www.tumgir.com Open in urlscan Pro
2606:4700:20::681a:d2d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tumgir.com/
Effective URL:
https://www.tumgir.com/
Submission: On July 06 via manual (July 6th 2022, 7:16:45 pm UTC) from CA — Scanned from CA

Summary HTTP 137 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 37 IPs in 2 countries across 35 domains to perform 137 HTTP transactions. The main IP is 2606:4700:20::681a:d2d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tumgir.com. The Cisco Umbrella rank of the primary domain is 372354.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2022. Valid for: a year.

This is the only time www.tumgir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:46b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:20:... 2606:4700:20::681a:d2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2008	15169 (GOOGLE) (GOOGLE)
5 5	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
18	192.0.77.3 192.0.77.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.192.100.168 54.192.100.168	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:216... 2600:9000:2162:d800:6:2e3c:5fc0:21	16509 (AMAZON-02) (AMAZON-02)
1	18.67.65.125 18.67.65.125	16509 (AMAZON-02) (AMAZON-02)
8	173.223.56.138 173.223.56.138	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
1	107.22.28.167 107.22.28.167	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
1	13.225.223.64 13.225.223.64	16509 (AMAZON-02) (AMAZON-02)
1	44.195.137.121 44.195.137.121	14618 (AMAZON-AES) (AMAZON-AES)
4	2606:4700:303... 2606:4700:3030::6815:2dcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	18.67.65.44 18.67.65.44	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700:303... 2606:4700:3032::6815:3217	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:820::200d	15169 (GOOGLE) (GOOGLE)
1	96.16.30.5 96.16.30.5	16625 (AKAMAI-AS) (AKAMAI-AS)
2 7	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
8	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
8	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
11	18.191.18.246 18.191.18.246	16509 (AMAZON-02) (AMAZON-02)
3	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
2 2	54.173.186.243 54.173.186.243	14618 (AMAZON-AES) (AMAZON-AES)
3 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	68.67.161.207 68.67.161.207	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	23.1.200.83 23.1.200.83	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.105.42.146 104.105.42.146	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	69.12.8.74 69.12.8.74	11742 (SPOTX-IAD) (SPOTX-IAD)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2006	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
6 11	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	52.218.228.67 52.218.228.67	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a05:748f:342f:de84:27ec	14618 (AMAZON-AES) (AMAZON-AES)
2 3	52.94.223.167 52.94.223.167	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
137	37

1 2606:4700:20::ac43:46b2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tumgir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:d2d (United States)

ASN13335 (CLOUDFLARENET, US)

www.tumgir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.77.40 (San Francisco, United States) 5 redirects

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

api.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

64.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.192.100.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-100-168.ewr53.r.cloudfront.net

d18g6t7whf8ejf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2162:d800:6:2e3c:5fc0:21 (United States)

ASN16509 (AMAZON-02, US)

dmmzkfd82wayn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.65.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-125.iad89.r.cloudfront.net

video-serve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 173.223.56.138 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-138.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.28.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-28-167.compute-1.amazonaws.com

mefagetobri.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.223.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-64.jfk51.r.cloudfront.net

ospicalad.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.137.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-137-121.compute-1.amazonaws.com

subsectivexe.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::6815:2dcf (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.67.65.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-44.iad89.r.cloudfront.net

nedaugha.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3032::6815:3217 (United States)

ASN13335 (CLOUDFLARENET, US)

nedukeratio.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::200d (New York, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.30.5 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-30-5.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.130.137 (United States) 2 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ck.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cks.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pl.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.191.18.246 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-191-18-246.us-east-2.compute.amazonaws.com

capi-tier-2-us-east-2.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::200a (New York, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.173.186.243 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-186-243.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.161.207 (Brooklyn, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 802.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.1.200.83 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-200-83.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.105.42.146 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-42-146.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.12.8.74 (Ashburn, United States) 2 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2006 (New York, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 69.173.151.100 (United States) 6 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

connatix-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.228.67 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

webpick-cdn.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a05:748f:342f:de84:27ec (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.223.167 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.177.54 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	connatix.com 2 redirects cd.connatix.com — Cisco Umbrella Rank: 3762 cds.connatix.com — Cisco Umbrella Rank: 3876 capi.connatix.com — Cisco Umbrella Rank: 4121 ins.connatix.com — Cisco Umbrella Rank: 5441 capi-tier-2-us-east-2.connatix.com — Cisco Umbrella Rank: 5283 vid.connatix.com — Cisco Umbrella Rank: 4773 cks.connatix.com — Cisco Umbrella Rank: 5405 img.connatix.com — Cisco Umbrella Rank: 4572 pl.connatix.com — Cisco Umbrella Rank: 7015 ck.connatix.com — Cisco Umbrella Rank: 6210	1 MB
23	tumblr.com 5 redirects api.tumblr.com — Cisco Umbrella Rank: 32429 64.media.tumblr.com — Cisco Umbrella Rank: 13210 va.media.tumblr.com — Cisco Umbrella Rank: 49276	20 MB
14	rubiconproject.com 7 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1036 eus.rubiconproject.com — Cisco Umbrella Rank: 573 token.rubiconproject.com — Cisco Umbrella Rank: 711 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 993 pixel.rubiconproject.com — Cisco Umbrella Rank: 336	17 KB
10	nedaugha.buzz nedaugha.buzz	12 KB
10	tumgir.com 1 redirects tumgir.com — Cisco Umbrella Rank: 372224 www.tumgir.com — Cisco Umbrella Rank: 372354	54 KB
8	nedukeratio.lol nedukeratio.lol	3 KB
7	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1484 m.addthis.com — Cisco Umbrella Rank: 1421 api-public.addthis.com — Cisco Umbrella Rank: 4298	218 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1274 s.amazon-adsystem.com — Cisco Umbrella Rank: 286	5 KB
6	cloudfront.net d18g6t7whf8ejf.cloudfront.net dmmzkfd82wayn.cloudfront.net	177 KB
5	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 Failed	156 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71 imasdk.googleapis.com — Cisco Umbrella Rank: 425	739 KB
4	freychang.fun freychang.fun — Cisco Umbrella Rank: 25689	202 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120	38 KB
3	rlcdn.com 3 redirects id.rlcdn.com — Cisco Umbrella Rank: 635	504 B
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 367	1 KB
2	openx.net 1 redirects connatix-d.openx.net — Cisco Umbrella Rank: 6471	94 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 501	1 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 408	2 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 474	1 KB
2	google.com accounts.google.com — Cisco Umbrella Rank: 116
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	gstatic.com fonts.gstatic.com	32 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 395	572 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 479	985 B
1	amazonaws.com webpick-cdn.s3.amazonaws.com — Cisco Umbrella Rank: 212078 Failed	3 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	17 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1711	680 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 406	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 96
1	subsectivexe.xyz subsectivexe.xyz	37 B
1	ospicalad.buzz ospicalad.buzz	491 B
1	mefagetobri.top mefagetobri.top — Cisco Umbrella Rank: 542414	23 KB
1	video-serve.com video-serve.com — Cisco Umbrella Rank: 168794	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	28 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	40 KB
137	35

	Domain	Requested by
17	64.media.tumblr.com	www.tumgir.com
11	capi-tier-2-us-east-2.connatix.com	cd.connatix.com
10	nedaugha.buzz	d18g6t7whf8ejf.cloudfront.net dmmzkfd82wayn.cloudfront.net
9	www.tumgir.com	www.tumgir.com
8	nedukeratio.lol	www.tumgir.com d18g6t7whf8ejf.cloudfront.net
6	vid.connatix.com	cd.connatix.com cds.connatix.com
5	pixel.rubiconproject.com	2 redirects eus.rubiconproject.com
5	token.rubiconproject.com	3 redirects eus.rubiconproject.com
5	api.tumblr.com	5 redirects
4	cks.connatix.com
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	capi.connatix.com	cd.connatix.com eus.rubiconproject.com
4	cds.connatix.com	cd.connatix.com
4	freychang.fun	d18g6t7whf8ejf.cloudfront.net
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	pagead2.googlesyndication.com	srcdoc
3	id.rlcdn.com	3 redirects
3	match.adsrvr.org	3 redirects
3	securepubads.g.doubleclick.net	cd.connatix.com securepubads.g.doubleclick.net
3	api-public.addthis.com	s7.addthis.com
3	s7.addthis.com	www.tumgir.com s7.addthis.com
3	dmmzkfd82wayn.cloudfront.net	www.tumgir.com nedaugha.buzz
3	d18g6t7whf8ejf.cloudfront.net	www.tumgir.com nedaugha.buzz
2	connatix-d.openx.net	1 redirects
2	cm.g.doubleclick.net	eus.rubiconproject.com
2	sync.search.spotxchange.com	2 redirects
2	eus.rubiconproject.com	cd.connatix.com eus.rubiconproject.com
2	secure.adnxs.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	accounts.google.com	www.tumgir.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	ck.connatix.com	1 redirects
1	pixel-us-east.rubiconproject.com	1 redirects
1	webpick-cdn.s3.amazonaws.com
1	pl.connatix.com	cd.connatix.com
1	s0.2mdn.net	imasdk.googleapis.com
1	img.connatix.com
1	secure-assets.rubiconproject.com	1 redirects
1	ins.connatix.com	cd.connatix.com
1	cd.connatix.com	1 redirects
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	www.facebook.com	www.tumgir.com
1	subsectivexe.xyz	mefagetobri.top
1	ospicalad.buzz	mefagetobri.top
1	mefagetobri.top	www.tumgir.com
1	va.media.tumblr.com	www.tumgir.com
1	video-serve.com	www.tumgir.com
1	cdnjs.cloudflare.com	www.tumgir.com
1	www.googletagmanager.com	www.tumgir.com
1	fonts.googleapis.com	www.tumgir.com
1	tumgir.com	1 redirects
137	57

This site contains links to these domains. Also see Links.

Domain
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-09` - `2023-04-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.media.tumblr.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
video-serve.com Amazon	`2022-01-26` - `2023-02-24`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
mefagetobri.top R3	`2022-06-29` - `2022-09-27`	3 months	crt.sh
ospicalad.buzz Amazon	`2022-06-22` - `2023-07-21`	a year	crt.sh
subsectivexe.xyz R3	`2022-06-30` - `2022-09-28`	3 months	crt.sh
nedaugha.buzz Amazon	`2022-06-22` - `2023-07-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-16` - `2022-07-15`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.tumgir.com/
Frame ID: 26FF0C4712B79A8BD751E7FBEF739E03
Requests: 89 HTTP requests in this frame

Frame: https://nedaugha.buzz/REdhVHQlJQI5SyV6A3IBNitccUYCYlMSEHV/BmIAczAJMkwhLQd6FygoFDASNigPIFoqIhVxRgIwBWYYDiZRIyEGLgIaFzMKIBgiHncwOAAzHyk8JgU9DhE9IyM0EQ0JIiAsAwoNNTtRdgUjPjkNBQoZBiY/WWYxdRVUACcFECMtQRMmCR08Dys7bSEVIBUXLAIDNS5EJg4ZLCEUBjQ7MSN/BhYnLxM1LgMPJDM7MwkwKDMzMy8SAyU0BDNnGAshCjA2FCAoPTEzHkRmNgMADRIjFyQHNSESHQQSAC0VUSxCDxANEiMQcyIdHwIjAxITCxINIEEBdBEQJQNqGQ4SBh47GyUnNyAVAzYGIgEwEA8SIBERFQQORSxxNDgAcRYYNxIMFDAcFRESEDYyKH8mIzUtAww4MhMUVRs4PDAmDTFxYlMWJjMoCRMnCSYlEwweBAoOLiEsN2wjEj9UDCw8HTkcBAshCjcVDwZRIDYVBRIDJTQENjpBAiFREiQUATttUi40DjoEeR0pBgAxAy8iPSs9Ah5ABg
Frame ID: 84EBB2F6D50BF0C767FFFB9676A223DC
Requests: 2 HTTP requests in this frame

Frame: https://nedaugha.buzz/N2ZmUG5WBAU9UVZbBHYbRQpbdVxxQ1QWCgZeAWYaABEONlZSDAB+DVsJEzQIRQkIJEBZAxJ1XHE8BxQnBytVASJvMBYGPU8eBAUvAis+ASt2J1YWIWAjAjMpXwE2NigHMiMRHng1NwUgdTA/Bi91LDETP3k1JBYgVjAjPCFhVxYBPWENMwY4VDEwATdkNBEBJmA3CgIpdjQwASgDAicGKHEgNxUkc1cKMypQIAMHKH00MT4/dS4zAiB2JzcyL0AgBQUoQCIhKA1wJx4/DXERPxQ8YQEFEixtLi04DXAnER0sbycvGDthEhEVP3EjIxE/diEKFg92CksGKnUnNAg/Bj8xEV9DJyA7N0IkETMrYAoVFStmICMBKFsFNCgFciARChliMAkTOXEJABQ8VCEnKCN5MzBpDW8zVhEscScFFwIGPDA8KFYCJwUqZVY/EylQPCMICX4HJDsKeScnAi9xN1MEPFsWNAcAZiQnFSBwJzcZOHYwMxRIXRUJPh4KLgg3Fg8cHCELAAQ
Frame ID: 830A563D017B253882A7E217C451B496
Requests: 2 HTTP requests in this frame

Frame: https://nedaugha.buzz/NHBacFBVEjkdb1VNOFYlRhxnVWJyVWg2NFkdIBs2UEhoBzFNHnQTPFsFPhYiWx4uXj5RBH9CFl0laRQaezQbBxd3FD80KVcVFiEFfikPKmh3FzJBGGAAAig5ejsQGxpsMjBIM2cbOSUeYB8VNjlXPhYhBXUUCAM/Yhw+BQVnCA0lYgE3OEE8YT0PAGl8GwsaF3c5HCETZSMKHChnORhEKGEiAx0WWiIMKClfFRAmAmYUMSUAcCJvGgVaAxM3E2UVEEEoUjobIiN3FxtJEQYHETEXfjgABzdiKR4mI3cXGxsYXRMVMhhuNRkIYHcpLUl1BjYeMjwGIgJdPG4hGT0yeDVjJh1mBz0kEmIYFygneDJpQRVSCGozCQVIMyUVZVVoMhcGBxETY242PyYCbj8YOiN3FxtAFV0ADihjRCM/BzhgPy0lPWImDEICZUgQMRd2Kj8iCXIpajZlchcMFwVaAxMhKn0iETUgbhQxJQBwIRQbB2wfFTY5bjs/MTd2Kh8qaXUxGAECbBcRMmJ2NDkhdl4DNR4gCR8gFwV8JSgHF3YDbA
Frame ID: 9719726E1A4A973C0DF17E16614E5CDD
Requests: 2 HTTP requests in this frame

Frame: https://nedaugha.buzz/Mms3MW9TCVRcUFNWVRcaQAcKFF10TgV3C18GTVoJVlMFRg5LBRlSA10eU1cdXQVDHwFXHxIDKVckYn8aZix5UCNzKkZpKgIadF8pUC9/cw5ULWJXJGBbXXU6Xk4FcywBAE5UGFEMflYXeC50XiB1B2IDPHYMbWk3Bw5WVlZrJ2ZdF2A9QEUrai1keRZ7IHtdW3wxZUIbagdmQilxPmdnPHgnUVg6fwlhBB9nOltDKGE+eWk8RTFnATZ+CEBwW2AMQ0s3ARN5cjhoD3NaNn4IT1oDdjoOAjwBU195J3QOeXc6fApcRUoAKWIACEgjXnAoZgJufCVFG3lrAx8cfGcIQltmeVZkI393CmgqX2MhRSZQYwhBKmQCWmY9ZF4peT5ufQxFAEdwKXsYZQMDYChkcChiDE9kJVkfEgMteDpfSzdlIWN3XGgOUl0iag9bAB9nOlxGK0sEdGIWQidRWDp/CHFdBmcqDl0oAS1kcjd4MVFnDHAIBlVKACliVhsCM29ZDRQBRF4BQlZSBD5wL3lfAEI4c3MWXh4
Frame ID: B58C1B537595C728CFFEDEBFEA490891
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 4069996C197E8A3D45056A49C823B025
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 759E4C6EB1F519244F35DDB7FE1138DB
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/169009/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Frame ID: 5E3072228E409D86C2DCA5313642473E
Requests: 27 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Frame ID: ACDC0DFC14AA47C5B865CCD2A1BCD622
Requests: 12 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.520.0_en.html
Frame ID: A418DC78529900A56BA7491EAC0B26D5
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.520.0_en.html
Frame ID: 18DFF7BEAFE8ECFD3F1C20570D883D1F
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.520.0_en.html
Frame ID: 40BF3FBDD61A3087BBDD7CC657A1478C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9278299FAF204621565A0100388D243A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DE11C55A7E25E44CF6DEB17850E17B1D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FE6BE573B4C9E6A9273EE5FB69687C5D
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: DAD67BF08D3158BE5A7461EAA4466654
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tumblr Online Web Viewer and Statistics | TumgirFacebookTwitterPrintEmailAddThisFacebookTwitterPrintEmailAddThis

Page URL History Show full URLs

http://tumgir.com/ HTTP 301
https://www.tumgir.com/ Page URL

Detected technologies

AddThis (Widgets) Expand

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

137
Requests

82 %
HTTPS

38 %
IPv6

35
Domains

57
Subdomains

37
IPs

2
Countries

24259 kB
Transfer

29500 kB
Size

37
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tumgir.com/ HTTP 301
https://www.tumgir.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://api.tumblr.com/v2/blog/magnoliay.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/2786ae91ecd7d2cd3ee9c970c3bdeaca/2af130f356f00e40-5a/s128x128u_c1/36761197dc6376875e041170d715cbf3ce66750d.jpg

