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
truncated
/ Frame DB7A
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef7adec8308bdea24dcd098842482f008ee00566b274197eb826f49f48e50953

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
11734052577369779822
tpc.googlesyndication.com/simgad/ Frame DB7A
35 KB
35 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11734052577369779822?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnD3MzDzl3qqMPZso4VO4lhFD-31A
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
700e9d84f223718a795369a283fe07f8d2c2d626aa883993a80974abbb60edfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 10:07:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 08 Nov 2020 01:31:08 GMT
server
sffe
age
22680
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36133
x-xss-protection
0
expires
Thu, 07 Apr 2022 10:07:47 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DB7A
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
6533
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 08 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DB7A
295 B
389 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
65322
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 07 Apr 2021 22:17:05 GMT
l
www.google.com/ads/measurement/ Frame DB7A
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQu2PQYeZHkTc88_24MKucQYaEdeo_TncFrZmqK91GMGmH97zxD8GRhCH3-SA8MtHtVFeVpaCJMgi6hJIBCxjb8cVh_A
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame DB7A
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvFtqC91tYKGrB9ii-gbIrZKgCNmdmNNh7ae3o48NnZ7-q8siEAEgjeS9KWD1lc6B4ASgAabblpUCyAECqQIY1JzPraGqPuACAKgDAcgDCKoE3wFP0FBFwzj6SjXjIwdAZG7Bn23XOznZdc01S8q3NVKxusUG81KtAGd9YNz0HnXbHVNudMUYuKVPtSjOnpcC7cQDAPsEi_MSYdWdZSEe5a_-hd0KDkvfvRB2AoNFaOpdPyWfBT3SOfBDUyLy1XOYq6XV48lDtlfctrwHmAaqNwTmowseNVAa87mcQJttwh26yAVRSq-y38a_5hTF2SEE2-_ZTJir24uNEdVNr_XMaAx5IjWUgRujmPs-QVaJu_GU1nPLWGP5wB1ZQsWdCWgL_E56QihCbUkrqcBE65br_7tzwASatqqawwPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHwqTp6gGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQzu8O0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi01NTQyOTM3MzgzODg5NzU2gAoDyAsB2BMMshcaChgIABIUcHViLTczODMxNzE4MzA2MTQyMTY&sigh=SSVZ9wh3dvg&tpd=AGWhJmsaZxSypLEvZPNXdBSYO_B5jKRqsmzQtl4peyKM6NTEvA
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/getconfig/ Frame DCC0
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6d0cdf7893b5073a5ee554e24d8defd2223d4643638fa084323849b73a5511b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0368
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAD0kFsktfN0mJxEsir7OYakC4BIOfjj6Kaqv2cHOQKdEJcB44lfvEBuXkX5pD0VpDLjADysR-b5iu8FHdG2s9fFnemftC8dGEqYkxcU8c-lTWqQJlLH6PAwKj7b9hL88Z3xQOq17zNPCSLP39kWZ1feT2ZGH5oiQpczTrWqA4_YC2j_dF_Ny6dAEakkVjQEsicLsFeotKU_ZTFSbSwtnc8cY5E86tIm9VtrwEzpWk9f2f4KLy6rzC099KXBLb6mwRL04BimVIn4ec-VvDYlCEJrYRTyA4lXSsjVQb3noaXtBE8Ygc5TsZEPUDnIQ2kE9gzZLGC6uzzMjX7vMVn8aC5Nrk9MVndfGC083OMtQseesSHt7r&sig=Cg0ArKJSzPw0X_shqmwNEAE&adurl=
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 16:25:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/ Frame 0368
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Apr 2021 16:23:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0368
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0518695a30c166fb5ef9104028ce570005450472c3f120a7d2904fae59f2423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617660447179276"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Wed, 07 Apr 2021 16:25:47 GMT
