www.tumgir.com Open in urlscan Pro
167.71.185.16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.tumgir.com/tag/murderbot%20meme
Effective URL:
https://www.tumgir.com/tag/murderbot%20meme
Submission: On February 25 via manual (February 25th 2022, 1:31:24 pm UTC) from IN — Scanned from DE

Summary HTTP 189 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 39 IPs in 3 countries across 29 domains to perform 189 HTTP transactions. The main IP is 167.71.185.16, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.tumgir.com. The Cisco Umbrella rank of the primary domain is 207949.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 29th 2021. Valid for: 9 months.

This is the only time www.tumgir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	167.71.185.16 167.71.185.16	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
30	192.0.77.3 192.0.77.3	2635 (AUTOMATTIC) (AUTOMATTIC)
6 7	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.66.92.180 18.66.92.180	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:225f:dc00:6:2e3c:5fc0:21	16509 (AMAZON-02) (AMAZON-02)
1	205.251.219.103 205.251.219.103	16509 (AMAZON-02) (AMAZON-02)
8	23.35.236.122 23.35.236.122	16625 (AKAMAI-AS) (AKAMAI-AS)
27	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3030::ac43:dadd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	108.157.4.74 108.157.4.74	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700:303... 2606:4700:3034::6815:3895	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:803::200d	15169 (GOOGLE) (GOOGLE)
1	107.22.28.167 107.22.28.167	14618 (AMAZON-AES) (AMAZON-AES)
3 6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2016	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400e:80f::2003	15169 (GOOGLE) (GOOGLE)
1	108.157.4.86 108.157.4.86	16509 (AMAZON-02) (AMAZON-02)
1	44.195.137.121 44.195.137.121	14618 (AMAZON-AES) (AMAZON-AES)
1 4	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
9	18.217.77.222 18.217.77.222	16509 (AMAZON-02) (AMAZON-02)
12	18.203.213.28 18.203.213.28	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
6	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	52.218.217.59 52.218.217.59	16509 (AMAZON-02) (AMAZON-02)
189	39

9 167.71.185.16 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.tumgir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

64.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.0.77.40 (San Francisco, United States) 6 redirects

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

api.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.92.180 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-92-180.fra56.r.cloudfront.net

d18g6t7whf8ejf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225f:dc00:6:2e3c:5fc0:21 (United States)

ASN16509 (AMAZON-02, US)

dmmzkfd82wayn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.251.219.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-205-251-219-103.arn1.r.cloudfront.net

video-serve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.35.236.122 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-122.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::ac43:dadd (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 108.157.4.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-74.dus51.r.cloudfront.net

shionismscol.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3034::6815:3895 (United States)

ASN13335 (CLOUDFLARENET, US)

ndollarhe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.28.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-28-167.compute-1.amazonaws.com

mefagetobri.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400e:80f::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-86.dus51.r.cloudfront.net

arderstartir.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.137.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-137-121.compute-1.amazonaws.com

lyjuster.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.217.77.222 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-217-77-222.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.203.213.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com

s.srvsynd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.217.59 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