Request Chain 4

https://api.tumblr.com/v2/blog/plumbobbreezy.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/f2d853c62d20cbd57cf47964e74e023a/1a17edea013fd3a9-3d/s128x128u_c1/8b141ec4fb0936a6a1ed28923792bf56773a553a.jpg

Request Chain 5

https://api.tumblr.com/v2/blog/otome-imagines-and-asks.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/454f6d5d054f309e820e31ac486986cc/77a00605b520f847-0a/s128x128u_c1/c5e16e0f8b389da50c1dc64532f2f26611a10555.jpg

Request Chain 6

https://api.tumblr.com/v2/blog/sapphire-innit.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/0aa0b4348596aadf827c671827262405/4a6aa781b454a81a-e6/s128x128u_c1/48f4aaada3b199b977133de625fdf378e4df7d6d.png

Request Chain 7

https://api.tumblr.com/v2/blog/greenfeelings.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_7f74ee18b3ef_128.png

Request Chain 79

https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 HTTP 302
https://cds.connatix.com/p/169009/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

Request Chain 94

https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3d288a06c2707f49799963594c33990454%26pname%3dBeeswax%26api-tier%3d2%26uid%3d{userid} HTTP 303
https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D288a06c2707f49799963594c33990454%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&_bee_ppp=1 HTTP 303
https://cks.connatix.com/cks?pid=15&ev=288a06c2707f49799963594c33990454&pname=Beeswax&api-tier=2&uid=AABynk7Fi78AABJPo1a-Zw

Request Chain 95

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
https://cks.connatix.com/cks?pid=19&uid=820ad0bc-9ffe-442f-bccb-cd2e073ed88c&ttl=1659726999

Request Chain 96

https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3d288a06c2707f49799963594c33990454%26pname%3dAppNexus%26api-tier%3d2%26uid%3d%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcks.connatix.com%252fcks%253fpid%253d6%2526ev%253d288a06c2707f49799963594c33990454%2526pname%253dAppNexus%2526api-tier%253d2%2526uid%253d%2524UID HTTP 302
https://cks.connatix.com/cks?pid=6&ev=288a06c2707f49799963594c33990454&pname=AppNexus&api-tier=2&uid=8115938062753814876

Request Chain 97

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Request Chain 98

https://id.rlcdn.com/712202.gif?cparams=288a06c2707f49799963594c33990454 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCJe_l5YGEgUI6AcQAEIASiAyODhhMDZjMjcwN2Y0OTc5OTk2MzU5NGMzMzk5MDQ1NA HTTP 307
https://capi.connatix.com/core/us?UserId=288a06c2707f49799963594c33990454&DemandPartnerUserId=&DemandPartnerName=LiveRamp&DemandPartner=27

Request Chain 99

https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d288a06c2707f49799963594c33990454%26pname%3dSpotX%26api-tier%3d2%26uid%3d%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d288a06c2707f49799963594c33990454%26pname%3dSpotX%26api-tier%3d2%26uid%3d%24SPOTX_USER_ID&__user_check__=1&sync_id=299061c1-fd60-11ec-9dda-17e4c8e50503 HTTP 302
https://cks.connatix.com/cks?pid=10&ev=288a06c2707f49799963594c33990454&pname=SpotX&api-tier=2&uid=2990614b-fd60-11ec-9dda-17e4c8e50503

Request Chain 103

https://connatix-d.openx.net/v/1.0/av?auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=www.tumgir.com%2F&cb=215d0f86-3435-4101-b3eb-e181ec3ee17c&vwd=522&vht=293&gdpr=0&gdpr_consent=undefined&us_privacy= HTTP 302
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=www.tumgir.com%2F&cb=215d0f86-3435-4101-b3eb-e181ec3ee17c&vwd=522&vht=293&gdpr=0&gdpr_consent=undefined&us_privacy= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTEzZGUxZDAtMTEwYi02Y2YxLTUzYzktMDc0NmU5MDA3MTY4&gdpr=0&gdpr_consent=undefined

Request Chain 123

https://connatix-d.openx.net/v/1.0/av?auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=www.tumgir.com%2F&cb=215d0f86-3435-4101-b3eb-e181ec3ee17c&vwd=522&vht=293&gdpr=0&gdpr_consent=undefined&us_privacy= HTTP 302
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=www.tumgir.com%2F&cb=215d0f86-3435-4101-b3eb-e181ec3ee17c&vwd=522&vht=293&gdpr=0&gdpr_consent=undefined&us_privacy=

Request Chain 131

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&khaos=L59ZE5V0-17-B5FH HTTP 302
https://ck.connatix.com/cks?pid=11&uid=L59ZE5V0-17-B5FH HTTP 302
https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L59ZE5V0-17-B5FH&UserId=

Request Chain 135

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5WkU1VjAtMTctQjVGSA==

Request Chain 136

https://id.rlcdn.com/709414.gif HTTP 307
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e

Request Chain 137

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=820ad0bc-9ffe-442f-bccb-cd2e073ed88c&gdpr=0&gdpr_consent=&expires=30

Request Chain 138

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/e2lgU_UzRjeYkQZvpLNwpsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1094618738801371895

Request Chain 139

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=6_GufSZWQTWSmfXefogZGw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6_GufSZWQTWSmfXefogZGw

Request Chain 140

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L59ZE5V0-17-B5FH

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPPK-CqtgjnG9z9QC1r1Kcs&google_cver=1

Request Chain 142

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8JOSl8jpRh-gjxXF1yQhag&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8JOSl8jpRh-gjxXF1yQhag

137 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tumgir.com/
Redirect Chain

http://tumgir.com/
https://www.tumgir.com/

27 KB
6 KB

126ms
53ms

Document
text/html

2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: aa4c8c8c012d22889162ecb13f2754112a44cbe58e48e300ac3bd4731a50dbd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 726aad01ca65ca47-YUL
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 06 Jul 2022 19:16:36 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taoCc2b0NNKAuAzhiQpYYtVhjpbMMhEdyLRUlQrZaFegH9ID5FCtzTXCyziAThUef9c4cTcWNnrrW3rxd4CRQhUzikJYE7fM1rdti9iFCFniZ4MEqmwvgDCuQSt9j5CBPNXJDFdI%2FsQH9Psw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 726aad00f8574bd7-YUL
Connection: keep-alive
Content-Type: text/html
Date: Wed, 06 Jul 2022 19:16:36 GMT
Location: https://www.tumgir.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8qA8ueHegupMvByW6qPYKy720Vki5GpgRw4X8w3BXG0PQp0uH0oNj4Ae%2FD9jLju5CdzzzdxToQUaudzG74vuofxouz6rZU88GIyZkMSogW3SioXbMDS7BypXyeTnAmdTKnetA2%2FgEI%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 83ms
36ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 18:10:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Jul 2022 19:16:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Jul 2022 19:16:36 GMT

GET
H2 200 styles.css
www.tumgir.com/static/css/ 25 KB
6 KB 58ms
57ms Stylesheet
text/css 2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/css/styles.css
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 900c7b714900f91c891f0c028ae56f1cb0fae5bc5dcefaa9faaab784d6d3704e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:36 GMT
content-encoding: br
etag: W/"6264-180d8fcb48a"
cf-cache-status: EXPIRED
last-modified: Wed, 18 May 2022 21:04:41 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMYcYOj%2FIobJzCJgQaYjEAAVkpOjBhRak0ZydFf5KNm3qCzAZp4oD5WafRDkDdIr%2B4CtojsGPldmoBFuzZstGhLDC3T3lIS6oUfPgOobrqBLLS9%2BBeIyXBJkmB6dmRtqkmkDYab32%2Biuy7%2Fv"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 726aad022ad9ca47-YUL

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 110ms
49ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134279593-1

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e67c8b6e81e162c2854c9adeaefe3092a0bc6facc9416d5dbd9b3bb1cb32625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40335
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Jul 2022 19:16:36 GMT

GET
H2

200

36761197dc6376875e041170d715cbf3ce66750d.jpg
64.media.tumblr.com/2786ae91ecd7d2cd3ee9c970c3bdeaca/2af130f356f00e40-5a/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/magnoliay.tumblr.com/avatar/128
https://64.media.tumblr.com/2786ae91ecd7d2cd3ee9c970c3bdeaca/2af130f356f00e40-5a/s128x128u_c1/36761197dc6376875e041170d715cbf3ce66750d.jpg

7 KB
7 KB

542ms
541ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/2786ae91ecd7d2cd3ee9c970c3bdeaca/2af130f356f00e40-5a/s128x128u_c1/36761197dc6376875e041170d715cbf3ce66750d.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9ef12e480ed1cc9770e5165852ae34839d567a891ceb9170de2a064c9f512a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_2786ae91ecd7d2cd3ee9c970c3bdeaca_36761197_128.jpg"
server-timing: dc;desc=yyz, cache;desc=MISS;dur=524.0
content-length: 7190
x-nc: MISS yyz 3
last-modified: Mon, 23 Aug 2021 18:31:46 GMT
server: nginx
etag: "dadcda0e4103f0ab1b0993febd7d77f5-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

Redirect headers

date: Wed, 06 Jul 2022 19:16:37 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/2786ae91ecd7d2cd3ee9c970c3bdeaca/2af130f356f00e40-5a/s128x128u_c1/36761197dc6376875e041170d715cbf3ce66750d.jpg
x-rid: 13d7540ef729806093d851f9fb7ccfd2
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

8b141ec4fb0936a6a1ed28923792bf56773a553a.jpg
64.media.tumblr.com/f2d853c62d20cbd57cf47964e74e023a/1a17edea013fd3a9-3d/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/plumbobbreezy.tumblr.com/avatar/128
https://64.media.tumblr.com/f2d853c62d20cbd57cf47964e74e023a/1a17edea013fd3a9-3d/s128x128u_c1/8b141ec4fb0936a6a1ed28923792bf56773a553a.jpg

7 KB
7 KB

39ms
20ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/f2d853c62d20cbd57cf47964e74e023a/1a17edea013fd3a9-3d/s128x128u_c1/8b141ec4fb0936a6a1ed28923792bf56773a553a.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6e3006962e6c9969e212a85019d3af72dd13dd89b9d0036183b397b3306b7272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_f2d853c62d20cbd57cf47964e74e023a_8b141ec4_128.jpg"
server-timing: dc;desc=yyz, cache;desc=HIT;dur=1.0
content-length: 7359
x-nc: HIT yyz 1
last-modified: Sat, 11 Dec 2021 10:02:18 GMT
server: nginx
etag: "13e8ddd202492cbb4488b0477afeb48a-1498089600-81b500b"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

Redirect headers

date: Wed, 06 Jul 2022 19:16:37 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/f2d853c62d20cbd57cf47964e74e023a/1a17edea013fd3a9-3d/s128x128u_c1/8b141ec4fb0936a6a1ed28923792bf56773a553a.jpg
x-rid: b30689ba8822dbad77e07ff983975b30
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

c5e16e0f8b389da50c1dc64532f2f26611a10555.jpg
64.media.tumblr.com/454f6d5d054f309e820e31ac486986cc/77a00605b520f847-0a/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/otome-imagines-and-asks.tumblr.com/avatar/128
https://64.media.tumblr.com/454f6d5d054f309e820e31ac486986cc/77a00605b520f847-0a/s128x128u_c1/c5e16e0f8b389da50c1dc64532f2f26611a10555.jpg

7 KB
7 KB

276ms
266ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/454f6d5d054f309e820e31ac486986cc/77a00605b520f847-0a/s128x128u_c1/c5e16e0f8b389da50c1dc64532f2f26611a10555.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9a90c256e3006e98f176f8419862af3cfe5871c73fae736c7f77ed068e6c1e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_454f6d5d054f309e820e31ac486986cc_c5e16e0f_128.jpg"
server-timing: dc;desc=yyz, cache;desc=MISS;dur=218.0
content-length: 7049
x-nc: MISS yyz 2
last-modified: Wed, 17 Feb 2021 01:47:12 GMT
server: nginx
etag: "7c11b01bb3c3d5e736291746c980b3e5-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

Redirect headers

date: Wed, 06 Jul 2022 19:16:37 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/454f6d5d054f309e820e31ac486986cc/77a00605b520f847-0a/s128x128u_c1/c5e16e0f8b389da50c1dc64532f2f26611a10555.jpg
x-rid: 77c2fc3dd27247f885af1dae9e44eb1a
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

48f4aaada3b199b977133de625fdf378e4df7d6d.png
64.media.tumblr.com/0aa0b4348596aadf827c671827262405/4a6aa781b454a81a-e6/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/sapphire-innit.tumblr.com/avatar/128
https://64.media.tumblr.com/0aa0b4348596aadf827c671827262405/4a6aa781b454a81a-e6/s128x128u_c1/48f4aaada3b199b977133de625fdf378e4df7d6d.png

12 KB
12 KB

31ms
29ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/0aa0b4348596aadf827c671827262405/4a6aa781b454a81a-e6/s128x128u_c1/48f4aaada3b199b977133de625fdf378e4df7d6d.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6992fe867b191c3e29d2e6e1bd91794841fb8124f16456b4f21e3bc5387bf941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_0aa0b4348596aadf827c671827262405_48f4aaad_128.png"
server-timing: dc;desc=yyz, cache;desc=HIT;dur=1.0
content-length: 12143
x-nc: HIT yyz 1
last-modified: Mon, 27 Sep 2021 05:37:49 GMT
server: nginx
etag: "3883bfb6e60dec671be496279574c9e2-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

Redirect headers

date: Wed, 06 Jul 2022 19:16:37 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/0aa0b4348596aadf827c671827262405/4a6aa781b454a81a-e6/s128x128u_c1/48f4aaada3b199b977133de625fdf378e4df7d6d.png
x-rid: 87085537c48d481dec015c38a7647818
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

avatar_7f74ee18b3ef_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/greenfeelings.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_7f74ee18b3ef_128.png

36 KB
36 KB

39ms
20ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_7f74ee18b3ef_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3c083da53cef5ecd6b20e44011653fa8ded913996ef05e87d160ae669279ed1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="avatar_7f74ee18b3ef_128.png"
server-timing: dc;desc=yyz, cache;desc=HIT;dur=1.0
content-length: 36920
x-nc: HIT yyz 4
last-modified: Wed, 09 Dec 2020 14:08:35 GMT
server: nginx
etag: "8136beb765799054406fdc30716c3037-1498089600-66c08dc"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *

Redirect headers

date: Wed, 06 Jul 2022 19:16:37 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_7f74ee18b3ef_128.png
x-rid: 0f8fa828f84c27507037915f0b789ddd
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 2f3aff96fd0a7e8c1dc3c69c905a382f2c05e85d.jpg
64.media.tumblr.com/aa2c77bd37ffb7acc0ba35e99595a0aa/5b799e0a504e41cc-6a/s540x810/ 87 KB
87 KB 170ms
16ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/aa2c77bd37ffb7acc0ba35e99595a0aa/5b799e0a504e41cc-6a/s540x810/2f3aff96fd0a7e8c1dc3c69c905a382f2c05e85d.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2318b08c0ac9b50f420f9f723ed10fe5dcaf0de0ff8cc3bb497e55267e571afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_aa2c77bd37ffb7acc0ba35e99595a0aa_2f3aff96_540.jpg"
server-timing: dc;desc=yyz, cache;desc=HIT;dur=0.0
content-length: 88713
x-nc: HIT yyz 1
last-modified: Wed, 22 Jun 2022 17:25:08 GMT
server: nginx
etag: "f05d4ed94c701df76823c1df68c4df80-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 d36615fdba5e5fd20ffff7322318705a068a32ed.jpg
64.media.tumblr.com/3aa2649439fa9480589de2523591e6d3/175dd6a707815826-9e/s540x810/ 66 KB
67 KB 194ms
40ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/3aa2649439fa9480589de2523591e6d3/175dd6a707815826-9e/s540x810/d36615fdba5e5fd20ffff7322318705a068a32ed.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6abf296e6324f955f0e6cfa856032fa14b7df73b32b441b1b167ba714f11e879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_3aa2649439fa9480589de2523591e6d3_d36615fd_540.jpg"
server-timing: dc;desc=yyz, cache;desc=HIT;dur=0.0
content-length: 68038
x-nc: HIT yyz 1
last-modified: Sat, 02 Jul 2022 01:29:39 GMT
server: nginx
etag: "3ccd24b80f5ec9add6dd47e43766a7df-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 916f150b5b87b389582335caa90df1829f26bd2e.gifv
64.media.tumblr.com/c7f0bf7a411c607ddf9e15bb652117c3/d7c572d5019a007e-56/s540x810/ 6 MB
6 MB 161ms
40ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/c7f0bf7a411c607ddf9e15bb652117c3/d7c572d5019a007e-56/s540x810/916f150b5b87b389582335caa90df1829f26bd2e.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a47aedad957c4f8a041d0b7375d37e38ff48bba734deca40c2170548a2f86584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
strict-transport-security: max-age=31536000; preload
vary: Accept
content-disposition: inline; filename="tumblr_c7f0bf7a411c607ddf9e15bb652117c3_916f150b_540.webp"
server-timing: dc;desc=yyz, cache;desc=HIT;dur=1.0
content-length: 6210678
x-nc: HIT yyz 3
last-modified: Mon, 13 Jun 2022 00:35:19 GMT
server: nginx
etag: "4f4f18f96717fe6ee4c34fa26c58a1bd-1523937600-5586581"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 f9836d494b3364d705dbd00a24cbf7d6a53d868e.gifv
64.media.tumblr.com/4752c4daa347d0fb7d59c40f70e4b968/d7c572d5019a007e-93/s540x810/ 6 MB
6 MB 161ms
41ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/4752c4daa347d0fb7d59c40f70e4b968/d7c572d5019a007e-93/s540x810/f9836d494b3364d705dbd00a24cbf7d6a53d868e.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