14920084787415796477
tpc.googlesyndication.com/simgad/ Frame 0368
40 KB
40 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14920084787415796477
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37547a546685340849a0625000729d08a5d7e5e66c53ff9065b84977fd1f431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:05:15 GMT
x-content-type-options
nosniff
age
454832
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40475
x-xss-protection
0
last-modified
Fri, 11 Dec 2020 07:35:36 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 10:05:15 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 85B3
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa5e01e38d554ca21f9c4aa9e7a6345d7d8f017520925a73648e4f3ee3a7b79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617660453263920"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28267
x-xss-protection
0
expires
Wed, 07 Apr 2021 16:25:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 85B3
8 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf53d9e77b7e01c56ce4d008b3717cdc6878a4db1447e89b68f359dbfe196925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6552
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DCC0
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 07 Apr 2021 16:25:47 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 85B3
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 16:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 07 Apr 2021 16:25:47 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame DB7A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Wed, 07 Apr 2021 16:25:47 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
truncated
/ Frame 0368
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a0b812fb0d90bd947ef86652460679b22481e9b9122bae19bcfa0d18b504d48

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
node.php
node.setupad.com/node/ Frame 85B3
0
208 B
XHR
General
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 07 Apr 2021 16:25:48 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 0368
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvux6Km-gG-DdvN4y_JGtEISz_74ldT-MhgLIpPd6raAHn255zKawYRUXdlpZAMw-d5Ae5f4wprt_rKTHfb0JD9BMlLHlkxmh8LesJ3twTBCNz3Fw14NZgFwpGmXXft-vu1y9UmtcrSSmbDivXPSliRkPMr1ZGzdNA-sQVOFpftacmlOmYgkGu8Gk6TUXSlPXYe2BSSsoMMqNRmnrVsxiLjMeqKH36Z45bHUknTIvUGi8r2UhJfYqT01Bo4DGaoqvEhamVZ8aqaL2oc8eSDQJNIFoV7l4WRzDqlheBdCgx54JKKp9P2PkRbJReY7X4A-vFkNtgjDB-PvdhJhQ&sig=Cg0ArKJSzIM5SqoKTJRoEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 16:25:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 07 Apr 2021 16:25:48 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame F191
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.tumgir.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.tumgir.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 07 Apr 2021 16:13:56 GMT
expires
Thu, 07 Apr 2022 16:13:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
712
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 2479
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.tumgir.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.tumgir.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 07 Apr 2021 16:13:56 GMT
expires
Thu, 07 Apr 2022 16:13:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
712
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
node.php
node.setupad.com/node/ Frame DCC0
0
208 B
XHR
General
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 07 Apr 2021 16:25:48 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