webpick-cdn.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	tumblr.com 6 redirects 64.media.tumblr.com — Cisco Umbrella Rank: 8720 api.tumblr.com — Cisco Umbrella Rank: 28910 assets.tumblr.com — Cisco Umbrella Rank: 17520	5 MB
27	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	2 MB
19	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 3152 cds.connatix.com — Cisco Umbrella Rank: 3185 capi.connatix.com — Cisco Umbrella Rank: 2720 vid.connatix.com — Cisco Umbrella Rank: 3732 img.connatix.com — Cisco Umbrella Rank: 3844	2 MB
12	srvsynd.com s.srvsynd.com — Cisco Umbrella Rank: 10594	53 KB
12	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 static.doubleclick.net — Cisco Umbrella Rank: 309 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159	151 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	129 KB
9	shionismscol.xyz shionismscol.xyz	10 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 jnn-pa.googleapis.com — Cisco Umbrella Rank: 2608 imasdk.googleapis.com — Cisco Umbrella Rank: 407	718 KB
9	tumgir.com 1 redirects www.tumgir.com — Cisco Umbrella Rank: 207949	60 KB
8	ndollarhe.com ndollarhe.com	3 KB
7	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1324 m.addthis.com — Cisco Umbrella Rank: 1287 api-public.addthis.com — Cisco Umbrella Rank: 3693	218 KB
5	google.com accounts.google.com — Cisco Umbrella Rank: 62 www.google.com — Cisco Umbrella Rank: 2	40 KB
5	cloudfront.net d18g6t7whf8ejf.cloudfront.net dmmzkfd82wayn.cloudfront.net	161 KB
4	freychang.fun freychang.fun — Cisco Umbrella Rank: 24286	2 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92	38 KB
3	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 103	28 KB
3	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 213	7 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	amazonaws.com webpick-cdn.s3.amazonaws.com — Cisco Umbrella Rank: 209373 Failed	3 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	17 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1518	680 B
1	lyjuster.xyz lyjuster.xyz	37 B
1	arderstartir.xyz arderstartir.xyz	490 B
1	mefagetobri.top mefagetobri.top — Cisco Umbrella Rank: 403782	23 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 330	1 KB
1	video-serve.com video-serve.com — Cisco Umbrella Rank: 188897	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	28 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	37 KB
189	29

	Domain	Requested by
30	64.media.tumblr.com	www.tumgir.com
27	www.youtube.com	www.tumgir.com www.youtube.com
12	s.srvsynd.com	cd.connatix.com s.srvsynd.com
9	capi.connatix.com	cd.connatix.com
9	shionismscol.xyz	d18g6t7whf8ejf.cloudfront.net dmmzkfd82wayn.cloudfront.net
9	www.tumgir.com	1 redirects www.tumgir.com
8	ndollarhe.com	www.tumgir.com d18g6t7whf8ejf.cloudfront.net dmmzkfd82wayn.cloudfront.net
6	vid.connatix.com	cd.connatix.com
6	www.gstatic.com	www.youtube.com www.gstatic.com
6	googleads.g.doubleclick.net	3 redirects www.youtube.com
6	api.tumblr.com	6 redirects
5	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	jnn-pa.googleapis.com	www.youtube.com
4	freychang.fun	d18g6t7whf8ejf.cloudfront.net dmmzkfd82wayn.cloudfront.net
3	pagead2.googlesyndication.com	srcdoc
3	securepubads.g.doubleclick.net	cd.connatix.com securepubads.g.doubleclick.net
3	api-public.addthis.com	s7.addthis.com
3	i.ytimg.com	www.youtube.com
3	yt3.ggpht.com	www.youtube.com
3	www.google.com	www.youtube.com
3	static.doubleclick.net	www.youtube.com
3	s7.addthis.com	www.tumgir.com s7.addthis.com
3	d18g6t7whf8ejf.cloudfront.net	www.tumgir.com shionismscol.xyz
2	cds.connatix.com	cd.connatix.com
2	accounts.google.com	www.tumgir.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	dmmzkfd82wayn.cloudfront.net	www.tumgir.com shionismscol.xyz
1	webpick-cdn.s3.amazonaws.com	d18g6t7whf8ejf.cloudfront.net
1	s0.2mdn.net	imasdk.googleapis.com
1	img.connatix.com
1	cd.connatix.com	1 redirects
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	lyjuster.xyz	mefagetobri.top
1	arderstartir.xyz	mefagetobri.top
1	mefagetobri.top	www.tumgir.com
1	www.facebook.com	www.tumgir.com
1	z.moatads.com	s7.addthis.com
1	video-serve.com	www.tumgir.com
1	cdnjs.cloudflare.com	www.tumgir.com
1	assets.tumblr.com	www.tumgir.com
1	www.googletagmanager.com	www.tumgir.com
1	fonts.googleapis.com	www.tumgir.com
189	44

This site contains links to these domains. Also see Links.