443f8d3245404a97e768af7576937ca3d5a5b5915c6fcb6e866bf78440e21080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
strict-transport-security: max-age=31536000; preload
vary: Accept
content-disposition: inline; filename="tumblr_4752c4daa347d0fb7d59c40f70e4b968_f9836d49_540.webp"
server-timing: dc;desc=yyz, cache;desc=HIT;dur=1.0
content-length: 6705440
x-nc: HIT yyz 4
last-modified: Mon, 13 Jun 2022 00:35:24 GMT
server: nginx
etag: "ec74506b85919a5a0f98abae03940b56-1523937600-5586581"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 788b6bbf85f8b4c063a78d844e53b467cc5e9457.gifv
64.media.tumblr.com/b8245d3f8463c43a988ef2adb7b61c5a/a71be75c8d1c4290-6d/s400x600/ 4 MB
4 MB 161ms
40ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/b8245d3f8463c43a988ef2adb7b61c5a/a71be75c8d1c4290-6d/s400x600/788b6bbf85f8b4c063a78d844e53b467cc5e9457.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

dc874dac3438cc3efbec49a9e8cf330fa0501d908fb71e7297f756d032978373

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
strict-transport-security: max-age=31536000; preload
vary: Accept
content-disposition: inline; filename="tumblr_b8245d3f8463c43a988ef2adb7b61c5a_788b6bbf_400.webp"
server-timing: dc;desc=yyz, cache;desc=HIT;dur=1.0
content-length: 4484152
x-nc: HIT yyz 4
last-modified: Thu, 16 Jun 2022 02:13:54 GMT
server: nginx
etag: "0242e3b9050e36283734acb9efdcd65e-1523937600-5586581"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dcd442a6cdf14db653061c5342b967059b0b6dd9.gifv
64.media.tumblr.com/8ad29d2cb3fb05836bfdcf3145418091/a71be75c8d1c4290-46/s400x600/ 3 MB
3 MB 162ms
41ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/8ad29d2cb3fb05836bfdcf3145418091/a71be75c8d1c4290-46/s400x600/dcd442a6cdf14db653061c5342b967059b0b6dd9.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

20d421a5904ebf21c017c1e0182698cff1b9e594aa842127cb9d990cad30db84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
strict-transport-security: max-age=31536000; preload
vary: Accept
content-disposition: inline; filename="tumblr_8ad29d2cb3fb05836bfdcf3145418091_dcd442a6_400.webp"
server-timing: dc;desc=yyz, cache;desc=HIT;dur=1.0
content-length: 3152308
x-nc: HIT yyz 1
last-modified: Thu, 16 Jun 2022 02:13:57 GMT
server: nginx
etag: "d27f7d41d335167c6d00f58b92b35ac1-1523937600-5586581"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 b886df3c3ffcfe50136dc3c926b614acbfef26a7.jpg
64.media.tumblr.com/5a96ce61eb71ed8a2344adea967e7a8d/fb2e581795779db4-ae/s640x960/ 80 KB
81 KB 33ms
18ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/5a96ce61eb71ed8a2344adea967e7a8d/fb2e581795779db4-ae/s640x960/b886df3c3ffcfe50136dc3c926b614acbfef26a7.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

67273ce5233da6f9c8373efe074c8f3c903594543fb4294c7f9693aa56e8ad70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_5a96ce61eb71ed8a2344adea967e7a8d_b886df3c_640.jpg"
server-timing: dc;desc=yyz, cache;desc=HIT;dur=0.0
content-length: 82257
x-nc: HIT yyz 1
last-modified: Sat, 02 Jul 2022 17:17:56 GMT
server: nginx
etag: "d585a8611414600c46cd4edd0c54fb49-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 fc484bdb7faf96d6fb116e8dbb106347602190b9.jpg
64.media.tumblr.com/d56fa0c0103492d3f6079824d5d71b61/7bc114d85ce78eb5-23/s540x810/ 157 KB
158 KB 31ms
19ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/d56fa0c0103492d3f6079824d5d71b61/7bc114d85ce78eb5-23/s540x810/fc484bdb7faf96d6fb116e8dbb106347602190b9.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

51eb464f8af77a54e3d2738b412ce433828833a2759f9b06473c3f6cadfc8027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_d56fa0c0103492d3f6079824d5d71b61_fc484bdb_540.jpg"
server-timing: dc;desc=yyz, cache;desc=HIT;dur=0.0
content-length: 161103
x-nc: HIT yyz 1
last-modified: Wed, 22 Jun 2022 21:17:14 GMT
server: nginx
etag: "ef8d8afeaece419f61ef93c461576fec-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 cbca6ef649debb87684e4415d9322335ed650f00.jpg
64.media.tumblr.com/e6f0289b8b5e5f4df04a211cf5f6b76d/bde8a9b906cab038-dd/s540x810/ 126 KB
127 KB 37ms
26ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/e6f0289b8b5e5f4df04a211cf5f6b76d/bde8a9b906cab038-dd/s540x810/cbca6ef649debb87684e4415d9322335ed650f00.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4ccec2b1c2dc6373532f8adefdfc48231b1ed60fbd68240bc5b8ea9b75d3de8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_e6f0289b8b5e5f4df04a211cf5f6b76d_cbca6ef6_540.jpg"
server-timing: dc;desc=yyz, cache;desc=HIT;dur=1.0
content-length: 129293
x-nc: HIT yyz 1
last-modified: Wed, 01 Jun 2022 02:57:19 GMT
server: nginx
etag: "f83c458d0a888109a51fcc66dded0bd8-1498089600-5586581"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 cbc4d126b32c84159ac59f6f99ad67bd31367d72.jpg
64.media.tumblr.com/df39431a168c087e3351af08a2448158/bde8a9b906cab038-34/s540x810/ 137 KB
137 KB 38ms
26ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/df39431a168c087e3351af08a2448158/bde8a9b906cab038-34/s540x810/cbc4d126b32c84159ac59f6f99ad67bd31367d72.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd49242acd4174541471b072355141705bfcd7a1173bc7e6122c059fed057c71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_df39431a168c087e3351af08a2448158_cbc4d126_540.jpg"
server-timing: dc;desc=yyz, cache;desc=HIT;dur=1.0
content-length: 139776
x-nc: HIT yyz 1
last-modified: Wed, 01 Jun 2022 02:50:23 GMT
server: nginx
etag: "fa13b6d3cd826436ee5417c6d7ef0119-1498089600-5586581"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 e2ebf97fe48db4f8760dc0cd4b68cdc940cc8277.jpg
64.media.tumblr.com/2711d1b4db853e02231b429d0b9b51c9/bde8a9b906cab038-c9/s540x810/ 104 KB
104 KB 37ms
25ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/2711d1b4db853e02231b429d0b9b51c9/bde8a9b906cab038-c9/s540x810/e2ebf97fe48db4f8760dc0cd4b68cdc940cc8277.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

52c7ad367b46c4039f8308fef6608ad3bbfae60ef1d9dd394923c8c9b9e90b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_2711d1b4db853e02231b429d0b9b51c9_e2ebf97f_540.jpg"
server-timing: dc;desc=yyz, cache;desc=HIT;dur=1.0
content-length: 106278
x-nc: HIT yyz 4
last-modified: Wed, 01 Jun 2022 02:51:00 GMT
server: nginx
etag: "27f6d10bf76870b371f4b8e7749cb0f8-1498089600-5586581"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 d48b2b6ffea7fa96039d8a34dd1013d475923e66.jpg
64.media.tumblr.com/9328cbec8afa4192bf8cdd65e625e05e/ba67d15ab6738f46-c8/s540x810/ 26 KB
26 KB 38ms
27ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/9328cbec8afa4192bf8cdd65e625e05e/ba67d15ab6738f46-c8/s540x810/d48b2b6ffea7fa96039d8a34dd1013d475923e66.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fb2e37b085bcc00d2cffc916d3e3c2968cd30f04fe63287f5600fdaf1f0fbff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
x-frames: 1
access-control-max-age: 86400
content-disposition: inline; filename="tumblr_9328cbec8afa4192bf8cdd65e625e05e_d48b2b6f_540.jpg"
server-timing: dc;desc=yyz, cache;desc=HIT;dur=1.0
content-length: 26686
x-nc: HIT yyz 3
last-modified: Thu, 30 Jun 2022 19:18:04 GMT
server: nginx
etag: "eba42fb9fe7f09ee05a642763f7fa900-1498089600-d32ddc9"
strict-transport-security: max-age=31536000; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 54ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3716591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
timing-allow-origin: *
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XW%2BO2%2FOnnwGir7OAQpJ%2BPq2xCIy0xzRDSiE9MBkIBuSdf1pgk874gDBBv%2BFzerjA9fyLM%2FtVB2KAuSYhWNlbOxG%2Btgh6cnWZ62aorDHOMFbXXH9CcOYrnHYabO9QyeY7EABvRbs3lNGW4khaFnSEdijc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 726aad02c9867156-YUL
expires: Mon, 26 Jun 2023 19:16:36 GMT

GET
H2 200 navbar.js Show response
www.tumgir.com/static/js/ 469 B
531 B 48ms
47ms Script
application/javascript 2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/navbar.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ae1b9abbb61470260e103684bbd81cc23d3e69a1e9db92ef899dd539e0c9da15

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:36 GMT
content-encoding: br
etag: W/"1d5-1801fba587c"
cf-cache-status: EXPIRED
last-modified: Tue, 12 Apr 2022 21:42:27 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BoZrI%2FMRLpiYXRKXKCbWe54MUnV64lDLdBYd0u6PXbAnEtdXdYJahtmRiD2LtFwmXNa%2BkHbHvYpS5rP1ZTurh%2FfT2ikvVd9Kz081enm52Xgzbqav4Jn%2BppUnQx6RVIwerUv7yI6ivjax6MUl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 726aad02abbbca47-YUL

GET
H2 200 sticky-sidebar.js Show response
www.tumgir.com/static/js/ 2 KB
882 B 60ms
55ms Script
application/javascript 2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/sticky-sidebar.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: aefa123ab4be4509c6970cb9a064c1031ed5ec6fae270e7c256b7a0826fa21f6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:36 GMT
content-encoding: br
etag: W/"7e3-1801fba1971"
cf-cache-status: EXPIRED
last-modified: Tue, 12 Apr 2022 21:42:11 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fI0yqQQNYenlJBctPE9Q2ZEJP4dQ1mm1Rbtq1l6p%2BPCqd0dr2Bf7u8vDhdnoA2q2IE5jw%2BfvPABgI9kuY%2B7vVQluoAQmiFdgQPe3EhYhX1x6mpHaHXO9S6nC2rDpkl0C%2B6YTy37lMGbC16RK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 726aad02bbc4ca47-YUL

GET
H2 200 home.js Show response
www.tumgir.com/static/js/ 1 KB
915 B 59ms
53ms Script
application/javascript 2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/home.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 814344b7031d06949266d1f52badb1e0cd092f28151939ab6e001d919c2d65c8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:36 GMT
content-encoding: br
etag: W/"597-18029f63023"
cf-cache-status: EXPIRED
last-modified: Thu, 14 Apr 2022 21:24:01 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JXi0DXTTVE2tl4F2y1eiaWAV5thbyOtSY06lf86ydYgVAwhKdbb4stL8nd2rXoTNrt69B26kd01Jq73ekMR48vN44er9w5ruKe3I4a%2FpFf29QXGmV2RPj11u0yl%2FpKiomH4px8ZT2U%2BdC71"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 726aad02bbc6ca47-YUL

GET
H2 200 notes.js Show response
www.tumgir.com/static/js/ 554 B
770 B 77ms
72ms Script
application/javascript 2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/notes.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 38afa5312f73d7da48d60d1cbe85b5a3df8855e750db714661c1456d510904e4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:36 GMT
content-encoding: br
etag: W/"22a-1801fba1807"
cf-cache-status: EXPIRED
last-modified: Tue, 12 Apr 2022 21:42:11 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MmExUEZ%2BvOED%2FfmpFVGs%2FZ1jXaZacjLVG9brYl%2BqRy%2FWlMKScgpM0mg6bl%2FXVLw44OWy5pUwauSfkjpa%2BtYBpWWtD6GneEV4OGXfQMp988OzQT2hm1WGWGnzSotE%2FS0kgqa500Ygei5yxHYq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 726aad02bbc7ca47-YUL

GET
H2 200 visit-blog.js Show response
www.tumgir.com/static/js/ 216 B
454 B 80ms
75ms Script
application/javascript 2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/visit-blog.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 941f15f07a74b953e617b4af9d43ab4c19fbf92695b4865b4acf10887cdb74e5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:36 GMT
content-encoding: br
etag: W/"d8-1801fba1b1b"
cf-cache-status: EXPIRED
last-modified: Tue, 12 Apr 2022 21:42:11 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y28qiKSCKHYeAbxAd4MfjDN7xh1HA0a7NeNbc9ZKtGIvGOv%2FJVlIzYUZ3vacZBrI99A0y3W632i%2BVZAsGSfWoKLnt1Opxy1vuJ81FnmR4zqpmKKm%2FIOTDKlDts9L1LV2lp4dRqqlXwCRPbGr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 726aad02bbc9ca47-YUL

GET
H2 200 explore-tagged-posts.js Show response
www.tumgir.com/static/js/ 224 B
460 B 56ms
51ms Script
application/javascript 2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/explore-tagged-posts.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2545317458fe2e54e3e67d5f14b69913cd8fa0182ccb4031cd413f7819217808

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:36 GMT
content-encoding: br
etag: W/"e0-1801fba49fc"
cf-cache-status: EXPIRED
last-modified: Tue, 12 Apr 2022 21:42:23 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yu4P%2BD5PUtVckDPUIhSJFEFrK0aO%2FxG9lG9uc82TZ6XOKuWEa7Y490fLvYRczpqGqp6z0QfgWtQA6m%2FcwAA6gJ9ggR4pukpsNjGonp6RL%2FHi8rdwTXLctPdpkbYVrwMpOOjFU64cz1UTlM%2Fl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 726aad02bbcbca47-YUL

GET
H2 200 sw.js Show response
www.tumgir.com/ 100 KB
38 KB 29ms
26ms Script
application/javascript 2606:4700:20::681a:d2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/sw.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8c382d76b7f3c936b789e587ff26a8383cb504a1b7c7f6183f80a45d2a464c9d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7608123
x-powered-by: Express
last-modified: Sun, 13 Mar 2022 22:02:35 GMT
server: cloudflare
etag: W/"190ed-17f854dffbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxeSAeMqlME%2Fe83s47nzEutd9qhc7VB6P0M0Pi3tjQsKwSmdruHI4f5vtozhGpMqgAExtTRclLU5OlZXgsW9tvKBB6A3nYA3K9Ua8ohGAmfErelIO3weHAaO01pTqH4nvkSwMhznXVCPrBgz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 726aad02bbccca47-YUL
expires: Sun, 09 Apr 2023 17:38:52 GMT

GET
H2 200 / Show response
d18g6t7whf8ejf.cloudfront.net/ 253 KB
78 KB 183ms
106ms Script
text/plain 54.192.100.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.100.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-100-168.ewr53.r.cloudfront.net
Software: /
Resource Hash: 031df1a7783aa90768d1d986ee314a80c0c6889e3c3c06655805031d3ee6a636

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:37 GMT
content-encoding: gzip
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 79274
via: 1.1 ffb3cace5d647f21fdf8c68c16a8f2fa.cloudfront.net (CloudFront)
x-amz-cf-id: wBr2jvumOfLnFWuzdrCVwDsZxwFbhX1BUx3Fr9Y8M603UBZYlgS-BQ==

GET
H2 200 / Show response
dmmzkfd82wayn.cloudfront.net/ 293 KB
96 KB 571ms
111ms Script
text/plain 2600:9000:2162:d800:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:d800:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c35280def7f7c86ca31e6626be0784a74960392345e8b3f1cde938d67fcef76d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:37 GMT
content-encoding: gzip
x-amz-cf-pop: EWR52-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 97903
via: 1.1 13eb5c0e05c1c43ed344f7e14dcf0a00.cloudfront.net (CloudFront)
x-amz-cf-id: MSrb5DjR3sV_I0941Y-1BpN_lfkknX4ioznic5v_lCqX-g63lxLR2Q==

GET
H2 200 vidjs Show response
video-serve.com/ 1 KB
1 KB 144ms
38ms Script
application/json 18.67.65.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video-serve.com/vidjs?tid=947040
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-125.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: cc5b52f2199694e4c1785d9231fd52d4140118eb8133d9303cb7d1bdffb231f3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:37 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-type: application/json
content-length: 694
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
x-amz-cf-id: R8GxLzYf6ZQcN-AL3PNU-8Megf9xcpvH3PGxakkZDWcXmgwosQO87w==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 856ms
57ms Script
application/javascript 173.223.56.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.56.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-223-56-138.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 06 Jul 2022 19:16:37 GMT
x-host: s7.addthis.com
content-length: 116379

GET
H2 206 tumblr_rejlutxc4Q1y54s2v.mp4
va.media.tumblr.com/ 1 MB
0 168ms
16ms Media
video/mp4 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://va.media.tumblr.com/tumblr_rejlutxc4Q1y54s2v.mp4