pagead2.googlesyndication.com/bg/ Frame F191
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 14:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
5828
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
expires
Thu, 07 Apr 2022 14:48:40 GMT
DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
pagead2.googlesyndication.com/bg/ Frame 2479
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 14:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
5828
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
expires
Thu, 07 Apr 2022 14:48:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DCC0
0
46 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040101&jk=4308192197042860&bg=!TU6lTgrNAAY56aLOOek7ACkAdvg8WkUNxk5PomvwuRdfABSxAytyQVH36-4J2_eGtXviEpv_ddOUFQIAAADqUgAAAAxoAQcKAD77xGWDNK5h6kQzk1iHOJtzF8JM9cQumoE1jl-pj_6-qPk8q0MR0VIh2kpGvDK49unvLu-SLLqYjhbk4vHYwZkB9W5c7aN0yJ-6Sso25lxi7qTsmt1uauBj3NmhYgl4utqQ3EaCBecNCd-3Mkzd2Q6GNmqM_FXXdyjdlvYIi1-5kvvlFDDLWGxe8IizTy0G7KxlAtzCg1_t1P8FWYd9wesNS0psUckua-evc_LOUDTDoouYTiUujgcBYzavH_Y1Wvn6Hc8wHLbKsziXgWEpJuUrlqEJJllep9qENsTykTTGeSY4iCtvrRhaVWIDiSPFS9k9gKy12CVX7TLiEENohhuXtir0woLDnLgsGGFagSuq3qvGy3wb4pt1ONd29mM4gy1Yy6qm9QImrhzqLdPtQR2Zjod8NPYT-kjDjmONS1F3Dhi8nsBTdHcOLO2RKuFENJ3ptL1Hn2nq9d7xkV9lWyip7Z_wnWxB6uuCsuimmhYrnkVn0XLEf4w7gdEtLstI0lZkUc--OLo3fF12RmAPpuX3ZBSECI78YOyIMoi7jf1ECLxuQ2SiuY1kVVDUu23dKzTbwoh75X1Jqem1THXuGzctw3_ahwoXmdP_jiw9_bAgu9fHo8a7DfL0zn4OA_e-LIRApsODBW2CSBSrJ3bymlSK5Q1JYjmXBeN7Zda57DE1qXudMuUT6lkrIrGSUmVmTQx-clz395jtYZGpB1udcxhX7JeASxaFefN6Ppda5CiKyYBWSRjjkA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 85B3
0
23 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040101&jk=1279489878249558&bg=!ZWalZiLNAAY56aLOOek7ACkAdvg8Wkg1mK5hSSNJFbYZqtftIbP6_RRCdwUC7ZC9505PHqhCRn1gIgIAAADEUgAAAA1oAQcKAVPyAH7rGGh4PxoMO1jQdpn8WTX19Dh4fJAq8DiV08dq920CeVVJVRhcKyvrv_Sl3rCCpepAkp77itnrd4JE_DvTZBWWLJeRm-nF8TiltjVWm-lGQVzFEmKytSWHiqslGxmpuI8Y2VWaCuOwceUhyS-tzq3U0IYGtKbA08t1Vg4u9WHPpOyAMSx1NbOuIo2X0NhRXxRH3WOXTgsaVMwI2gcpH--JgT_6jMYbSb89e0xMpWs9_vM-PDxvjXZ3ABQt8f4sGQWx6eGSYBjmdLGaAT1_jOl44B9RwG0P3XHIV7tzJ0ArcadsUDFSHKzpwtcko8Vet5ViAHmIPv1xcd9Q9HxzRBoMmMyuCrRTtYGKbd_gy6d8mfVVSe4R4QELg-khztNmtcNIXRLhVDZksMwZ5mzj68JqdSLhFWjvpaKs66Ek5hAWj-mETmwKZF9RLcsvn59lPiGZAe1wqdMs5qIwpJCImfQjh_bjSh6k6pmWh_LflC76eF9Y46M9F8WKqQ9SvEzBRrGkkITGvRzu51kYQepz9g0R_KB-rlGcq0g5GA1hoJ-xYXYIx0vBiQeN_bsr8GSKHNRdunGoc7KHudFbmOxzq9klG6mwehOHRVXWhzeNfoKDwke2kGwA8_u35O2nym1BLmouR5nPEUfOesThwQFlzXKYpObQDkb06A8BRreJUN9YmLkS0OFV7fFqfaMGW2qPhMYPsMMV3dmkM0bPiwblRpOSuevGwZr_T9uzddAS1pX7pBdEt7bqRzUTZA7dNyWoxLOWhXL__RUL5RCoEIG0VxLmi8qEjW5qUIYYRdA0vDLR6CcKsC4dor1ENU8hJLzHMJxGaEW-ODecNnOybzzzQ7CsAZ5rL-hkUfNImc45KlHcOC1lV0A3hj5WGt58zX59aN_5XV87eH9QaFDk_5gCFX0cPeH0G4FBNovuh7fJSL5Au470Wqs0G4i1hd59LU9hvyNiqnsdwkZNrtfiYM4sOrXIAkI4RGdAyACV86uZhaEvy2aGcMEv-OdmT6aXCGSeoi9b6ZZbUuQd-U--DzZMWlGRFjxTYyQMdg-X7E0lWi7MbMk-8IewlpIld7lqgyVUXdCpwOU8GLDYvMci1_yOBTsH
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8B88
42 B
155 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXNd2PsznIHBCRQR3wlum9Ag6CA-eqK9N5p0luTkylq6uXVAKNeTKs57k7fM0qtqEbAAsPuXRXGxQ5FirZushJ0cx9ypgwU3X6pywjuNfDp7tZJqcxKc6kRZm2mNs7fPMrw1F_k6zSkWTICuEmikeA&sai=AMfl-YTpiiQnccxPKj-s82Ebwcczm9MZ64g8733-0vBnQCNRzxM1YBhJW--LC3I5tmIQ4t_ArpmGlmmSUCbPqOzfJibylQ0l1xDOMeAVIOaD70Obgc5-6w9ekSICrfsPH1o&sig=Cg0ArKJSzI-829nDq1ufEAE&cid=CAASPeRoNmUvcXXuP7jhSdLwZBwXfacNtS7oQBp5Zr9QFB9PbfqcvYIdwKKxpYfrpRE_DCvNcfIi_nkjbaqdMEc&id=osdim&mcvt=1003&p=0,0,600,300&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210405&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=77475313&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617812747330&dlt=14&rpt=141.67499914765358&msd=0&r=v&uup=0&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0368