Domain
www.addthis.com

Subject Issuer	Validity	Valid
tumgir.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-29` - `2022-03-18`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.media.tumblr.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
video-serve.com Amazon	`2022-01-26` - `2023-02-24`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
shionismscol.xyz Amazon	`2022-02-23` - `2023-03-24`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-04` - `2022-03-04`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
mefagetobri.top R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
arderstartir.xyz Amazon	`2022-02-20` - `2023-03-21`	a year	crt.sh
lyjuster.xyz R3	`2022-02-20` - `2022-05-21`	3 months	crt.sh
*.connatix.com Amazon	`2022-01-04` - `2023-02-02`	a year	crt.sh
srvsynd.com R3	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.tumgir.com/tag/murderbot%20meme
Frame ID: A8A69A180E77D4AE1EA290C48BC56C23
Requests: 102 HTTP requests in this frame

Frame: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
Frame ID: 86EBAEE16F5EDF27B71B19455135F388
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
Frame ID: 4A62F32E7AE2B6BE850E17967E332D98
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
Frame ID: A460D6490B0FBD23C74373BA9FF56EE4
Requests: 18 HTTP requests in this frame

Frame: https://shionismscol.xyz/NTlJeFBUWyoVb1QEK14lR1V0XWJzHHs+NAQBLk4kAk4hHmhQUy9WM1lWPBw2R1YnDH5bXD1dYnMKKz0oRlsnLQB8TgAxA11eJTsWe3ceIGVjbhw+G39RcToXTUExMilgcQMrM3l1HRcbVFEuLRVjf3ErN3xsCBEkZ2oLORN5CA8eBUIJJjw8e3saEjdWeBtNAnpoADMVdFYlOTdGaxoSO3tsMR8Ue14cOxdkCDkgOV14GBYof2EMLhV6Thw5FWR0fjBgQXEROxlsankcM1NvMTkCYFVsShZ5Uj0wCHFKDzkVe2AoLmhGbA9NaHN/IToCYlUsIDhkWhk5fXR1CB87QHs+GxJmYX0JBwVjKyE8DGAcPmUNawgtNHJ6DDkDBVo/GQYAXA4pBVt6HAwYbXo6MhRnDQ0iBVlaGyloXnEuPQl2biUdG3BBHCE8TXgYLiQAbww6Hm1+JR0IUmAHMzcFWgE9PBALCzM8QX4eShpTbg81ClZobxIjWlc5RRt+SwATN3Z2Lw
Frame ID: FD76AA4FFC7FE582D98227EA65EF187A
Requests: 2 HTTP requests in this frame

Frame: https://shionismscol.xyz/TjZiOGsvVAFVVC8LAB4ePFpfHVkIE1B+D38OBQ4feUEKXlMrXAQWCCJZF1wNPFkMTEUgUxYdWQgPO1QDBGVSDCkATwFMCBxvGnQzFAQ0Ch93U1FMLgNcDVMiDHwOcgwlfS9AKhd7UVsEBltaHVkIeCNiBythUlEqNG8XXAYpfixRG3xQUmleAmUOQj0gAlt3Egt8OGsmemYgWxkHTC8PKTRkFGgCd1AsazI2fBUMWwVxVwAhCQcMXVk6ZwN/LnZ8FU9TBFwVATl8RldyPz5+A1YHeFAJQAQsfgV1OXxGV2goLXsAVlo7UDF6UisFEQo9CU4FWgU2ZS1sRiUBK18IOHohUwcNTxpLDh9eOllYe1oEbjl3U1FMBg1iIwEhJ3wqWQw+QwR+In5/IXkZHAQSDScNRSB1EhRfAwkpIX0LdVMKYjdLCSBBCWEzCFoEUxM9UAwNWRpxIA0JIE4xcxIpQi5AKjZUKlMiGAQWHVkMbDoJPihcGgpNJEUNVhtzWSB8OgZnGgEhCA
Frame ID: 1869883C8F96718A0C4003FAFFE5360D
Requests: 2 HTTP requests in this frame