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.tumgir.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

x-nc: HIT yyz 1
date: Wed, 06 Jul 2022 19:16:37 GMT
last-modified: Tue, 05 Jul 2022 10:16:10 GMT
server: nginx
access-control-allow-origin: *
etag: "ff2ecda3f8224af079614d99ac754a1b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: video/mp4
Content-Range: bytes 0-2545221/2545222
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
Content-Length: 2545222
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 71ms
20ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumgir.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 05:07:49 GMT
x-content-type-options: nosniff
age: 50928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 05:07:49 GMT

GET
H2 200 d2QyeWEMRkEOPgIWXltbVQxGDREEXh1WFgATHA0UGgNbC08UC19WEgBKWApDW0ZBFAdVXgNVQwQJRFtbVVAcSUNbRkYYBigNVltbVVwGT1ZGVBBVQwQRUCYIE1YQQ0NHXFdMUkdVUFRZFlEKVFUTVABUA0IBUVRXQgUKTFVBAlAcAEFGTw Show response
mefagetobri.top/ 56 KB
23 KB 94ms
27ms Script
application/javascript 107.22.28.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mefagetobri.top/d2QyeWEMRkEOPgIWXltbVQxGDREEXh1WFgATHA0UGgNbC08UC19WEgBKWApDW0ZBFAdVXgNVQwQJRFtbVVAcSUNbRkYYBigNVltbVVwGT1ZGVBBVQwQRUCYIE1YQQ0NHXFdMUkdVUFRZFlEKVFUTVABUA0IBUVRXQgUKTFVBAlAcAEFGTw
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-28-167.compute-1.amazonaws.com
Software: / Express
Resource Hash: d341fd21de82ec901154cd8e62560b48e07ecdec16a426a4fd3cb2da3731b262

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"e0f6-u6ZjB3PFmEbbROg3pM989XvT3q0"
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 89ms
21ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134279593-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1210
date: Wed, 06 Jul 2022 18:56:27 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 06 Jul 2022 20:56:27 GMT

GET
H2 204 utx Show response
ospicalad.buzz/ 0
491 B 228ms
38ms XHR
text/plain 13.225.223.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ospicalad.buzz/utx?tid=846710&top=www.tumgir.com&cb=LGas1tDh9KwJ
Requested by: Host: mefagetobri.top
URL: https://mefagetobri.top/d2QyeWEMRkEOPgIWXltbVQxGDREEXh1WFgATHA0UGgNbC08UC19WEgBKWApDW0ZBFAdVXgNVQwQJRFtbVVAcSUNbRkYYBigNVltbVVwGT1ZGVBBVQwQRUCYIE1YQQ0NHXFdMUkdVUFRZFlEKVFUTVABUA0IBUVRXQgUKTFVBAlAcAEFGTw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-64.jfk51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:37 GMT
via: 1.1 5c13c9f75e6e6d54f428b6693f8ee6e2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: JFK51-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: IeMGIjWD3YMZm7ZXsjzW3Wq_hMsOr0uSUgWV2hKtLBQIKm__XWuxdg==

POST
H2 200 / Show response
subsectivexe.xyz/ 0
37 B 214ms
36ms XHR
text/plain 44.195.137.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://subsectivexe.xyz/
Requested by: Host: mefagetobri.top
URL: https://mefagetobri.top/d2QyeWEMRkEOPgIWXltbVQxGDREEXh1WFgATHA0UGgNbC08UC19WEgBKWApDW0ZBFAdVXgNVQwQJRFtbVVAcSUNbRkYYBigNVltbVVwGT1ZGVBBVQwQRUCYIE1YQQ0NHXFdMUkdVUFRZFlEKVFUTVABUA0IBUVRXQgUKTFVBAlAcAEFGTw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-137-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
content-length: 0

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 235ms
72ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4938
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Jul 2022 17:54:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVj80k%2FQlBDUGLfkpdiiODwF0kZJLxAnBTZ9ydmd9CjXLFzxvs8i0BACcvO%2FgGBER4j0usk%2BShtPqN%2BlzFWooee4S9%2Bi1Hn4H%2BNXhpcEp9CfLlyBEuS%2FjRGlsUjespLij4iuogIBMRWl9GsG"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.tumgir.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 726aad0568ceecfa-YUL
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
381 B 235ms
73ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eace016a5ddc02542cef499ef8ee77258d9d9db99af688d43989f1c17b802466

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YFzob5OKyMMAs74hkCaOJLOJ2FS3oLY2D2US4BZIgvQNFYj6eqXRjPCGBeFYapVqrtvSrCvaKH9tHxQTR5xpjx%2BpYHUmUulXGykdldU771Gxu55FLuBAq7ec4uafsSC5a85ixQ98xbg2Obp"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 726aad0568d0ecfa-YUL
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
nedaugha.buzz/ 0
489 B 143ms
30ms XHR
text/plain 18.67.65.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedaugha.buzz/utx?cb=PhZE7RYlXGon&top=www.tumgir.com&tid=852974
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-44.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:37 GMT
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: Y7ZYD831MeC9eShjQj1QG3mY1n2iaRp6loeXMglHwV2bkFi_ZguPwQ==

GET
H2 200 BhYnLxM1LgMPJDM7MwkwKDMzMy8SAyU0BDNnGAshCjA2FCAoPTEzHkRmNgMADRIjFyQHNSESHQQSAC0VUSxCDxANEiMQcyIdHwIjAxITCxINIEEBdBEQJQNqGQ4SBh47GyUnNyAVAzYGIgEwEA8SIBERFQQORSxxNDgAcRYYNxIMFDAcFRESEDYyKH8mIzUtAww4M... Show response
nedaugha.buzz/REdhVHQlJQI5SyV6A3IBNitccUYCYlMSEHV/BmIAczAJMkwhLQd6FygoFDASNigPIFoqIhVxRgIwBWYYDiZRIyEGLgIaFzMKIBgiHncwOAAzHyk8JgU9DhE9IyM0EQ0JIiAsAwoNNTtRdgUjPjkNBQoZBiY/WWYxdRVUACcFECMtQRMmCR08Dys... Frame 84EB 3 KB
2 KB 131ms
37ms Document
text/html 18.67.65.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedaugha.buzz/REdhVHQlJQI5SyV6A3IBNitccUYCYlMSEHV/BmIAczAJMkwhLQd6FygoFDASNigPIFoqIhVxRgIwBWYYDiZRIyEGLgIaFzMKIBgiHncwOAAzHyk8JgU9DhE9IyM0EQ0JIiAsAwoNNTtRdgUjPjkNBQoZBiY/WWYxdRVUACcFECMtQRMmCR08Dys7bSEVIBUXLAIDNS5EJg4ZLCEUBjQ7MSN/BhYnLxM1LgMPJDM7MwkwKDMzMy8SAyU0BDNnGAshCjA2FCAoPTEzHkRmNgMADRIjFyQHNSESHQQSAC0VUSxCDxANEiMQcyIdHwIjAxITCxINIEEBdBEQJQNqGQ4SBh47GyUnNyAVAzYGIgEwEA8SIBERFQQORSxxNDgAcRYYNxIMFDAcFRESEDYyKH8mIzUtAww4MhMUVRs4PDAmDTFxYlMWJjMoCRMnCSYlEwweBAoOLiEsN2wjEj9UDCw8HTkcBAshCjcVDwZRIDYVBRIDJTQENjpBAiFREiQUATttUi40DjoEeR0pBgAxAy8iPSs9Ah5ABg
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-44.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 7957a7a02822a22f5a5da6db8721c7d7ecb35e67d7e5cbe3b06515a0bc7ea024

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1240
content-type: text/html
date: Wed, 06 Jul 2022 19:16:37 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
x-amz-cf-id: 0-lD1qto9pxAQJG42-tXpFnYsqsO49CAfy_2JaoBLcia1SnukRxgjw==
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
101 KB 180ms
40ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4938
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Jul 2022 17:54:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ls%2FXvYxGP0Yog0IcDaavSTdsMLubS5KLV%2BzX0zu1lSNjcPujTbklEVBuPDutxc8%2FiVrJPNiF2%2B2F9wtv6km8%2BAs9231bwEB6v26qrE1Ey8dP5SPCy3OVUL0R2BZcciHqKuZ6ljZ06BYWYzuz"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://www.tumgir.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 726aad0568d3ecfa-YUL
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
360 B 214ms
74ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2f6177d3ac563f02d72131d3ef1bc580bdcfc1c989b616b0212b596a6abc057

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhbDhxqOcEd%2Fp4YyucMKwx1wivu3ztFaUosVfYWROAJTn1cTvVwIFcJ7FioMByEQRT2HDPs4YSLjmx%2B1xZDi5XTPCaSVoMQD008WLNcxfPOzCQoF6R2f4ph8fRe3Zhd4K0cSEcuaK9L595aU"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 726aad0568d5ecfa-YUL
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
nedaugha.buzz/ 0
490 B 125ms
36ms XHR
text/plain 18.67.65.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedaugha.buzz/utx?cb=uatmfpoIaSj7&top=www.tumgir.com&tid=853405
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-44.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:37 GMT
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: wb-Ka_m7wiVlxkcS87xAwVheqS7vIYnwg-60Yps4JLcZn6cRx8JO5g==

GET
H2 200 EylQPCMICX4HJDsKeScnAi9xN1MEPFsWNAcAZiQnFSBwJzcZOHYwMxRIXRUJPh4KLgg3Fg8cHCELAAQ Show response
nedaugha.buzz/N2ZmUG5WBAU9UVZbBHYbRQpbdVxxQ1QWCgZeAWYaABEONlZSDAB+DVsJEzQIRQkIJEBZAxJ1XHE8BxQnBytVASJvMBYGPU8eBAUvAis+ASt2J1YWIWAjAjMpXwE2NigHMiMRHng1NwUgdTA/Bi91LDETP3k1JBYgVjAjPCFhVxYBPWENMwY4VDE... Frame 830A 3 KB
2 KB 111ms
32ms Document
text/html 18.67.65.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedaugha.buzz/N2ZmUG5WBAU9UVZbBHYbRQpbdVxxQ1QWCgZeAWYaABEONlZSDAB+DVsJEzQIRQkIJEBZAxJ1XHE8BxQnBytVASJvMBYGPU8eBAUvAis+ASt2J1YWIWAjAjMpXwE2NigHMiMRHng1NwUgdTA/Bi91LDETP3k1JBYgVjAjPCFhVxYBPWENMwY4VDEwATdkNBEBJmA3CgIpdjQwASgDAicGKHEgNxUkc1cKMypQIAMHKH00MT4/dS4zAiB2JzcyL0AgBQUoQCIhKA1wJx4/DXERPxQ8YQEFEixtLi04DXAnER0sbycvGDthEhEVP3EjIxE/diEKFg92CksGKnUnNAg/Bj8xEV9DJyA7N0IkETMrYAoVFStmICMBKFsFNCgFciARChliMAkTOXEJABQ8VCEnKCN5MzBpDW8zVhEscScFFwIGPDA8KFYCJwUqZVY/EylQPCMICX4HJDsKeScnAi9xN1MEPFsWNAcAZiQnFSBwJzcZOHYwMxRIXRUJPh4KLgg3Fg8cHCELAAQ
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-44.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 4751beb87d71997c76ef8c30e1230fbd29412851ff840c55c778efffa7aac2fd

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1228
content-type: text/html
date: Wed, 06 Jul 2022 19:16:37 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
x-amz-cf-id: P78KBCPhpLFL3mBhzEFbJN67c4dZ_htfB8a86nmk3uBY_hwa3CLgZg==
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront

GET
H2 204 BScRTT9Md0NRIhcpWB46THZLAGJJaFceOUx3Q0w8ECFYCWoBMhFUcUBwUA99QnJcAXtAcVY
nedukeratio.lol/OExxRmUXcxI1WFx8Pyg/bAo0IwlcHTMTN08ZQActbCIzEzBPFVcyDFxxSXNXAXtFYBVRKEx1Vx4/ 0
259 B 231ms
51ms Image
text/plain 2606:4700:3032::6815:3217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedukeratio.lol/OExxRmUXcxI1WFx8Pyg/bAo0IwlcHTMTN08ZQActbCIzEzBPFVcyDFxxSXNXAXtFYBVRKEx1Vx4/BScRTT9Md0NRIhcpWB46THZLAGJJaFceOUx3Q0w8ECFYCWoBMhFUcUBwUA99QnJcAXtAcVY
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egMMJnp9jNYlDFQIGoyYRTMxBwmP9LqrBACX1WSJdFLgxkH9fClu3DOrRzCR8v7kA4EtagVr%2FwF1BOQtEGly9dertDAycYHvLJBCmd8DLWYIIwl4wBjbg5tw2mkkYQURoBpXLZjSWKv9vB3mhmc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 726aad05bfc0ca4b-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 fCMFA2suJllVcGtwSEY5NmsJBHhtZwsGdGNhCQV7
nedukeratio.lol/VjgyTVp5B1E+ZwNwYDkMZWJYGQxnUWMgFB5vZQcbN21WKAMDfRQ5MzIFCnhobw8Gayo/XA9+aHBLRiwuI0sPf2pmDxQkNDBXD398IAUCY2J4ABx/ 0
496 B 230ms
50ms Image
text/plain 2606:4700:3032::6815:3217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedukeratio.lol/VjgyTVp5B1E+ZwNwYDkMZWJYGQxnUWMgFB5vZQcbN21WKAMDfRQ5MzIFCnhobw8Gayo/XA9+aHBLRiwuI0sPf2pmDxQkNDBXD398IAUCY2J4ABx/fCMFA2suJllVcGtwSEY5NmsJBHhtZwsGdGNhCQV7
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GawM8jdW8dIialcCTr7zRmZbc5jZArvagxFJRfmdzG6joF8qrVxldgTYij16NzFwHGLhFwmA8idGMpSiEPfGA6YDtU%2BRR%2BCpnL5RfZoG97paqHNNGeKTMQP%2FcyBsvXlwmJwRjhp31Vj%2FkhwyvKo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 726aad05bfc4ca4b-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 SAI6WmQJQHsBaAtCdw9uCU97
nedukeratio.lol/TjZZOHZhCTpLSxwGA2EsG2BrW0R/ZzpwLDdvH3ZHKFhsSi4Wd39MHyoLYQ1FegZsHgYnUmQKT2hFLVkCO0VkCVAnWD9XS2hAZAlYfhhsAFh8ECwFR2hCKVkRcwd/ 0
258 B 231ms
52ms Image
text/plain 2606:4700:3032::6815:3217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedukeratio.lol/TjZZOHZhCTpLSxwGA2EsG2BrW0R/ZzpwLDdvH3ZHKFhsSi4Wd39MHyoLYQ1FegZsHgYnUmQKT2hFLVkCO0VkCVAnWD9XS2hAZAlYfhhsAFh8ECwFR2hCKVkRcwd/SAI6WmQJQHsBaAtCdw9uCU97
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeLJL6T9%2F7x2LtvitXmfh5ClgeoaW9bluBBVgba5ok%2FkJeZ8oDlzfTkd7ytKvsRMwfDyhGRgRAjnDihuiGAT64AktYXXYz8ptKHm36ItthA2FWedqIjnrPzPoKn%2F6DvG3bjZjyUd7BNGjw6LuIs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 726aad05bfc2ca4b-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 37ms
34ms XHR
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2037332739&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumgir.com%2F&ul=en-us&de=UTF-8&dt=Tumblr%20Online%20Web%20Viewer%20and%20Statistics%20%7C%20Tumgir&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1063829456&gjid=307542697&cid=1499276515.1657134997&tid=UA-134279593-1&_gid=572607231.1657134997&_r=1&gtm=2ou6t0&z=2061700684

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumgir.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ZaDI0M3QLXVpVSxxbUA5MXQEAA0FOWEdcGhgPfF0TEApOSQUNBVYVABJWCQNSBFNaVElOV1pQSVkUVVcWVQYSRwQHWQlRGARVQF4dAVFFFQEJD1lcDgFeWFJRWnQBHURNAAQbAwFcUFwDGxcGAxocFwYDRVgcBBZHKhcGAwMBXAIHUVtwEQFEEAQAGlFaAl-VDBAR... Show response
d18g6t7whf8ejf.cloudfront.net/ Frame 830A 575 B
718 B 117ms
116ms Script
text/plain 54.192.100.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/ZaDI0M3QLXVpVSxxbUA5MXQEAA0FOWEdcGhgPfF0TEApOSQUNBVYVABJWCQNSBFNaVElOV1pQSVkUVVcWVQYSRwQHWQlRGARVQF4dAVFFFQEJD1lcDgFeWFJRWnQBHURNAAQbAwFcUFwDGxcGAxocFwYDRVgcBBZHKhcGAwMBXAIHUVtwEQFEEAQAGlFaAl-VDBARXQ1YWA1tAFkYuBwcEWlsEEQFEQFlcRxkEFwZwUVoCWFofDRcGAxMNUV9cXU0ABFAcGl1ZVlFadAUDR0YCGgZEXgIaBkdNAARAFQ5TRlpRWnQBAENGAQIVAVUD
Requested by: Host: nedaugha.buzz
URL: https://nedaugha.buzz/N2ZmUG5WBAU9UVZbBHYbRQpbdVxxQ1QWCgZeAWYaABEONlZSDAB+DVsJEzQIRQkIJEBZAxJ1XHE8BxQnBytVASJvMBYGPU8eBAUvAis+ASt2J1YWIWAjAjMpXwE2NigHMiMRHng1NwUgdTA/Bi91LDETP3k1JBYgVjAjPCFhVxYBPWENMwY4VDEwATdkNBEBJmA3CgIpdjQwASgDAicGKHEgNxUkc1cKMypQIAMHKH00MT4/dS4zAiB2JzcyL0AgBQUoQCIhKA1wJx4/DXERPxQ8YQEFEixtLi04DXAnER0sbycvGDthEhEVP3EjIxE/diEKFg92CksGKnUnNAg/Bj8xEV9DJyA7N0IkETMrYAoVFStmICMBKFsFNCgFciARChliMAkTOXEJABQ8VCEnKCN5MzBpDW8zVhEscScFFwIGPDA8KFYCJwUqZVY/EylQPCMICX4HJDsKeScnAi9xN1MEPFsWNAcAZiQnFSBwJzcZOHYwMxRIXRUJPh4KLgg3Fg8cHCELAAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.100.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-100-168.ewr53.r.cloudfront.net
Software: /
Resource Hash: c13473f37c3e53a03c1a0cb58c7b081aa425349b1707361696ddb713a5605eca