42 B
89 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueyK0i5loi9kbdNa175eVvV0BVWlQ-UU5VA23KbZGSzjMskkFo5kgnamX1VUyEABFmBcm4LM0ZqfCtOGlXb4LQmtqdJi8Nd2Ppyu13aws&sig=Cg0ArKJSzON8F54JJkzSEAE&id=osdim&mcvt=1001&p=36,436,126,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210405&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2725430866&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617812747903&dlt=0&rpt=146&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9a2d7112c61c8f2fa204827aade5c37e.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/ Frame DCA9
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12449698153975860630/Subsite-IC-CC_A_EN-300x600px/media/9a2d7112c61c8f2fa204827aade5c37e.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c26721426517d82d89c7879d5ef24b2ddaad65eaca9386df4891e416bc3420f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
556382
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
971
x-xss-protection
0
last-modified
Thu, 25 Feb 2021 07:59:08 GMT
server
sffe
date
Thu, 01 Apr 2021 05:52:49 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Apr 2022 05:52:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DCA9
0
446 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=187.0000&a1=https&f1=layout_html&s1=0&d1=16.0000&i=500858189206&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F12449698153975860630%2FSubsite-IC-CC_A_EN-300x600px%2Findex.html&qqi=COLD35DG7O8CFRo-4AodLUYN3Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 16:25:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| pb_tumgir.com_970x90_sticky_anchorad_desktop object| us_tumgir.com_970x90_sticky_anchorad_desktop object| ADAGIO function| s function| m0bb function| w0FF function| f022 function| O0bb function| x3nn string| GoogleAnalyticsObject function| ga function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share object| addthis_config object| webpackChunk_N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E object| __BUILD_MANIFEST object| __SSG_MANIFEST object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| __@@##MUH object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| len object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

12 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUk5SIBF881WhVRyrox9lYnXKIR-AK18AP52_lXGCI04OD6NaYjUH5_8_YGErnE
eus.rubiconproject.com/ Name: pux
Value: 1512%3D98753%262249%3D98753%262307%3D98753%262974%3D98753%26idl%3D98753%262249-DV360-Hosted%3D98753%26brx%3D98753%26goog%3D98753%26
.tumgir.com/ Name: _gat
Value: 1
.rubiconproject.com/ Name: audit
Value: 1|3dwyxT4/Yr9qqmiLcnNCZoV4PKLPJVogloKlLUrIR496eP0zD2PV8GE8Hl1Mo8Tv2GgT32LI87rqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.rubiconproject.com/ Name: khaos
Value: KN7NXSEL-1Q-HLCF
.tumgir.com/ Name: __gads
Value: ID=6745cb686f1a7868:T=1617812747:S=ALNI_MYBvNt8cfzjw5M-xl2U63Yd6NAA0g
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.tumgir.com/ Name: _gid
Value: GA1.2.2069373855.1617812747
.tumgir.com/ Name: _ga
Value: GA1.2.2005154171.1617812747
www.tumgir.com/ Name: __atuvs
Value: 606ddd0aea58cfd9000
www.tumgir.com/ Name: __atuvc
Value: 1%7C14