Frame: https://shionismscol.xyz/Y0xrSXQCLggkSwJxCW8BESBWbEYlaVkPEA4hESISB3RZPhUaIkUqGAw5Dy8GDCIfZxoGOE57MgQYBnwOMn4MPTUxfAcfDgwELXpBMSotcDMAGikmNiINGAseVhgtLgcaHAwcHi0fJn0nIi9eDTwtKT0aTCkFKiU7OR1bLjA2eRIdHVsHLhFBAC0pJjAvDSUzNjF8BAodABYjMEAwAi4uMyogPiM1MicaCzcqHD0nMRYpWwswOSAbbEYhHgwYBSElBAs2Jw4lLzJXKCV5RVsUAAMOMSJeBSUiCiUvMlcJIC4uVxsHEwMoIR8qJRk4DiwfBxsIHxMVBAxkORUIPyI4Jh8MCzsIOCkLIlJ1PB9FFBQGPRcyfhgNPgsjDgVEUnQnHy4bGygAPCQPMQcSJXg+AxMQICofBA4bBX06JDYuAT0UODwqJ1Z/PSVFGR4FOS4xIh8OEA95PCoiBHUvMSEKCwItODIdPS0SNSAPKjJWIyx5QEUmGCYaE3EOAS4TJzs/PxU
Frame ID: DA5DA43620B00E43FFC2D2CB2456D4D7
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 3D28DF6B210CEE781A94819605F72875
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: CAC2E2E1B6FA6B32B5FE42602EDB51C3
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/151870/connatix.player.dc.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Frame ID: B8F4774135A08CC0E78CF40946C9B93D
Requests: 17 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Frame ID: A01E07E45B68FE7E24431DAF46A787A8
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Frame ID: A20D8AFBCC2E31D39247FB9B21B1E21E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Frame ID: 4848F3A3E8BC4053AE2755CD2208731E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DD6147D18B3B290443A2C509414AEA53
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 38A35B0D7FAA4A9E83778D485D015243
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 88FA301FD489683F004A2093FAA1FB03
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.tumgir.com/0b326f44-5957-4992-b846-e8f7aaa2dedf
Frame ID: 8A882D13B4670E213E9D5BF39570FC3E
Requests: 1 HTTP requests in this frame

Frame: https://webpick-cdn.s3.amazonaws.com/snapecaht.png
Frame ID: C2ED99A219A50784164E110D88C9605C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

#murderbot meme | Explore Tumblr Posts and Blogs | TumgirFacebookTwitterPrintEmailAddThisFacebookTwitterPrintEmailAddThis

Page URL History Show full URLs

http://www.tumgir.com/tag/murderbot%20meme HTTP 301
https://www.tumgir.com/tag/murderbot%20meme Page URL

Detected technologies

AddThis (Widgets) Expand

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

189
Requests

93 %
HTTPS

55 %
IPv6

29
Domains

44
Subdomains

39
IPs

3
Countries

10730 kB
Transfer

20731 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.tumgir.com/tag/murderbot%20meme HTTP 301
https://www.tumgir.com/tag/murderbot%20meme Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://api.tumblr.com/v2/blog/trugar.tumblr.com/avatar/128 HTTP 302
https://assets.tumblr.com/images/default_avatar/cone_open_128.png

Request Chain 29

https://api.tumblr.com/v2/blog/coolarkid.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/0725ccbb26a11b6fabd3bc282c8cd512/3f2c07c8cf60ef7a-2b/s128x128u_c1/93362ffdee35aac332511a785f2c66b8c13eae09.jpg

Request Chain 30

https://api.tumblr.com/v2/blog/dasha-on-line.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_c0baabdd22ba_128.png