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nedaugha.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
content-encoding: gzip
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 441
via: 1.1 ffb3cace5d647f21fdf8c68c16a8f2fa.cloudfront.net (CloudFront)
x-amz-cf-id: _79ffR35Y8m85_-TSJd8wncCjIFcu5smJp0nRSm59MEJ9XDTKScyaA==

GET
H2 200 wd2lJa0wUBicNcwMALVZ0QltwXHhRAzoEIgdUEyMeAxwNJTo+BjMIBkMrbx82E1R5TSAWBy5WahIHKlZ9UQgtCXFDTz0bIxxUPAUoEg8gBSkTTzwKcRoGMwIgGwhsWQpCR3lOfkdBPgIiEwY+GGlFWScfaUVZeFtiR0x6KWlFWT4CIkFdbFgOUlt5E3pDQG-xZfBY... Show response
d18g6t7whf8ejf.cloudfront.net/ Frame 84EB 415 B
615 B 116ms
115ms Script
text/plain 54.192.100.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/wd2lJa0wUBicNcwMALVZ0QltwXHhRAzoEIgdUEyMeAxwNJTo+BjMIBkMrbx82E1R5TSAWBy5WahIHKlZ9UQgtCXFDTz0bIxxUPAUoEg8gBSkTTzwKcRoGMwIgGwhsWQpCR3lOfkdBPgIiEwY+GGlFWScfaUVZeFtiR0x6KWlFWT4CIkFdbFgOUlt5E3pDQG-xZfBYZOQcpAAwrACUDTHsteUReZ1h6Ult5QycfHSQHaUUqbFl8GwAiDmlFWS4OLxwGYE5+RwohGSMaDGxZCkZZekV8WVx5XXxZXHpOfkcaKA0tBQBsWQpCWn5Ff0FPPFZ9
Requested by: Host: nedaugha.buzz
URL: https://nedaugha.buzz/REdhVHQlJQI5SyV6A3IBNitccUYCYlMSEHV/BmIAczAJMkwhLQd6FygoFDASNigPIFoqIhVxRgIwBWYYDiZRIyEGLgIaFzMKIBgiHncwOAAzHyk8JgU9DhE9IyM0EQ0JIiAsAwoNNTtRdgUjPjkNBQoZBiY/WWYxdRVUACcFECMtQRMmCR08Dys7bSEVIBUXLAIDNS5EJg4ZLCEUBjQ7MSN/BhYnLxM1LgMPJDM7MwkwKDMzMy8SAyU0BDNnGAshCjA2FCAoPTEzHkRmNgMADRIjFyQHNSESHQQSAC0VUSxCDxANEiMQcyIdHwIjAxITCxINIEEBdBEQJQNqGQ4SBh47GyUnNyAVAzYGIgEwEA8SIBERFQQORSxxNDgAcRYYNxIMFDAcFRESEDYyKH8mIzUtAww4MhMUVRs4PDAmDTFxYlMWJjMoCRMnCSYlEwweBAoOLiEsN2wjEj9UDCw8HTkcBAshCjcVDwZRIDYVBRIDJTQENjpBAiFREiQUATttUi40DjoEeR0pBgAxAy8iPSs9Ah5ABg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.100.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-100-168.ewr53.r.cloudfront.net
Software: /
Resource Hash: 691d32d638d540bbe1ebf8cee8fecce20bb802fe89338bb1b98e0d5b1e920a16

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nedaugha.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
content-encoding: gzip
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 338
via: 1.1 ffb3cace5d647f21fdf8c68c16a8f2fa.cloudfront.net (CloudFront)
x-amz-cf-id: FMQxgWTgOvqX5eoDcv7EOIHjER36QdJ36Bn6zGdJYmwim357bCB2eg==

GET
H2 204 utx Show response
nedaugha.buzz/ 0
489 B 29ms
28ms XHR
text/plain 18.67.65.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedaugha.buzz/utx?cb=G6lIhjWwZRjt&top=www.tumgir.com&tid=921528
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-44.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:37 GMT
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: uPbzihm_89NX2QpqeAisuAcpqS1FoVfOOO5bGt2bYTR1lONY3ZWmOA==

GET
H2 200 MTd2Kh8qaXUxGAECbBcRMmJ2NDkhdl4DNR4gCR8gFwV8JSgHF3YDbA Show response
nedaugha.buzz/NHBacFBVEjkdb1VNOFYlRhxnVWJyVWg2NFkdIBs2UEhoBzFNHnQTPFsFPhYiWx4uXj5RBH9CFl0laRQaezQbBxd3FD80KVcVFiEFfikPKmh3FzJBGGAAAig5ejsQGxpsMjBIM2cbOSUeYB8VNjlXPhYhBXUUCAM/Yhw+BQVnCA0lYgE3OEE8YT0... Frame 9719 3 KB
2 KB 44ms
43ms Document
text/html 18.67.65.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedaugha.buzz/NHBacFBVEjkdb1VNOFYlRhxnVWJyVWg2NFkdIBs2UEhoBzFNHnQTPFsFPhYiWx4uXj5RBH9CFl0laRQaezQbBxd3FD80KVcVFiEFfikPKmh3FzJBGGAAAig5ejsQGxpsMjBIM2cbOSUeYB8VNjlXPhYhBXUUCAM/Yhw+BQVnCA0lYgE3OEE8YT0PAGl8GwsaF3c5HCETZSMKHChnORhEKGEiAx0WWiIMKClfFRAmAmYUMSUAcCJvGgVaAxM3E2UVEEEoUjobIiN3FxtJEQYHETEXfjgABzdiKR4mI3cXGxsYXRMVMhhuNRkIYHcpLUl1BjYeMjwGIgJdPG4hGT0yeDVjJh1mBz0kEmIYFygneDJpQRVSCGozCQVIMyUVZVVoMhcGBxETY242PyYCbj8YOiN3FxtAFV0ADihjRCM/BzhgPy0lPWImDEICZUgQMRd2Kj8iCXIpajZlchcMFwVaAxMhKn0iETUgbhQxJQBwIRQbB2wfFTY5bjs/MTd2Kh8qaXUxGAECbBcRMmJ2NDkhdl4DNR4gCR8gFwV8JSgHF3YDbA
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-44.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: b96d8c06a1ca9d559f722a5d88cf679ab204ad944d3087107450818bc80c13f9

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1249
content-type: text/html
date: Wed, 06 Jul 2022 19:16:37 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
x-amz-cf-id: Df-tUmP6b6uYSlGxLQ22iWu1_sZYJuNG0GhOH83dio3ZpSoqCRW0SQ==
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront

GET
H2 200 CHFdBmcqDl0oAS1kcjd4MVFnDHAIBlVKACliVhsCM29ZDRQBRF4BQlZSBD5wL3lfAEI4c3MWXh4 Show response
nedaugha.buzz/Mms3MW9TCVRcUFNWVRcaQAcKFF10TgV3C18GTVoJVlMFRg5LBRlSA10eU1cdXQVDHwFXHxIDKVckYn8aZix5UCNzKkZpKgIadF8pUC9/cw5ULWJXJGBbXXU6Xk4FcywBAE5UGFEMflYXeC50XiB1B2IDPHYMbWk3Bw5WVlZrJ2ZdF2A9QEUrai1... Frame B58C 3 KB
2 KB 486ms
485ms Document
text/html 18.67.65.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedaugha.buzz/Mms3MW9TCVRcUFNWVRcaQAcKFF10TgV3C18GTVoJVlMFRg5LBRlSA10eU1cdXQVDHwFXHxIDKVckYn8aZix5UCNzKkZpKgIadF8pUC9/cw5ULWJXJGBbXXU6Xk4FcywBAE5UGFEMflYXeC50XiB1B2IDPHYMbWk3Bw5WVlZrJ2ZdF2A9QEUrai1keRZ7IHtdW3wxZUIbagdmQilxPmdnPHgnUVg6fwlhBB9nOltDKGE+eWk8RTFnATZ+CEBwW2AMQ0s3ARN5cjhoD3NaNn4IT1oDdjoOAjwBU195J3QOeXc6fApcRUoAKWIACEgjXnAoZgJufCVFG3lrAx8cfGcIQltmeVZkI393CmgqX2MhRSZQYwhBKmQCWmY9ZF4peT5ufQxFAEdwKXsYZQMDYChkcChiDE9kJVkfEgMteDpfSzdlIWN3XGgOUl0iag9bAB9nOlxGK0sEdGIWQidRWDp/CHFdBmcqDl0oAS1kcjd4MVFnDHAIBlVKACliVhsCM29ZDRQBRF4BQlZSBD5wL3lfAEI4c3MWXh4
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-44.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: ecbb18221c963b07d2cfd06ab884cb87a0aca9169c0c5252fa63e98ac5754de1

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1238
content-type: text/html
date: Wed, 06 Jul 2022 19:16:38 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
x-amz-cf-id: yNec4LpfzD5CXmXX_vOArOvMEy67ZwNY8jNutB1uBkCuSKt4XhfuZQ==
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront

GET
H2 204 utx Show response
nedaugha.buzz/ 0
490 B 34ms
30ms XHR
text/plain 18.67.65.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedaugha.buzz/utx?cb=W7cNAA1ofbNn&top=www.tumgir.com&tid=853405
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-44.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:37 GMT
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: mY9j7l2GuxXdcpY1rptuUjBHGR-Oo4dcDQdlJMTG5SLBM_cETo2iCw==

GET
H3 204 M3VvWlYcSgwpa30xLRkZaxotGA52PDw9B3sRLi4bdzQDaBJmBkkuP1dIVmhnBkdXfCZaEVJrcEABDi4jQEhefD9dEwBncEVIXnRlB1tdbXgCUxpnZwNEWGtiC0VWaGcBQlxubhUBHzsxDkRJKiJHGVJrYAZCXmliCkxYbGQC
nedukeratio.lol/ 0
475 B 65ms
47ms Image
text/plain 2606:4700:3032::6815:3217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedukeratio.lol/M3VvWlYcSgwpa30xLRkZaxotGA52PDw9B3sRLi4bdzQDaBJmBkkuP1dIVmhnBkdXfCZaEVJrcEABDi4jQEhefD9dEwBncEVIXnRlB1tdbXgCUxpnZwNEWGtiC0VWaGcBQlxubhUBHzsxDkRJKiJHGVJrYAZCXmliCkxYbGQC
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2F1HP2Fl1CcdrCSjX6Av5GATLctZxNDx6fieQOWqmtVGJFwfVIbqIHMv7uT0dZtFCyRTmBY4gaTCC5vZiYTGy0U8ZbiEvtQqfngdvK3DYKHdQToI%2F%2BAA3s3z8v1lJ%2FUhzHVvkUfjvwhSqAyULCs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 726aad078cdbece2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 135ms
92ms Image
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 124ms
73ms Image
text/html 2607:f8b0:4006:820::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:820::200d New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 146ms
95ms Image
text/html 2607:f8b0:4006:820::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:820::200d New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 KxdYRmk6BBEbcntGUEB+eURcTnh8RF0
nedukeratio.lol/d09KcGVYcCkDWCN9MhsHMQ1+KDMPLBNDHRUaDCIMEQk6IjIgFmwEDBNyckVWQ398VhUeK3dBXVE8PhERAjx3QUMeISwfWFE5d0FLR2F7XldROndBVUZ4e0RdR3Z4QVdAfH5IQwM/ 0
509 B 61ms
46ms Image
text/plain 2606:4700:3032::6815:3217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedukeratio.lol/d09KcGVYcCkDWCN9MhsHMQ1+KDMPLBNDHRUaDCIMEQk6IjIgFmwEDBNyckVWQ398VhUeK3dBXVE8PhERAjx3QUMeISwfWFE5d0FLR2F7XldROndBVUZ4e0RdR3Z4QVdAfH5IQwM/KxdYRmk6BBEbcntGUEB+eURcTnh8RF0
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xr4srVyRG95Hr9NWTDIMDyf%2FvK2bWNaN6UGpZjeMotWpeXn17XmN52HKKMr8dsFl0apRaNIMkZ4cKPNoMMrVsWeofrh8ZJZwoZAiKNapHoSLHQHP6jfB0xy9BYBF%2BOkQ2OxSIvtMZpLs4qA%2BnYk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 726aad078cd8ece2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 DBl2RX-lZQCMbLE9VMRwgTBVhMXwLB31Efx0CY18iUEQ+G2wKc3ZFeVRZOBJsCgA0EipTX3pSewhTOwUmVVV2RQ8JAGBZeRYFY0F5FgVgUnsIQzIRKEpZdkUPDQNkWXoOFiZKeAgBZEZ9AABqRXgKB2BDcQ Show response
dmmzkfd82wayn.cloudfront.net/iU3dJODAwGCdeDyceLQUJYUZ8Cgh1HTpXXiNKJkJXBj8cSkcUNToOFicNLQUAdRsoVlduUSxWU25Gb1lUMUp9HkQjGCIFQCQSPlxSIB4xURYmFnRVXykeJVRRdkUPDR5jUnsIGCQeJ1xfJARsCgA9A2wKAGJHZwgVYDVsCgA... Frame 9719 944 B
926 B 141ms
141ms Script
text/plain 2600:9000:2162:d800:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/iU3dJODAwGCdeDyceLQUJYUZ8Cgh1HTpXXiNKJkJXBj8cSkcUNToOFicNLQUAdRsoVlduUSxWU25Gb1lUMUp9HkQjGCIFQCQSPlxSIB4xURYmFnRVXykeJVRRdkUPDR5jUnsIGCQeJ1xfJARsCgA9A2wKAGJHZwgVYDVsCgAkHicOBHZECx0CYw9/DBl2RX-lZQCMbLE9VMRwgTBVhMXwLB31Efx0CY18iUEQ+G2wKc3ZFeVRZOBJsCgA0EipTX3pSewhTOwUmVVV2RQ8JAGBZeRYFY0F5FgVgUnsIQzIRKEpZdkUPDQNkWXoOFiZKeAgBZEZ9AABqRXgKB2BDcQ
Requested by: Host: nedaugha.buzz
URL: https://nedaugha.buzz/NHBacFBVEjkdb1VNOFYlRhxnVWJyVWg2NFkdIBs2UEhoBzFNHnQTPFsFPhYiWx4uXj5RBH9CFl0laRQaezQbBxd3FD80KVcVFiEFfikPKmh3FzJBGGAAAig5ejsQGxpsMjBIM2cbOSUeYB8VNjlXPhYhBXUUCAM/Yhw+BQVnCA0lYgE3OEE8YT0PAGl8GwsaF3c5HCETZSMKHChnORhEKGEiAx0WWiIMKClfFRAmAmYUMSUAcCJvGgVaAxM3E2UVEEEoUjobIiN3FxtJEQYHETEXfjgABzdiKR4mI3cXGxsYXRMVMhhuNRkIYHcpLUl1BjYeMjwGIgJdPG4hGT0yeDVjJh1mBz0kEmIYFygneDJpQRVSCGozCQVIMyUVZVVoMhcGBxETY242PyYCbj8YOiN3FxtAFV0ADihjRCM/BzhgPy0lPWImDEICZUgQMRd2Kj8iCXIpajZlchcMFwVaAxMhKn0iETUgbhQxJQBwIRQbB2wfFTY5bjs/MTd2Kh8qaXUxGAECbBcRMmJ2NDkhdl4DNR4gCR8gFwV8JSgHF3YDbA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:d800:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7ac0b1399d908508ca33096823dec46fa4ffd151496e1963bf479b285b5f1733

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nedaugha.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
content-encoding: gzip
x-amz-cf-pop: EWR52-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 650
via: 1.1 13eb5c0e05c1c43ed344f7e14dcf0a00.cloudfront.net (CloudFront)
x-amz-cf-id: BDG8uR1LzlghyyL4kSPUSglEAfFgqQavIhgJmzTa1gvWbMM6azs1Dg==