1 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.tumgir.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

303e5f6e13de36fc35aff54bff7a12aa.safeframe.googlesyndication.com
64.media.tumblr.com
68e5a17f876e4b1fcb991c5d89caa8a2.safeframe.googlesyndication.com
7e6c37430b76c030e065d96aeaee6c65.safeframe.googlesyndication.com
ads.yahoo.com
adservice.google.com
adservice.google.de
api-public.addthis.com
api.tumblr.com
assets.tumblr.com
cdn.ampproject.org
cm.g.doubleclick.net
d18g6t7whf8ejf.cloudfront.net
dmmzkfd82wayn.cloudfront.net
ertented.online
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
match.adsrvr.org
node.setupad.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-stag.setupad.net
pubads.g.doubleclick.net
s7.addthis.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
stpd.cloud
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
v1.addthisedge.com
va.media.tumblr.com
widgets.pinterest.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.tumgir.com
z.moatads.com
104.111.230.142
104.131.46.126
108.129.45.237
13.32.23.169
142.250.185.98
151.101.36.84
152.199.21.147
159.89.25.223
172.217.18.98
184.30.21.162
184.30.24.107
185.29.135.234
192.0.77.3
192.0.77.40
23.37.42.132
2600:9000:2057:7e00:6:2e3c:5fc0:21
2606:4700:20::681a:b5d
2606:4700:20::ac43:44a2
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200a
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
35.244.174.68
54.237.125.12
69.173.144.138
69.173.144.139
69.173.144.165
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
057f63afb012452bdc4bc1e51e067993dc667e49dad07dae7d041ae99beae778
06b07f078cefc254bc18dd22273f6e9e58521257b395a2614c89567ad0b2560d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
0d5d7ac369c22eb5f80d24484369bc71ff59061c46f204fd0dc147150552c228
0e99b5a8d2aa72a72ef69dc973c4aa755f6bfa2bbcaeef87c0fe464258f2b351
100b6f6b8b50473a692d1b32926a55df5f24eefc13f63141bd7bd1a323653369
13a51d932ed378188705602f8f4f6b42b50123c86aedc01b284adecc538dfd25
18070ec05aa1fbbeaae382050d03705bc2025b2f0c0beb0092012d86daad2a61
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c55ebc35b281da4a20c75a93ace05c8ddcbb2f9764d32f255f8dac79bcd2a7b
1ea77a57ca0b95c035c3eca9f0660e8580c8fae6b89681276edeae9f0093c45a
2072831dcd870cdb187134a38a9922aafbda03a94cce8408e9c6a452a1772fad
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
2226817fa4c105adcb289f1dd78fd1353bacf8b7a467517b8b7cf2a554ab16d0
22b54d681d4cdc8b12561c2e222cc5081ce0ff39795bba9677158028db84618d
2dec7955e2c09f75a338ebafbda202d86820c13964e97eb41d9110717cb9c15b
2f6cfa4f18cbd9d60d893fafcc320cdad165a6ee853bf1da88e914fa471f762e
33286a33dd55d0303e5eda261b22b53934f5c0488725b2e351d816e5a84c4c9d
33df4c2e930aed93451e88270191f32f57f4a861806ec322a2144f728663f496
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37547a546685340849a0625000729d08a5d7e5e66c53ff9065b84977fd1f431a
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4399ea76ac2797eb121205cf59643f766a4a111ba563758d5fada53e7f78558a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
475ef694f3a19bf8715e514643ef86fbddd9f2fdd70cfee4521dad97afd811e7
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a5725a6ef4f317380626d19baf09ca63dddcab2fb6fadf69e5dec42010d40df
5c52a69e6cc8fa814e9ce202a9039ce0de09a30263e8ee76305ebb1890ea6be1
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66
5fa5e01e38d554ca21f9c4aa9e7a6345d7d8f017520925a73648e4f3ee3a7b79
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69f976ee5ca0a16cdc3ad7aeaf5347a9a695152065f4166dcee520d36a523ef5