Request Chain 31

https://api.tumblr.com/v2/blog/ibanuje.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/9f7323f55eb33d9336b618d17f7174c8/cd7790d02c95b9bf-dc/s128x128u_c1/9921628fccca1557117d8185fa166c2594b1e5e5.jpg

Request Chain 32

https://api.tumblr.com/v2/blog/kn-tss.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_37b8773f0893_128.png

Request Chain 33

https://api.tumblr.com/v2/blog/evelynxdvmxn.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_05fe19dfde02_128.png

Request Chain 85

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 87

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 103

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 131

https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398 HTTP 302
https://cds.connatix.com/p/151870/connatix.player.dc.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

189 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request murderbot%20meme Show response
www.tumgir.com/tag/
Redirect Chain

http://www.tumgir.com/tag/murderbot%20meme
https://www.tumgir.com/tag/murderbot%20meme

59 KB
12 KB

573ms
388ms

Document
text/html

167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 766ebb0d886ae6e1e4a67f6b54b6115281fa176a0d92084a50d7a9332d24b222

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 25 Feb 2022 13:31:17 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
ETag: W/"ea31-0hzRfs2Ug7jDCkxEz5u751kWms4"
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 25 Feb 2022 13:31:16 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.tumgir.com/tag/murderbot%20meme

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 141ms
54ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 12:59:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 25 Feb 2022 13:31:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Feb 2022 13:31:17 GMT

GET
H/1.1 200
OK styles.css
www.tumgir.com/static/css/ 24 KB
6 KB 96ms
96ms Stylesheet
text/css 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/css/styles.css
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 0f85f1c006c5789babc7f370e2a01245ce375406ab904ad99f0620d7821f50a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/murderbot%20meme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 25 Feb 2022 13:31:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 23 Feb 2022 17:54:49 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"5e27-17f27b8afb3"
Transfer-Encoding: chunked
Content-Type: text/css; charset=UTF-8
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sat, 25 Feb 2023 13:31:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 139ms
50ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134279593-1

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dcef44149ee72d9d57201c7a0144e3946a89bb72dda3bb73ed5276311854298c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37520
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Feb 2022 13:31:17 GMT

GET
H2 200 19fc9b35ba928ec7c29dd352722e4b621fe51c04.jpg
64.media.tumblr.com/79c60f2cb8ede2f8d719e467b81f070f/9f25313317727173-bb/s540x810/ 60 KB
60 KB 44ms
20ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/79c60f2cb8ede2f8d719e467b81f070f/9f25313317727173-bb/s540x810/19fc9b35ba928ec7c29dd352722e4b621fe51c04.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

46a95c4045e3d2125291d2e21fea0b3a737818068bfc91cc8d6b4f908312418a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Wed, 03 Mar 2021 01:23:05 GMT
server: nginx
x-frames: 1
etag: "14fd77820b34ba13530e5f06c363692b-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_79c60f2cb8ede2f8d719e467b81f070f_19fc9b35_540.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 61092

GET
H2 200 02993fb656ca971b369afb3903e657b0fa41c11d.png
64.media.tumblr.com/51ccc2860b6312903a2f68b8b4aef78d/3c6513be87a9e6e1-2d/s540x810/ 584 KB
585 KB 137ms
114ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/51ccc2860b6312903a2f68b8b4aef78d/3c6513be87a9e6e1-2d/s540x810/02993fb656ca971b369afb3903e657b0fa41c11d.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fb80a89668b10c6718f371cf79d63bb51acf15a003e4fde2ac048a99059b90e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Thu, 30 Dec 2021 00:40:12 GMT
server: nginx
x-frames: 1
etag: "d4fcac2a0e0bed96c8e18f1dbd95c300-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_51ccc2860b6312903a2f68b8b4aef78d_02993fb6_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 597799