GET
H3 200 popunder.gif
nedukeratio.lol/ 35 B
592 B 25ms
24ms Image
image/gif 2606:4700:3032::6815:3217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedukeratio.lol/popunder.gif
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: public
date: Wed, 06 Jul 2022 19:16:37 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Jul 2022 17:37:51 GMT
server: cloudflare
age: 92326
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jhz4RTomlBbSf02k0Sl5ia7UYffPi6oAJScR2DUgkwsI8qLI9jZI1ua2dOy%2F%2F8W75Z1V1etyib6ZX6eD8xoMnBPzwwKbHbVy6UUXvqJ4hJMiaEoQTN1rbI%2FsQ7kpY4rirREkHuyCphyX%2FjCjw6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 726aad08ae67ece2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 multi Show response
nedaugha.buzz/ 3 KB
2 KB 29ms
28ms XHR
text/plain 18.67.65.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedaugha.buzz/multi?cs=RExUcGZ1eWFFU3V4bEZWfXRnSFM&abt=0&red=1&sm=76&k=tumblr%20tumgir&v=1.0.58.2&sts=2&prn=0&emb=0&tid=853405&u=1017148092127348&agec=1657134997&fs=1&mbkb=234.192037470726&ref=https%3A%2F%2Fwww.tumgir.com%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F103.0.5060.53%20safari%2F537.36&tzd=0&uloc=&if=0&_q2JZ=1657134997885&crc=1
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-44.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 1562aa81cff1bc96e25ed9492356e6d51ad0eafde6d9fdeae68ceb3c150fb408

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:37 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: text/plain
content-length: 1398
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
x-amz-cf-id: wkyMEIJEcBDi-qn0kdWQerek86KKtcO1Te1mue1rxzb3xVpTHE_qeQ==

POST
H3 204 U118AywaAGdCbltba0BsV1VtS2BY
nedukeratio.lol/WnNYbmx1TDsdUTsrMCEOMQs5PzRvET0oHBYWNBpaDzYsVzsSAH4aBT5OYFteY0RsSBwzF2VdXnwALA8YLwBlXFxqRH4HAjwcZVxKLE5oQFR0S3ZcSi9OaV5dbUJsVlxjQWlcW2lHYEgYKhI/ 0
470 B 34ms
33ms Ping
text/plain 2606:4700:3032::6815:3217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nedukeratio.lol/WnNYbmx1TDsdUTsrMCEOMQs5PzRvET0oHBYWNBpaDzYsVzsSAH4aBT5OYFteY0RsSBwzF2VdXnwALA8YLwBlXFxqRH4HAjwcZVxKLE5oQFR0S3ZcSi9OaV5dbUJsVlxjQWlcW2lHYEgYKhI/U118AywaAGdCbltba0BsV1VtS2BY
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D55nEGpLvQZXQxWms5tivn0ydK8FlRcouqQsdM5JDfc%2F2jqyPv6rr74pBvY5CMEWbyeZUm7Z3FQVc2bDAEs6mN05oRYEWl3LAl264UEyi8RE6kJZHbY9j1qfZ7XztBwxtJOjVLu%2F8vb8VuSR0Z4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 726aad08dea1ece2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 floater Show response
nedaugha.buzz/ 2 KB
2 KB 339ms
338ms XHR
text/plain 18.67.65.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedaugha.buzz/floater?cs=cExhNlZDdVEDYkN%2FVQNgSX9SAGE&abt=0&red=1&sm=83&k=tumblr%20tumgir&v=0.8.8.2&sts=0&prn=0&emb=0&tid=852974&u=1017148092127348&agec=1657134997&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=234.192037470726&ref=https%3A%2F%2Fwww.tumgir.com%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F103.0.5060.53%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td1_oi1_&_TXDo=1657134997886&crc=1
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-44.iad89.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: af23fce736bf975fa6bd06810b7440cbe15dbbcf151b78c85815a1fab2a0d3cf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:38 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: text/plain
content-length: 1063
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
x-amz-cf-id: tB4ySzQXdvwzN5aBjGcAoMtD6mb4mfkroRL8rglV0D4yPfwOOR9rUQ==

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 196ms
19ms Script
application/x-javascript 96.16.30.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.30.5 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-30-5.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:38 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 2C85CCA5EDFDA959
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=51371
accept-ranges: bytes
content-length: 948
x-amz-id-2: YLINp2NMpbnCDyuWEbAWfD0Jol0jpI+Yv49vdPH8dGsqCupb7RiVosuKkkvP3dkUQqBsFzuGhyc=

GET
H2 200 eOUNuTGNaLAAqXE0qCnFbDHBafFUfKR0jDUl+C3kyewcgIgxJECoOGlU2SDgZXX5eag9YLQlxRVwtDXFSHyIKLl4NZRstXlQsFCUPVSJLfiUMbV5pUQlrGSUNXSwZP0YLcwA4RgtzX3xNCWZdDkYLcxklDQ93S38hHHFeNFUNakt+U1gzHiAGTiYMJwpNZl-wKVgp... Show response
dmmzkfd82wayn.cloudfront.net/ Frame B58C 187 B
461 B 105ms
104ms Script
text/plain 2600:9000:2162:d800:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/eOUNuTGNaLAAqXE0qCnFbDHBafFUfKR0jDUl+C3kyewcgIgxJECoOGlU2SDgZXX5eag9YLQlxRVwtDXFSHyIKLl4NZRstXlQsFCUPVSJLfiUMbV5pUQlrGSUNXSwZP0YLcwA4RgtzX3xNCWZdDkYLcxklDQ93S38hHHFeNFUNakt+U1gzHiAGTiYMJwpNZl-wKVgp0QH9VHHFeZAhRNwMgRgsAS35TVSoFKUYLcwkpAFIsR2lRCSAGPgxUJkt+JQhzXWJTF3ZeelMXdl1pUQkwDyoCSypLfiUMcFliUA9lG3FSCXJZfVcBc1d+Ugt0XXhb
Requested by: Host: nedaugha.buzz
URL: https://nedaugha.buzz/Mms3MW9TCVRcUFNWVRcaQAcKFF10TgV3C18GTVoJVlMFRg5LBRlSA10eU1cdXQVDHwFXHxIDKVckYn8aZix5UCNzKkZpKgIadF8pUC9/cw5ULWJXJGBbXXU6Xk4FcywBAE5UGFEMflYXeC50XiB1B2IDPHYMbWk3Bw5WVlZrJ2ZdF2A9QEUrai1keRZ7IHtdW3wxZUIbagdmQilxPmdnPHgnUVg6fwlhBB9nOltDKGE+eWk8RTFnATZ+CEBwW2AMQ0s3ARN5cjhoD3NaNn4IT1oDdjoOAjwBU195J3QOeXc6fApcRUoAKWIACEgjXnAoZgJufCVFG3lrAx8cfGcIQltmeVZkI393CmgqX2MhRSZQYwhBKmQCWmY9ZF4peT5ufQxFAEdwKXsYZQMDYChkcChiDE9kJVkfEgMteDpfSzdlIWN3XGgOUl0iag9bAB9nOlxGK0sEdGIWQidRWDp/CHFdBmcqDl0oAS1kcjd4MVFnDHAIBlVKACliVhsCM29ZDRQBRF4BQlZSBD5wL3lfAEI4c3MWXh4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:d800:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e8f46103ee0c6d2de6a9a26a29aa5b7b7b873d98116aa62e4262a75d29c5c33e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nedaugha.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:38 GMT
content-encoding: gzip
x-amz-cf-pop: EWR52-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 186
via: 1.1 13eb5c0e05c1c43ed344f7e14dcf0a00.cloudfront.net (CloudFront)
x-amz-cf-id: gV5_L6zSeDRgvbt732Fn5m64mxAgby0paOrVor40XIW2FjA2welaIA==

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-6103d59079bcdcec/ 1 KB
680 B 157ms
42ms Script
application/javascript 173.223.56.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-6103d59079bcdcec/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.56.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-56-138.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e552184493eea74a53b11e52b6e6eec9c35d90cece6592d9bdf6cf1090ad8c0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:38 GMT
content-encoding: gzip
etag: 706338575--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=8, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 504

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 127 B
1 KB 634ms
79ms Script
application/javascript 173.223.56.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=62c5df95a675747c&bkl=0&bl=1&pdt=327&sid=62c5df95a675747c&pub=ra-6103d59079bcdcec&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tumgir.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1657134998488&jsl=1&uvs=62c5df952b7abe1d000&skipb=1&callback=addthis.cbs.jsonp__70429706185336130
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.56.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-56-138.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b50d7402d539e5444d1aca11d36e1a0bc86267cfa82c7066e137d644f3999390

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:39 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
p3p: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
content-length: 127
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 4069 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 759E 71 KB
26 KB 24ms
23ms Document
text/html 173.223.56.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.56.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-223-56-138.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Wed, 06 Jul 2022 19:16:38 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2

200

connatix.player.js Show response
cds.connatix.com/p/169009/ Frame 5E30
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
https://cds.connatix.com/p/169009/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

1 MB
272 KB

99ms
12ms

Script
application/javascript

151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/169009/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 25fa285cca433601a6d441d18c0276293388aaae5dd8e552659aae0e3ca2967f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:38 GMT
content-encoding: br
last-modified: Wed, 06 Jul 2022 09:03:04 GMT
age: 36692
etag: "d116cddf32c1eee0b431698230acc642"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 278130

Redirect headers

location: https://cds.connatix.com/p/169009/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
date: Wed, 06 Jul 2022 19:16:38 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
H2 200 si
capi.connatix.com/tr/ 0
116 B 184ms
46ms Image
application/json 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=4774eef9-309c-40d8-8dc1-bf70e43e9987&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:38 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400
content-type: application/json

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 26ms
25ms Script
application/javascript 173.223.56.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.56.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-223-56-138.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 06 Jul 2022 19:16:38 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
255 B 153ms
42ms XHR
application/json 173.223.56.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tumgir.com%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.56.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-223-56-138.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.tumgir.com/
last-modified: Wed, 06 Jul 2022 18:00:00 GMT
server: nginx/1.15.8
date: Wed, 06 Jul 2022 19:16:38 GMT
content-type: application/json
access-control-allow-origin: https://www.tumgir.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
285 B 231ms
121ms Script
application/json 173.223.56.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tumgir.com%2F&callback=_ate.cbs.rcb_jgag0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.56.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-223-56-138.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

355edf4022f79ab0bbcbbd456b39799acdcce103d56b8bd16324ecaa624faae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.tumgir.com/
last-modified: Wed, 06 Jul 2022 19:16:38 GMT
server: nginx/1.15.8
date: Wed, 06 Jul 2022 19:16:38 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
285 B 232ms
122ms Script
application/json 173.223.56.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tumgir.com%2F&callback=_ate.cbs.rcb_gygj0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.56.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-223-56-138.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ff57a60e03791f5646163737ce8fc0f6619584dfef741f973a22e67f7a05c70c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.tumgir.com/
last-modified: Wed, 06 Jul 2022 19:16:38 GMT
server: nginx/1.15.8
date: Wed, 06 Jul 2022 19:16:38 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/169009/ Frame 5E30 0
47 KB 15ms
15ms Other
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/169009/hls.5b3b785f487abbe00eee.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:38 GMT
content-encoding: br
last-modified: Wed, 06 Jul 2022 09:03:05 GMT
age: 36692
etag: "182f65d040bfb9544bd8f71472475672"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48258

GET
H2 200 player.css
cds.connatix.com/p/169009/ 58 KB
9 KB 17ms
17ms Stylesheet
text/css 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/169009/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6b40f0d5cfa95c272e1a5a6c2ad7b9089ad07d3e938ea0f9f0693ab7f6a175e6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:38 GMT
content-encoding: br
last-modified: Wed, 06 Jul 2022 09:03:05 GMT
age: 36692
etag: "b07e9f868d1c559a08538d3b52f384bc"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 8890

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame 5E30 5 KB
4 KB 67ms
67ms XHR
application/x-protobuf 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=169009&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 63a5d83aadd44e2ac069ca40ff81d6ca7f1e00f339c1133154d20514eef68b5f

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-max-age: 86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3502

GET
H2 200 insights.bin Show response
ins.connatix.com/c5112af1abfe0587ddf93309349ef99a/ Frame 5E30 36 B
293 B 49ms
13ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/c5112af1abfe0587ddf93309349ef99a/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b92cb6b44cf533b7e5ffc29b4e542b12a3f6c12c106dac6a8884a574214c947f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: gzip
last-modified: Mon, 28 Mar 2022 15:32:44 GMT
age: 4304335
etag: "bb779e99d9ab70cbc408a7c2616a8eb3"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 56

POST
H/1.1 200
OK sr Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 5E30 0
315 B 159ms
35ms XHR
application/x-protobuf 18.191.18.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=169009&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.191.18.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-18-246.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 06 Jul 2022 19:16:38 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 151ms
66ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

sffe /

Resource Hash

dd388dc3d91bdc65607d06d1cb416183a616bfd982ff95918a4d839b872e322b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28041
x-xss-protection: 0
server: sffe
etag: "1266 / 63 of 1000 / last-modified: 1657105870"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 06 Jul 2022 19:16:39 GMT

GET
H2 200 2_media.bin Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/1383efe5-fab7-4e22-aa35-f23a09533ff3/ Frame 5E30 291 B
345 B 130ms
10ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/1383efe5-fab7-4e22-aa35-f23a09533ff3/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 782cf3bec6ae5ea1cc0d0903ec8157ff81ab0e1822a99b24114ae33c83d093d5

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: gzip
last-modified: Fri, 04 Jun 2021 18:07:24 GMT
age: 101603
etag: "d24a3365dc10abf8fc9e03aedbb0aeb5"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 255

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5E30 373 KB
125 KB 106ms
38ms Script
text/javascript 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

662a701e1568bc9c60eb966d8c2200f4441a233d50746596c2cd23ac0240dc62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126951
x-xss-protection: 0
expires: Wed, 06 Jul 2022 19:16:39 GMT

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3d288a06c2707f49799963594c33990454%26pname%3dBeeswax%26api-tier%3d2%26uid%3d{userid}
https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D288a06c2707f49799963594c33990454%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&_...
https://cks.connatix.com/cks?pid=15&ev=288a06c2707f49799963594c33990454&pname=Beeswax&api-tier=2&uid=AABynk7Fi78AABJPo1a-Zw

132 B
166 B

130ms
11ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=15&ev=288a06c2707f49799963594c33990454&pname=Beeswax&api-tier=2&uid=AABynk7Fi78AABJPo1a-Zw
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7dc20417d561ecd7d43cf11caf322f00f37c35ed16a6db938a3991a1244056f1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 132
retry-after: 0

Redirect headers

location: https://cks.connatix.com/cks?pid=15&ev=288a06c2707f49799963594c33990454&pname=Beeswax&api-tier=2&uid=AABynk7Fi78AABJPo1a-Zw
Date: Wed, 06 Jul 2022 19:16:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1
https://cks.connatix.com/cks?pid=19&uid=820ad0bc-9ffe-442f-bccb-cd2e073ed88c&ttl=1659726999

146 B
260 B

130ms
10ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=19&uid=820ad0bc-9ffe-442f-bccb-cd2e073ed88c&ttl=1659726999
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a76919c1b59b85914bbac252bd7a4095ed8cb5f33a38b1386c665a817d9ecd42

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 146
retry-after: 0

Redirect headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:39 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cks.connatix.com/cks?pid=19&uid=820ad0bc-9ffe-442f-bccb-cd2e073ed88c&ttl=1659726999
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 213

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3d288a06c2707f49799963594c33990454%26pname%3dAppNexus%26api-tier%3d2%26uid%3d%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcks.connatix.com%252fcks%253fpid%253d6%2526ev%253d288a06c2707f49799963594c33990454%2526pname%253dAppNexus%2526api-tier%253d2%2526uid%...
https://cks.connatix.com/cks?pid=6&ev=288a06c2707f49799963594c33990454&pname=AppNexus&api-tier=2&uid=8115938062753814876

128 B
162 B

134ms
11ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=6&ev=288a06c2707f49799963594c33990454&pname=AppNexus&api-tier=2&uid=8115938062753814876
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 18ea7c7d9211d2fee1e157eb6dc9edaa95f4b5e57d2b34c19d7c9ac650201c87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 128
retry-after: 0

Redirect headers

Pragma: no-cache
Date: Wed, 06 Jul 2022 19:16:39 GMT
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 802.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 47960be9-a2f3-4afb-96c3-a36f014234ef
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cks.connatix.com/cks?pid=6&ev=288a06c2707f49799963594c33990454&pname=AppNexus&api-tier=2&uid=8115938062753814876
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame ACDC
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

281 B
554 B

155ms
19ms

Document
text/html

104.105.42.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-42-146.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 06 Jul 2022 19:16:39 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 06 Jul 2022 19:16:39 GMT
location: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
server: AkamaiGHost

GET
H2

200

us Show response
capi.connatix.com/core/
Redirect Chain

https://id.rlcdn.com/712202.gif?cparams=288a06c2707f49799963594c33990454
https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCJe_l5YGEgUI6AcQAEIASiAyODhhMDZjMjcwN2Y0OTc5OTk2MzU5NGMzMzk5MDQ1NA
https://capi.connatix.com/core/us?UserId=288a06c2707f49799963594c33990454&DemandPartnerUserId=&DemandPartnerName=LiveRamp&DemandPartner=27

0
28 B

53ms
53ms

Script
application/json

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/us?UserId=288a06c2707f49799963594c33990454&DemandPartnerUserId=&DemandPartnerName=LiveRamp&DemandPartner=27
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400
content-type: application/json

Redirect headers

date: Wed, 06 Jul 2022 19:16:39 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://capi.connatix.com/core/us?UserId=288a06c2707f49799963594c33990454&DemandPartnerUserId=&DemandPartnerName=LiveRamp&DemandPartner=27
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d288a06c2707f49799963594c33990454%26pname%3dSpotX%26api-tier%3d2%26uid%3d%24SPOTX...
https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d288a06c2707f49799963594c33990454%26pname%3dSpotX%26api-tier%3d2%26uid%3d%24SPOTX...
https://cks.connatix.com/cks?pid=10&ev=288a06c2707f49799963594c33990454&pname=SpotX&api-tier=2&uid=2990614b-fd60-11ec-9dda-17e4c8e50503