6a27286ad9ae8f6b660c57d19e3a7500464f0ea8acb70d1ad424b1a07bbcf105
6e21714273010a449616624fad38442cb3a35a20625cbbce0780c7da0c67ef4e
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6f72fb9ef6d4e8e66630e4e9d16fd85dc80eb3fdf6656519deed3a9e88758443
700e9d84f223718a795369a283fe07f8d2c2d626aa883993a80974abbb60edfd
720ab0a9951974a890813d1e01c1dcd366f54848e6698f0ab480e890ce8df484
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
77bc0d1c5e227bb4b26ce12fc045b61307495d61317fb121571de80294c7ebec
79098f88c1786bfdf3965ecdabf9d91c45f40f059be90f15e138b09ca0c2e3a5
7a0b812fb0d90bd947ef86652460679b22481e9b9122bae19bcfa0d18b504d48
7c26721426517d82d89c7879d5ef24b2ddaad65eaca9386df4891e416bc3420f
7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002
7dcedf4c8826a82562d22422980dc92e281cbb1962f9e027f8cf91f2f8b8797d
7f2dde4dd23d7108fd3cdfec4b53ec8d2e5cd76f9f2fa551fdfc40d36910f428
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
842fd99acd0ab8b7df9e91adb905c588e55c34506783b2876833a1753ccdbd58
846ebae4909cae3822f281adf6a0e47b459f90e7984381fcc91e42432df4791d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
93f965d3bc757cda81de1a729bd4aa249e83e807cba24884ae09c7b088f039f1
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
a04709563ec1d86a4591aa022c3ddec0acc38afb24763affd3b82401473f8ed8
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a40cdd6e5d27df9240d37e3fc431dbd107aa2f8d508f8022f88f7131ba930fbc
a45fe4cdd10cd8acacc426def5b29046ed9b70ef900ea7cb8e808ad7d2974af4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae3772004d4ea08d89a4eeac003bd02b3d311baad221079f3bf2fb9236b74da9
b1407278f2000cc72b2c477790dd5b22eb51167d6dafc9ddc1c31b81b12a3434
b2a4352595bb834d956d7ae260ecf56b9f1b9785b46f3314ed7b82ef506b2f00
b309bc576a89bb39717b298e99dd678c182c3923a30446f4e73d339b89b39803
b3d016a26b6f5e60d62038b0e6415a0e329c1929cef2603d880323d02a842d47
bcd3c6f15cd0b683cddac2f8d72db2821954e35b71e44dfda3c3366daae5430c
bf97d54048ff565046af3d9dbb31300a9b12c8a3b8e3ac73a49abef835c7d225
c4b10af72961e44217d47661629dbf312333e1773a115ffd1eea8f7bc6fadc27
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6d0cdf7893b5073a5ee554e24d8defd2223d4643638fa084323849b73a5511b
c701ea84a84ea04a94ee44556a004a201d9b62564b043ebf1515c2d2627ea38c
c7c83afdc4e1d616c560c926d27d69c570612e131138b535fab2613773f6f153
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cccc8917674b72efa6842b9766e6c7138b3f9d6eee75da0dc5eafb39f32d4be1
ce5bf385a911f710c9e4e84e08586c99c0abb8f749ea5bb2565588bf617cbb7d
cf53d9e77b7e01c56ce4d008b3717cdc6878a4db1447e89b68f359dbfe196925
d241fba233fcca3e29f0bf55bc0c6cabbb4354dbd77935c8e0cda11aa0d1b770
d2c254d122ad8059772e7d216e5a3b677738c0f1d28f40d738f8a2ada654a7ef
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d915e2ab9725531064cdc0d9805a5e5d6621a51fb6645d9e2721224e66c1ee2c
db1b6637e9ecea50f1cfd55176ac83f478cb45b977aa06094cc5f78677629ee8
e0518695a30c166fb5ef9104028ce570005450472c3f120a7d2904fae59f2423
e271df2a3400788e8fe92cb51022cf119b04aabe9bc5fa07b9439d3bf03cd419
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e903ad3f02d5e1e8872d0614b28a947649dca80890e8e639d9e71d7c107711a8
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7adec8308bdea24dcd098842482f008ee00566b274197eb826f49f48e50953
efd51931d74217a3e0509d427bbfccdd15d6cda58eb0420a0f99ec7bd8be4e9a
f39e72543d96597123db564b645092680c6487a64761dd0795db3c8fc12da104
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f9fbf1ee2fcf0d569186a9ac283093db220882e8c16257882c5277949c6f5b83
fa0fbb38e12c743b2cfafc9750b1bb584f30a014a4c7beef0024efad8f7f64a4