GET
H2 200 ab94e44b1e794178ae6cde7f8a57356a8c16b5ff.png
64.media.tumblr.com/7e0318813f0844bbfe660ca0821f94e7/575ff7d97f974a8f-98/s540x810/ 95 KB
95 KB 30ms
6ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/7e0318813f0844bbfe660ca0821f94e7/575ff7d97f974a8f-98/s540x810/ab94e44b1e794178ae6cde7f8a57356a8c16b5ff.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f8820f80820bc3a3d86b738acac7be6d54d6ca13987cbdf7ad019dee6304b02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Wed, 02 Feb 2022 20:08:48 GMT
server: nginx
x-frames: 1
etag: "449c7514784dc8afd79b7c0ab3078629-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_7e0318813f0844bbfe660ca0821f94e7_ab94e44b_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 97088

GET
H2 200 4e64ae45aeeb863d1aea88af53cdb5b2918e337b.jpg
64.media.tumblr.com/ca528984ad4290e8b8d074764c0f2b65/466d0570fbae4cfb-26/s540x810/ 68 KB
68 KB 113ms
110ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/ca528984ad4290e8b8d074764c0f2b65/466d0570fbae4cfb-26/s540x810/4e64ae45aeeb863d1aea88af53cdb5b2918e337b.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

49cdabd47fb581dac64a09ed2fe82dca1f4bf6d8b37c70ce8797ea1435ff8de3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 2
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Fri, 26 Nov 2021 20:23:20 GMT
server: nginx
x-frames: 1
etag: "d347a734eb27b76216a5dd247e52ccf9-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_ca528984ad4290e8b8d074764c0f2b65_4e64ae45_540.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 69715

GET
H2 200 5cd113839970673e6da1dcfeaef7b70c96594760.png
64.media.tumblr.com/5661f08f316f7d3a9223d61e776dd594/a7e3b6adf4131d0c-95/s540x810/ 94 KB
94 KB 15ms
11ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/5661f08f316f7d3a9223d61e776dd594/a7e3b6adf4131d0c-95/s540x810/5cd113839970673e6da1dcfeaef7b70c96594760.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

394d5e98f3babca93058fc4d3faee7b9485d155a1131522737b451fa18be534a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Mon, 21 Jun 2021 22:39:03 GMT
server: nginx
x-frames: 1
etag: "dcb5eb8d49f3b8c5569749683247d3ba-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_5661f08f316f7d3a9223d61e776dd594_5cd11383_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 96361

GET
H2 200 c4481ac9a10c215d4442f35873445cb2d88bf8e8.jpg
64.media.tumblr.com/89b1b87223cf3401e2801b6e8068aedf/c42d3cd03e460f3e-7b/s540x810/ 68 KB
68 KB 114ms
111ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/89b1b87223cf3401e2801b6e8068aedf/c42d3cd03e460f3e-7b/s540x810/c4481ac9a10c215d4442f35873445cb2d88bf8e8.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3b9562b329ea0d9b6e1d16e1a02c006f7b0311a5af1165e0798a07585baeb024

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Sun, 21 Nov 2021 06:57:04 GMT
server: nginx
x-frames: 1
etag: "3fdec60603be78deedf1a757b39f36f6-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_89b1b87223cf3401e2801b6e8068aedf_c4481ac9_540.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 69745

GET
H2 200 e7ba1e13a0c2cb91c918d938384c13ea810cee86.png
64.media.tumblr.com/d3310951c2c18d76da7aae40e4749067/5d204b94d1decd02-0b/s540x810/ 27 KB
27 KB 113ms
110ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/d3310951c2c18d76da7aae40e4749067/5d204b94d1decd02-0b/s540x810/e7ba1e13a0c2cb91c918d938384c13ea810cee86.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

937cff9aebca1179570e209854cce0ec2987b73d0a523a3bace25b5c32567f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Mon, 10 Jan 2022 14:34:35 GMT
server: nginx
x-frames: 1
etag: "481340eb5d5904d35bb745375434c4ed-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_d3310951c2c18d76da7aae40e4749067_e7ba1e13_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 27550