146 B
180 B

11ms
10ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=10&ev=288a06c2707f49799963594c33990454&pname=SpotX&api-tier=2&uid=2990614b-fd60-11ec-9dda-17e4c8e50503
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7255ef1e4e616397168af02ea1fb93fe09f29cb39ea6f0c2c2610f2c2c42f64a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 146
retry-after: 0

Redirect headers

date: Wed, 06 Jul 2022 19:16:39 GMT
location: https://cks.connatix.com/cks?pid=10&ev=288a06c2707f49799963594c33990454&pname=SpotX&api-tier=2&uid=2990614b-fd60-11ec-9dda-17e4c8e50503
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: false
x-fe: 435
content-length: 0

GET
H2 200 hls.5b3b785f487abbe00eee.js Show response
cds.connatix.com/p/169009/ Frame 5E30 162 KB
47 KB 11ms
11ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/169009/hls.5b3b785f487abbe00eee.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: br
last-modified: Wed, 06 Jul 2022 09:03:05 GMT
age: 36693
etag: "182f65d040bfb9544bd8f71472475672"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48258

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 63ms
20ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumgir.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:32:04 GMT
x-content-type-options: nosniff
age: 603875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:32:04 GMT

POST
H/1.1 200
OK g Show response
capi-tier-2-us-east-2.connatix.com/rtb/ Frame 5E30 501 B
677 B 213ms
104ms XHR
application/x-protobuf 18.191.18.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=169009&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.191.18.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-18-246.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: c490018ec8b67139c4f2cc015661d61e0edde61fad32b61a35a9d013e58219d9

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 381

GET

pixel
cm.g.doubleclick.net/ Frame 5E30
Redirect Chain

https://connatix-d.openx.net/v/1.0/av?auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=www.tumgir.com%2F&cb=215d0f86-3435-4101-b3eb-e181ec3ee17c&vwd=522&vht=293&gdpr=0&gdpr_consen...
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=www.tumgir.com%2F&cb=215d0f86-3435-4101-b3eb-e181ec3ee17c&vwd=522&vht=293&gdpr=0&gdpr_c...
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTEzZGUxZDAtMTEwYi02Y2YxLTUzYzktMDc0NmU5MDA3MTY4&gdpr=0&gdpr_consent=undefined

0
0

GET
H2 200 1_th.jpg
img.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/1383efe5-fab7-4e22-aa35-f23a09533ff3/ 11 KB
11 KB 20ms
11ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/1383efe5-fab7-4e22-aa35-f23a09533ff3/1_th.jpg?crop=522:293,smart&width=522&height=293&format=jpeg&quality=60&fit=crop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6cc3e014905e19c03c3f34f98aa0bae830fff053bc2d82352e2ec0f0b5ee2c61

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: br
age: 112530
etag: "fXbx+cgDKjqH84brnIjnpuw+s7Hl2yn8sJ+RtLChhcY"
access-control-max-age: 86400
fastly-io-info: ifsz=81491 idim=2560x1440 ifmt=jpeg ofsz=11414 odim=522x293 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 10985

GET
H3 200 bridge3.520.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A418 632 KB
204 KB 61ms
20ms Document
text/html 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.520.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aba363da63c154691250d5daa4dfa09d2b026bd99245c76e64031390dc6609bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 85365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209114
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 19:33:54 GMT
expires: Wed, 05 Jul 2023 19:33:54 GMT
last-modified: Wed, 29 Jun 2022 19:20:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5E30 44 KB
17 KB 448ms
52ms Script
text/javascript 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Jul 2022 19:16:39 GMT

GET
H3 200 bridge3.520.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 18DF 632 KB
204 KB 21ms
21ms Document
text/html 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.520.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aba363da63c154691250d5daa4dfa09d2b026bd99245c76e64031390dc6609bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 85365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209114
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 19:33:54 GMT
expires: Wed, 05 Jul 2023 19:33:54 GMT
last-modified: Wed, 29 Jun 2022 19:20:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.520.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 40BF 632 KB
204 KB 35ms
35ms Document
text/html 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.520.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aba363da63c154691250d5daa4dfa09d2b026bd99245c76e64031390dc6609bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 85365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209114
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 19:33:54 GMT
expires: Wed, 05 Jul 2023 19:33:54 GMT
last-modified: Wed, 29 Jun 2022 19:20:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 playlist.m3u8 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/1383efe5-fab7-4e22-aa35-f23a09533ff3/ Frame 5E30 309 B
248 B 12ms
12ms XHR
application/x-mpegurl 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/1383efe5-fab7-4e22-aa35-f23a09533ff3/playlist.m3u8
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/169009/hls.5b3b785f487abbe00eee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: gzip
last-modified: Fri, 04 Jun 2021 18:07:24 GMT
age: 101268
etag: "8a966507b13615ecdc1330a4bc9dcfe1"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 164

GET
H3 200 pubads_impl_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ 374 KB
128 KB 68ms
20ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

sffe /

Resource Hash

c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 544969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130816
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Jun 2023 11:53:50 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 232 B
158 B 81ms
35ms XHR
application/json 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.tumgir.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

a28530fa36dd40eff2e8c7ac146a26b181eb38a5604119ffb6acfedba1ca12f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
expires: Wed, 06 Jul 2022 19:16:39 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9278 37 KB
13 KB 77ms
19ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 18:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 06 Jul 2022 19:32:22 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DE11 37 KB
13 KB 82ms
37ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 18:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 06 Jul 2022 19:32:22 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FE6B 37 KB
13 KB 40ms
23ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 18:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 06 Jul 2022 19:32:22 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame ACDC 31 KB
10 KB 20ms
19ms Script
text/html 104.105.42.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-42-146.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4a411ecc4f2769a81a8f2fc5a796ae019bbaa0ca05aa70ef91d7029e6a3f54b4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 19:16:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 17:17:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17238
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9455
Expires: Thu, 07 Jul 2022 00:03:57 GMT

GET
H2 200 0.m3u8 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/1383efe5-fab7-4e22-aa35-f23a09533ff3/ Frame 5E30 607 B
333 B 11ms
11ms XHR
application/x-mpegurl 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/1383efe5-fab7-4e22-aa35-f23a09533ff3/0.m3u8
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/169009/hls.5b3b785f487abbe00eee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: be3d742802e260b5923393fcc8312a8ae0b4520c82a805580d2cab62eb910a66

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: gzip
last-modified: Fri, 04 Jun 2021 18:07:23 GMT
age: 101268
etag: "5345693ff13a278e9ecb4dc69d1833d2"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 247

POST
H2 202 / Show response
pl.connatix.com/ Frame 5E30 2 B
205 B 220ms
96ms XHR
application/json 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pl.connatix.com/

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800;
via: 1.1 varnish
x-content-type-options: nosniff
x-timer: S1657135000.886862,VS0,VE72
date: Wed, 06 Jul 2022 19:16:39 GMT
x-served-by: cache-yul12820-YUL
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2
x-cache-hits: 0

GET
H2 206 0.mp4 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/1383efe5-fab7-4e22-aa35-f23a09533ff3/ Frame 5E30 1 KB
1 KB 11ms
11ms XHR
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/1383efe5-fab7-4e22-aa35-f23a09533ff3/0.mp4
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/169009/hls.5b3b785f487abbe00eee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e17ecd4462929a701dc6c1906d85aa9c6dbc19f25c1b1c28ec121750b81f088d

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-1361

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
last-modified: Fri, 04 Jun 2021 18:07:23 GMT
age: 101268
etag: "b7d813f163fe901a595dc3a4607c1720"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1361/4658996
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1362

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame ACDC 284 B
932 B 755ms
26ms Image
image/jpg 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 19ea072139d67f7022c6e463249c998e
Content-Type: image/jpg

POST
H/1.1 200
OK us Show response
capi-tier-2-us-east-2.connatix.com/core/ Frame 5E30 0
315 B 37ms
36ms XHR
application/x-protobuf 18.191.18.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/core/us?v=169009
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.191.18.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-18-246.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK us Show response
capi-tier-2-us-east-2.connatix.com/core/ Frame 5E30 0
315 B 97ms
59ms XHR
application/x-protobuf 18.191.18.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/core/us?v=169009
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.191.18.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-18-246.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK us Show response
capi-tier-2-us-east-2.connatix.com/core/ Frame 5E30 0
315 B 135ms
37ms XHR
application/x-protobuf 18.191.18.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/core/us?v=169009
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.191.18.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-18-246.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H3

200

av Show response
connatix-d.openx.net/v/1.0/ Frame 5E30
Redirect Chain

https://connatix-d.openx.net/v/1.0/av?auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=www.tumgir.com%2F&cb=215d0f86-3435-4101-b3eb-e181ec3ee17c&vwd=522&vht=293&gdpr=0&gdpr_consen...
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=www.tumgir.com%2F&cb=215d0f86-3435-4101-b3eb-e181ec3ee17c&vwd=522&vht=293&gdpr=0&gdpr_c...

48 B
78 B

49ms
49ms

XHR
text/xml

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=www.tumgir.com%2F&cb=215d0f86-3435-4101-b3eb-e181ec3ee17c&vwd=522&vht=293&gdpr=0&gdpr_consent=undefined&us_privacy=
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:40 GMT
content-encoding: gzip
server: OXGW/7f1e280
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tumgir.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 06 Jul 2022 19:16:39 GMT
via: 1.1 google
server: OXGW/7f1e280
location: https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=www.tumgir.com%2F&cb=215d0f86-3435-4101-b3eb-e181ec3ee17c&vwd=522&vht=293&gdpr=0&gdpr_consent=undefined&us_privacy=
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 206 0.mp4 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/1383efe5-fab7-4e22-aa35-f23a09533ff3/ Frame 5E30 570 KB
570 KB 12ms
11ms XHR
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/1383efe5-fab7-4e22-aa35-f23a09533ff3/0.mp4
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/169009/hls.5b3b785f487abbe00eee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ef6eefa8bbcdc83bcde85cc017ffc9c7fcf7b88b8d2d8c19660cbcbf9e5f362c

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=1362-585011

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
last-modified: Fri, 04 Jun 2021 18:07:23 GMT
age: 101268
etag: "b7d813f163fe901a595dc3a4607c1720"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 1362-585011/4658996
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 583650

POST
H/1.1 200
OK us Show response
capi-tier-2-us-east-2.connatix.com/core/ Frame 5E30 0
315 B 117ms
38ms XHR
application/x-protobuf 18.191.18.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/core/us?v=169009
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.191.18.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-18-246.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H3 204 Yl5MXjlvWlpAYWpERl46b1tESXhjXkxIdmBbRk98ZlJSDD8zDUlJaSIeABRyY1xBT35hX0RIf2dcQA
nedukeratio.lol/dHhPUmpbRywhVy0UKCgwIRwdCzs6KSxjLAY6fhASI0o8Ez9HOWkmAxBFd2dYTU97dBodHHJhWFILOzMeAQtyYFpETWk7BBIXcmBaRE5/YlpETmplKRwMOyIZUUsOd1gyXX0UHREaPzsJH1UsNgRaC3x8CxkZNT0EFQ88fAkbFWpgLAcWLiIPF... 0
479 B 39ms
39ms Ping
text/plain 2606:4700:3032::6815:3217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nedukeratio.lol/dHhPUmpbRywhVy0UKCgwIRwdCzs6KSxjLAY6fhASI0o8Ez9HOWkmAxBFd2dYTU97dBodHHJhWFILOzMeAQtyYFpETWk7BBIXcmBaRE5/YlpETmplKRwMOyIZUUsOd1gyXX0UHREaPzsJH1UsNgRaC3x8CxkZNT0EFQ88fAkbFWpgLAcWLiIPFxknJkQEFih3XTcWOj4GUU8MZlxMSndqXkJKeGBbREh/Yl5MXjlvWlpAYWpERl46b1tESXhjXkxIdmBbRk98ZlJSDD8zDUlJaSIeABRyY1xBT35hX0RIf2dcQA
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GYKEJ4q7E1K1PE%2Fu8Upt4C1P8xNGT9zhDGXLNSC1LG1%2BzwW8%2FUUNRZ8tMU4W4W3Xhqu4XY4BsEk87Rf130UxSZqJvPawZ2nzeEErRJhoWZY3oBvWSii%2B%2Fp9lf%2Fjhv5LdUBtEmRr6GOIYFlBADM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 726aad198a77ece2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET snapecaht.png
webpick-cdn.s3.amazonaws.com/ 0
0

GET
H2 206 0.mp4 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/1383efe5-fab7-4e22-aa35-f23a09533ff3/ Frame 5E30 562 KB
562 KB 11ms
11ms XHR
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/1383efe5-fab7-4e22-aa35-f23a09533ff3/0.mp4
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/169009/hls.5b3b785f487abbe00eee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 94bc87e9d76aac9afe7b7eef301a342bd078be1abb2415f78d738982f7b43726

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=585012-1160579

Response headers

date: Wed, 06 Jul 2022 19:16:40 GMT
last-modified: Fri, 04 Jun 2021 18:07:23 GMT
age: 101269
etag: "b7d813f163fe901a595dc3a4607c1720"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 585012-1160579/4658996
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 575568

POST
H/1.1 200
OK mq Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 5E30 0
315 B 36ms
36ms XHR
application/x-protobuf 18.191.18.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/mq?v=169009&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.191.18.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-18-246.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 06 Jul 2022 19:16:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK ps Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 5E30 0
315 B 73ms
35ms XHR
application/x-protobuf 18.191.18.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/ps?v=169009&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.191.18.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-18-246.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 06 Jul 2022 19:16:40 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2

200

us
capi.connatix.com/core/ Frame ACDC
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&khaos=L59ZE5V0-17-B5FH
https://ck.connatix.com/cks?pid=11&uid=L59ZE5V0-17-B5FH
https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L59ZE5V0-17-B5FH&UserId=

0
51 B

44ms
43ms

Image
application/json

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L59ZE5V0-17-B5FH&UserId=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:40 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400
content-type: application/json

Redirect headers

date: Wed, 06 Jul 2022 19:16:40 GMT
location: https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L59ZE5V0-17-B5FH&UserId=
access-control-max-age: 86400
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
DATA 200
OK truncated
/ Frame DAD6 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52878d35bbd3319522a493c873f3dfe8fe7b15c11a3bb4aafca023115122e702

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DAD6 814 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK snapecaht.png
webpick-cdn.s3.amazonaws.com/ Frame DAD6 3 KB
3 KB 321ms
123ms Image
image/png 52.218.228.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webpick-cdn.s3.amazonaws.com/snapecaht.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.228.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5af1e32d6499ad2c5e9249164daa9a39860fb4e6f64b223b04fe0afa0c0b6ee2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 19:16:41 GMT
Last-Modified: Tue, 25 Dec 2018 13:48:43 GMT
Server: AmazonS3
x-amz-request-id: 83Y7VRDV0CBAVFW0
ETag: "84cde431b32705bc6e18c3d7ccc2dd29"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2888
x-amz-id-2: fTp2gdTLESrPlIUkghqJ4Np1Igi8zfX4cmuWrrKW4rMKbMHh2cWkcQaac2SMcBaR9HGmK8N9DRQ=
x-amz-meta-s3b-last-modified: 20181225T134720Z

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ACDC
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5WkU1VjAtMTctQjVGSA==

170 B
188 B

62ms
43ms

Image
image/png

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5WkU1VjAtMTctQjVGSA==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Protocol

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5WkU1VjAtMTctQjVGSA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d5a7ef20801cf5cb1ee516b6110e672f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

esync
token.rubiconproject.com/ Frame ACDC
Redirect Chain

https://id.rlcdn.com/709414.gif
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e

0
214 B

53ms
24ms

Image
text/plain

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e1bddfc34a927e97bda010c0d8a62b62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 06 Jul 2022 19:16:40 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame ACDC
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=820ad0bc-9ffe-442f-bccb-cd2e073ed88c&gdpr=0&gdpr_consent=&expires=30

42 B
689 B

107ms
25ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=820ad0bc-9ffe-442f-bccb-cd2e073ed88c&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: af308bb17a856a105b8c87aaae7d7f8c
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=820ad0bc-9ffe-442f-bccb-cd2e073ed88c&gdpr=0&gdpr_consent=&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 289

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame ACDC
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/e2lgU_UzRjeYkQZvpLNwpsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1094618738801371895

42 B
689 B

26ms
25ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1094618738801371895
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: af308bb17a856a105b8c87aaae7d7f8c
Content-Type: image/gif

Redirect headers

date: Wed, 06 Jul 2022 19:16:41 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1094618738801371895
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame ACDC
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=6_GufSZWQTWSmfXefogZGw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6_GufSZWQTWSmfXefogZGw

43 B
556 B

103ms
102ms

Image
image/gif

52.94.223.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6_GufSZWQTWSmfXefogZGw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Protocol

HTTP/1.1

Server

52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Jul 2022 19:16:41 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XGAZK0GM38G3913XV34W
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6_GufSZWQTWSmfXefogZGw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 20e8391fc78a9019eb67dba4b22f0ac2
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame ACDC
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L59ZE5V0-17-B5FH

0
572 B

192ms
50ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L59ZE5V0-17-B5FH
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:16:40 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C7273AC321824322AF14981F87C51DBA Ref B: YTO01EDGE0517 Ref C: 2022-07-06T19:16:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXjJ88UO5mIPQS3MJqkjw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L59ZE5V0-17-B5FH
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 20e8391fc78a9019eb67dba4b22f0ac2
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame ACDC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPPK-CqtgjnG9z9QC1r1Kcs&google_cver=1

42 B
689 B

75ms
25ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPPK-CqtgjnG9z9QC1r1Kcs&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: f72efbd84733ea5ba734e4e8fe0395a3
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 06 Jul 2022 19:16:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPPK-CqtgjnG9z9QC1r1Kcs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame ACDC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8JOSl8jpRh-gjxXF1yQhag&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8JOSl8jpRh-gjxXF1yQhag

43 B
556 B

31ms
31ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8JOSl8jpRh-gjxXF1yQhag

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Jul 2022 19:16:41 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: SC1QAY6QPQD7FPZ7191S
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8JOSl8jpRh-gjxXF1yQhag
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 84e0f527cd81a00b0210e20b4ee7ed94
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H/1.1 200
OK sv Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 5E30 0
315 B 35ms
35ms XHR
application/x-protobuf 18.191.18.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/sv?v=169009&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.191.18.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-18-246.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 06 Jul 2022 19:16:41 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK ao Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 5E30 0
315 B 36ms
36ms XHR
application/x-protobuf 18.191.18.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/ao?v=169009&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.191.18.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-18-246.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 06 Jul 2022 19:16:41 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK abt Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 5E30 0
315 B 36ms
36ms XHR
application/x-protobuf 18.191.18.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/abt?v=169009&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.191.18.246 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-18-246.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 06 Jul 2022 19:16:43 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTEzZGUxZDAtMTEwYi02Y2YxLTUzYzktMDc0NmU5MDA3MTY4&gdpr=0&gdpr_consent=undefined

Domain: webpick-cdn.s3.amazonaws.com
URL: https://webpick-cdn.s3.amazonaws.com/snapecaht.png

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tumgir.com/	1970-01-20 21:50:06	Name: _ga Value: GA1.2.1499276515.1657134997
.tumgir.com/	1970-01-20 04:20:21	Name: _gid Value: GA1.2.572607231.1657134997
.tumgir.com/	1970-01-20 04:18:55	Name: _gat_gtag_UA_134279593_1 Value: 1
freychang.fun/	1970-01-20 12:57:18	Name: csu Value: 1017148092127348@1@1657134997
www.tumgir.com/	1970-01-20 13:49:09	Name: __atuvc Value: 1%7C27
www.tumgir.com/	1970-01-20 04:18:56	Name: __atuvs Value: 62c5df952b7abe1d000
.addthis.com/	1970-01-20 13:49:09	Name: uvc Value: 1%7C27
capi.connatix.com/	1970-01-20 05:02:06	Name: cnx_userId Value: 288a06c2707f49799963594c33990454
www.tumgir.com/	1970-01-20 05:02:06	Name: cnx_userId Value: 288a06c2707f49799963594c33990454
.addthis.com/	1970-01-20 13:40:30	Name: ouid Value: 62c5df970001e9d0d0441c367f5dd81ef9cca34b44e8f1d48e43
.addthis.com/	1970-01-20 13:40:30	Name: di2 Value: aVS`]#%!k#$M`#!AgP2TIPv7LW6Lj6Hq#1:R#19w
.addthis.com/	1970-01-20 10:27:33	Name: bt2 Value: 62c5df97001ts0002
.addthis.com/	1970-01-20 13:40:30	Name: um Value: j.'2022070619163909400592690805'
.addthis.com/	1970-01-20 13:40:30	Name: uid Value: 62c5df978882b719
.addthis.com/	1970-01-20 13:40:30	Name: na_id Value: 2022070619163909400592690805
.addthis.com/	1970-01-20 13:40:30	Name: vc Value: 2
.addthis.com/	1970-01-20 13:49:09	Name: loc Value: MDAwMDBOQUNBUUMyMjU1MTA2NDQ2MjAwMDBDSA==
.adnxs.com/	1970-01-20 06:28:30	Name: uuid2 Value: 8115938062753814876
.adsrvr.org/	1970-01-20 13:04:31	Name: TDID Value: 820ad0bc-9ffe-442f-bccb-cd2e073ed88c
.bidr.io/	1970-01-20 13:47:28	Name: bito Value: AABynk7Fi78AABJPo1a-Zw
.bidr.io/	1970-01-20 13:47:28	Name: bitoIsSecure Value: ok
.openx.net/	1970-01-20 13:04:30	Name: i Value: 5efe0d43-71fb-0da2-1cff-951747c58cf5\|1657134999
.openx.net/	1970-01-20 04:18:55	Name: v Value: 1
.openx.net/	1970-01-20 04:40:30	Name: pd Value: v2\|1657134999\|vM
.spotxchange.com/	1970-01-20 04:59:14	Name: audience Value: 2990614b-fd60-11ec-9dda-17e4c8e50503
.rubiconproject.com/	1970-01-20 13:04:31	Name: khaos Value: L59ZE5V0-17-B5FH
.adsrvr.org/	1970-01-20 13:04:31	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCJ7TmOvC4-86EAUYBSACKAIyCwjez5GI2ePvOhAFOAE.
.rlcdn.com/	1970-01-20 13:04:31	Name: rlas3 Value: h7SS7Ztbr0b4Uqw5PpixITfh8cV/LL2VbjOq2Q0yzzQ=
.rlcdn.com/	1970-01-20 05:45:19	Name: pxrc Value: CJe/l5YGEgUI6AcQABIGCIu8KxAAEgYIkLwrEAE=
.doubleclick.net/	1970-01-20 21:50:07	Name: IDE Value: AHWqTUmNr0gbPKmvOdb8y3ssRyq8Q0wJlUoxN4CNguh7GFfvNCO6A2KNeiSqwAqqYH4
.amazon-adsystem.com/	1970-01-22 02:13:38	Name: ad-privacy Value: 0
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:50:48	Name: bcookie Value: "v=2&f2462d06-b292-4196-863b-3155ca69c3a2"
.linkedin.com/	1970-01-20 04:20:21	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2626:u=1:x=1:i=1657135001:t=1657221401:v=2:sig=AQGrB4YcM8Xc6lgVt0KHMu8t32Q24wEH"
.yahoo.com/	1970-01-20 13:04:52	Name: A3 Value: d=AQABBJnfxWICEKlS_0JXlG5xheLhOdJCzp4FEgEBAQExx2LPYgAAAAAA_eMAAA&S=AQAAAv0KHqJk4UnYqq2mMmr7_LQ
.amazon-adsystem.com/	1970-01-20 10:46:16	Name: ad-id Value: AyP3amGsdEwGiNXLunZhXj4
.rubiconproject.com/	1970-01-20 13:04:31	Name: audit Value: 1\|5mvmLTFRcb9b9GIABZQpzdXqay8JLLJqZNkXZdN1W1ceECEUBMheiqiopDbiSZuSOgt/zi+1uNrqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: about:blank Message: Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTEzZGUxZDAtMTEwYi02Y2YxLTUzYzktMDc0NmU5MDA3MTY4&gdpr=0&gdpr_consent=undefined' (redirected from 'https://connatix-d.openx.net/v/1.0/av?auid=540193963&schain=1.0,1!connatix.com,963968048794229,1,,,,&url=www.tumgir.com%2F&cb=215d0f86-3435-4101-b3eb-e181ec3ee17c&vwd=522&vht=293&gdpr=0&gdpr_consent=undefined&us_privacy=') from origin 'https://www.tumgir.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTEzZGUxZDAtMTEwYi02Y2YxLTUzYzktMDc0NmU5MDA3MTY4&gdpr=0&gdpr_consent=undefined Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64.media.tumblr.com
aax-eu.amazon-adsystem.com
accounts.google.com
api-public.addthis.com
api.tumblr.com
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdnjs.cloudflare.com
cds.connatix.com
ck.connatix.com
cks.connatix.com
cm.g.doubleclick.net
connatix-d.openx.net
d18g6t7whf8ejf.cloudfront.net
dmmzkfd82wayn.cloudfront.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
id.rlcdn.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
m.addthis.com
match.adsrvr.org
match.prod.bidr.io
mefagetobri.top
nedaugha.buzz
nedukeratio.lol
ospicalad.buzz
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pl.connatix.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
s.amazon-adsystem.com
s0.2mdn.net
s7.addthis.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
subsectivexe.xyz
sync.search.spotxchange.com
token.rubiconproject.com
tumgir.com
v1.addthisedge.com
va.media.tumblr.com
vid.connatix.com
video-serve.com
webpick-cdn.s3.amazonaws.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.tumgir.com
z.moatads.com
cm.g.doubleclick.net
s7.addthis.com
webpick-cdn.s3.amazonaws.com
104.105.42.146
107.22.28.167
13.225.223.64
142.250.80.34
142.250.80.98
151.101.130.137
151.101.194.137
151.101.66.137
173.223.56.138
18.191.18.246
18.67.65.125
18.67.65.44
192.0.77.3
192.0.77.40
209.54.177.54
23.1.200.83
2600:1f18:4e9:5a05:748f:342f:de84:27ec
2600:9000:2162:d800:6:2e3c:5fc0:21
2606:4700:20::681a:d2d
2606:4700:20::ac43:46b2
2606:4700:3030::6815:2dcf
2606:4700:3032::6815:3217
2606:4700::6811:190e
2607:f8b0:4006:809::200a
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80c::2006
2607:f8b0:4006:80d::200e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::200d
2607:f8b0:4006:824::2002
2620:1ec:21::14
2a03:2880:f112:182:face:b00c:0:25de
34.98.64.218
35.190.60.146
35.71.131.137
44.195.137.121
52.218.228.67
52.94.223.167
54.173.186.243
54.192.100.168
68.67.161.207
69.12.8.74
69.173.151.100
96.16.30.5
01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84
031df1a7783aa90768d1d986ee314a80c0c6889e3c3c06655805031d3ee6a636
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1562aa81cff1bc96e25ed9492356e6d51ad0eafde6d9fdeae68ceb3c150fb408
18ea7c7d9211d2fee1e157eb6dc9edaa95f4b5e57d2b34c19d7c9ac650201c87
1e552184493eea74a53b11e52b6e6eec9c35d90cece6592d9bdf6cf1090ad8c0
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
20d421a5904ebf21c017c1e0182698cff1b9e594aa842127cb9d990cad30db84
2318b08c0ac9b50f420f9f723ed10fe5dcaf0de0ff8cc3bb497e55267e571afc
2545317458fe2e54e3e67d5f14b69913cd8fa0182ccb4031cd413f7819217808
25fa285cca433601a6d441d18c0276293388aaae5dd8e552659aae0e3ca2967f
355edf4022f79ab0bbcbbd456b39799acdcce103d56b8bd16324ecaa624faae3
38afa5312f73d7da48d60d1cbe85b5a3df8855e750db714661c1456d510904e4
3c083da53cef5ecd6b20e44011653fa8ded913996ef05e87d160ae669279ed1e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443f8d3245404a97e768af7576937ca3d5a5b5915c6fcb6e866bf78440e21080
4751beb87d71997c76ef8c30e1230fbd29412851ff840c55c778efffa7aac2fd
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a411ecc4f2769a81a8f2fc5a796ae019bbaa0ca05aa70ef91d7029e6a3f54b4
4ccec2b1c2dc6373532f8adefdfc48231b1ed60fbd68240bc5b8ea9b75d3de8c
51eb464f8af77a54e3d2738b412ce433828833a2759f9b06473c3f6cadfc8027
52878d35bbd3319522a493c873f3dfe8fe7b15c11a3bb4aafca023115122e702
52c7ad367b46c4039f8308fef6608ad3bbfae60ef1d9dd394923c8c9b9e90b61
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5af1e32d6499ad2c5e9249164daa9a39860fb4e6f64b223b04fe0afa0c0b6ee2
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63a5d83aadd44e2ac069ca40ff81d6ca7f1e00f339c1133154d20514eef68b5f
662a701e1568bc9c60eb966d8c2200f4441a233d50746596c2cd23ac0240dc62
67273ce5233da6f9c8373efe074c8f3c903594543fb4294c7f9693aa56e8ad70
691d32d638d540bbe1ebf8cee8fecce20bb802fe89338bb1b98e0d5b1e920a16
6992fe867b191c3e29d2e6e1bd91794841fb8124f16456b4f21e3bc5387bf941
6abf296e6324f955f0e6cfa856032fa14b7df73b32b441b1b167ba714f11e879
6b40f0d5cfa95c272e1a5a6c2ad7b9089ad07d3e938ea0f9f0693ab7f6a175e6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cc3e014905e19c03c3f34f98aa0bae830fff053bc2d82352e2ec0f0b5ee2c61
6e3006962e6c9969e212a85019d3af72dd13dd89b9d0036183b397b3306b7272
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7255ef1e4e616397168af02ea1fb93fe09f29cb39ea6f0c2c2610f2c2c42f64a
782cf3bec6ae5ea1cc0d0903ec8157ff81ab0e1822a99b24114ae33c83d093d5
7957a7a02822a22f5a5da6db8721c7d7ecb35e67d7e5cbe3b06515a0bc7ea024
7ac0b1399d908508ca33096823dec46fa4ffd151496e1963bf479b285b5f1733
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7dc20417d561ecd7d43cf11caf322f00f37c35ed16a6db938a3991a1244056f1
7e67c8b6e81e162c2854c9adeaefe3092a0bc6facc9416d5dbd9b3bb1cb32625
814344b7031d06949266d1f52badb1e0cd092f28151939ab6e001d919c2d65c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c382d76b7f3c936b789e587ff26a8383cb504a1b7c7f6183f80a45d2a464c9d
900c7b714900f91c891f0c028ae56f1cb0fae5bc5dcefaa9faaab784d6d3704e
941f15f07a74b953e617b4af9d43ab4c19fbf92695b4865b4acf10887cdb74e5
94bc87e9d76aac9afe7b7eef301a342bd078be1abb2415f78d738982f7b43726
9a90c256e3006e98f176f8419862af3cfe5871c73fae736c7f77ed068e6c1e57
9ef12e480ed1cc9770e5165852ae34839d567a891ceb9170de2a064c9f512a4f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a28530fa36dd40eff2e8c7ac146a26b181eb38a5604119ffb6acfedba1ca12f9
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a47aedad957c4f8a041d0b7375d37e38ff48bba734deca40c2170548a2f86584
a76919c1b59b85914bbac252bd7a4095ed8cb5f33a38b1386c665a817d9ecd42
aa4c8c8c012d22889162ecb13f2754112a44cbe58e48e300ac3bd4731a50dbd7
aba363da63c154691250d5daa4dfa09d2b026bd99245c76e64031390dc6609bb
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae1b9abbb61470260e103684bbd81cc23d3e69a1e9db92ef899dd539e0c9da15
aefa123ab4be4509c6970cb9a064c1031ed5ec6fae270e7c256b7a0826fa21f6
af23fce736bf975fa6bd06810b7440cbe15dbbcf151b78c85815a1fab2a0d3cf
b50d7402d539e5444d1aca11d36e1a0bc86267cfa82c7066e137d644f3999390
b92cb6b44cf533b7e5ffc29b4e542b12a3f6c12c106dac6a8884a574214c947f
b96d8c06a1ca9d559f722a5d88cf679ab204ad944d3087107450818bc80c13f9
bd49242acd4174541471b072355141705bfcd7a1173bc7e6122c059fed057c71
be3d742802e260b5923393fcc8312a8ae0b4520c82a805580d2cab62eb910a66
c13473f37c3e53a03c1a0cb58c7b081aa425349b1707361696ddb713a5605eca
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c35280def7f7c86ca31e6626be0784a74960392345e8b3f1cde938d67fcef76d
c490018ec8b67139c4f2cc015661d61e0edde61fad32b61a35a9d013e58219d9
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
cc5b52f2199694e4c1785d9231fd52d4140118eb8133d9303cb7d1bdffb231f3
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d341fd21de82ec901154cd8e62560b48e07ecdec16a426a4fd3cb2da3731b262
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
dc874dac3438cc3efbec49a9e8cf330fa0501d908fb71e7297f756d032978373
dd388dc3d91bdc65607d06d1cb416183a616bfd982ff95918a4d839b872e322b
e17ecd4462929a701dc6c1906d85aa9c6dbc19f25c1b1c28ec121750b81f088d
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21
e2f6177d3ac563f02d72131d3ef1bc580bdcfc1c989b616b0212b596a6abc057
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f46103ee0c6d2de6a9a26a29aa5b7b7b873d98116aa62e4262a75d29c5c33e
eace016a5ddc02542cef499ef8ee77258d9d9db99af688d43989f1c17b802466
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ecbb18221c963b07d2cfd06ab884cb87a0aca9169c0c5252fa63e98ac5754de1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6eefa8bbcdc83bcde85cc017ffc9c7fcf7b88b8d2d8c19660cbcbf9e5f362c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb2e37b085bcc00d2cffc916d3e3c2968cd30f04fe63287f5600fdaf1f0fbff9
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff57a60e03791f5646163737ce8fc0f6619584dfef741f973a22e67f7a05c70c

www.tumgir.com Open in urlscan Pro 2606:4700:20::681a:d2d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

82 %HTTPS

38 %IPv6

35 Domains

57 Subdomains

37 IPs

2 Countries

24259 kBTransfer

29500 kBSize

37 Cookies

1 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tumgir.com Open in urlscan Pro
2606:4700:20::681a:d2d Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

82 %
HTTPS

38 %
IPv6

35
Domains

57
Subdomains

37
IPs

2
Countries

24259 kB
Transfer

29500 kB
Size

37
Cookies

137 HTTP transactions
10 data transactions