GET
H2 200 ed95a415a3cc516446fa240be894ea361a397b29.png
64.media.tumblr.com/a7a22d268735dee431d249891d6991db/9773ff5fe5928258-d0/s540x810/ 225 KB
225 KB 115ms
112ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/a7a22d268735dee431d249891d6991db/9773ff5fe5928258-d0/s540x810/ed95a415a3cc516446fa240be894ea361a397b29.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e3f22095e4206f71c3b902d6b1fcc81ae3fcf4746ba470cf92bd6a8fdb02523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 2
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Sat, 25 Sep 2021 23:04:28 GMT
server: nginx
x-frames: 1
etag: "1e4ef1b72543449cebb4fc44ac1e3901-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_a7a22d268735dee431d249891d6991db_ed95a415_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 230004

GET
H2 200 6e6e7f16fb13916916aa1066972dd838358b1482.png
64.media.tumblr.com/ebae5cd057021aad465c30297ada85a4/964c354557cfee4f-10/s540x810/ 304 KB
305 KB 21ms
17ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/ebae5cd057021aad465c30297ada85a4/964c354557cfee4f-10/s540x810/6e6e7f16fb13916916aa1066972dd838358b1482.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bbd07ac7eee3ac14dfd5bf39873bd45cfb82581f6baff586d18249d3eeb05bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 2
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Sun, 28 Mar 2021 18:47:35 GMT
server: nginx
x-frames: 1
etag: "859cba0a873e950e2849bd9f2780b8ea-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_ebae5cd057021aad465c30297ada85a4_6e6e7f16_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 311745

GET
H2 200 23c64612a7c2005278a3e80cef49e74b9c4e8f54.jpg
64.media.tumblr.com/d155705588937b9c6251946df2834192/e72c391184524493-81/s500x750/ 48 KB
48 KB 15ms
12ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/d155705588937b9c6251946df2834192/e72c391184524493-81/s500x750/23c64612a7c2005278a3e80cef49e74b9c4e8f54.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7572814baf8cc90e1c7efbe78e8cd1da912f536b15e547d2e0165e4ad0caee3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Sat, 29 Jan 2022 00:01:44 GMT
server: nginx
x-frames: 1
etag: "9af607c458b4c0bfc96bb473330640f7-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_d155705588937b9c6251946df2834192_23c64612_500.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 49361

GET
H2 200 add323bf3901c4c6b71c355b583d2fc9b53ec01c.png
64.media.tumblr.com/237daac7f8f669d3db442aca3886d419/f2e381f2a0afc152-d0/s540x810/ 311 KB
311 KB 118ms
115ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/237daac7f8f669d3db442aca3886d419/f2e381f2a0afc152-d0/s540x810/add323bf3901c4c6b71c355b583d2fc9b53ec01c.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1a2d8668bd8513e6c798d670829efa6e912d069f1241a0a9b3037afe3df00795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Sun, 13 Dec 2020 20:59:47 GMT
server: nginx
x-frames: 1
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_237daac7f8f669d3db442aca3886d419_add323bf_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 318199

GET
H2 200 cd99eb9a48d287742012f536c3c4b9f81567e204.png
64.media.tumblr.com/af8baa2a91b63f47134d8e25d5a4b40e/f2e381f2a0afc152-d0/s540x810/ 99 KB
100 KB 250ms
247ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/af8baa2a91b63f47134d8e25d5a4b40e/f2e381f2a0afc152-d0/s540x810/cd99eb9a48d287742012f536c3c4b9f81567e204.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2dfcc437dd50333338bf639b34b9778566c9b960105aa0f50af680ca66a030ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Fri, 11 Dec 2020 18:13:36 GMT
server: nginx
x-frames: 1
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_af8baa2a91b63f47134d8e25d5a4b40e_cd99eb9a_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 101810

GET
H2 200 817459d33376944f114f2bf7a04a9b3ae90db97a.png
64.media.tumblr.com/ce76f47ac86ef6c55e204966dffbe908/f2e381f2a0afc152-54/s540x810/ 403 KB
404 KB 122ms
118ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/ce76f47ac86ef6c55e204966dffbe908/f2e381f2a0afc152-54/s540x810/817459d33376944f114f2bf7a04a9b3ae90db97a.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

984a33912d108639a1702ef6ae2ab796ad2c002c36f8f78a596d6fc389c2a9f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Thu, 10 Dec 2020 20:02:06 GMT
server: nginx
x-frames: 1
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_ce76f47ac86ef6c55e204966dffbe908_817459d3_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 412614

GET
H2 200 161d2e7004456e8ee1f4629d9afc67b072f0f6ad.png
64.media.tumblr.com/1b2aefa40793a94e11243bef4a3c21bc/f2e381f2a0afc152-2b/s540x810/ 577 KB
577 KB 121ms
118ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/1b2aefa40793a94e11243bef4a3c21bc/f2e381f2a0afc152-2b/s540x810/161d2e7004456e8ee1f4629d9afc67b072f0f6ad.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e2e59c9a7b15a405dd525cceff78570c65c21b616b6870c4130fe21270b5ecea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Fri, 11 Dec 2020 13:31:02 GMT
server: nginx
x-frames: 1
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_1b2aefa40793a94e11243bef4a3c21bc_161d2e70_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 590450

GET
H2 200 8f2f266aa8173ed98b63655180efe02f85ea49d1.jpg
64.media.tumblr.com/2e712c2675b5567b4d7517f18c43a6cf/f2e381f2a0afc152-72/s540x810/ 58 KB
58 KB 130ms
127ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/2e712c2675b5567b4d7517f18c43a6cf/f2e381f2a0afc152-72/s540x810/8f2f266aa8173ed98b63655180efe02f85ea49d1.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c0ca0100b546f4bcabf3a908458459d0c31c59e67f12168470ae72564eefe974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 4
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Mon, 14 Dec 2020 21:07:29 GMT
server: nginx
x-frames: 1
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_2e712c2675b5567b4d7517f18c43a6cf_8f2f266a_540.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 59062

GET
H2 200 cbd5c50aa3ed0bed422a5273c82c44355a4cd530.png
64.media.tumblr.com/3fda66de5ea46ecbcee7756c511e0fe6/f2e381f2a0afc152-60/s540x810/ 455 KB
456 KB 216ms
212ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/3fda66de5ea46ecbcee7756c511e0fe6/f2e381f2a0afc152-60/s540x810/cbd5c50aa3ed0bed422a5273c82c44355a4cd530.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ef3b58dd750c240990c38e4bbfef456d3c8c2a5de0fcc4a0615cbaff797a22bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Sun, 13 Dec 2020 15:13:29 GMT
server: nginx
x-frames: 1
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_3fda66de5ea46ecbcee7756c511e0fe6_cbd5c50a_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 465940

GET
H2 200 8643bc85da2c6a48847ed718ea1a847c1547ec18.png
64.media.tumblr.com/e9be4b18acb406999e05978ab76dad1c/f2e381f2a0afc152-80/s540x810/ 287 KB
288 KB 209ms
206ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/e9be4b18acb406999e05978ab76dad1c/f2e381f2a0afc152-80/s540x810/8643bc85da2c6a48847ed718ea1a847c1547ec18.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6d9454ab0e661b595fb38dccdee04be48191af90a0d607bff9c6f7d6dc72fb32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Sat, 12 Dec 2020 16:46:26 GMT
server: nginx
x-frames: 1
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_e9be4b18acb406999e05978ab76dad1c_8643bc85_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 294092

GET
H2 200 23df4f04682631f9cd322c9439c2b9b4cdf61b66.png
64.media.tumblr.com/8850a02e6cd0e094b4c0978afd9d6199/f2e381f2a0afc152-ec/s540x810/ 247 KB
248 KB 216ms
213ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/8850a02e6cd0e094b4c0978afd9d6199/f2e381f2a0afc152-ec/s540x810/23df4f04682631f9cd322c9439c2b9b4cdf61b66.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f232bb105089375f756c7ba1e05100d5736863cace604114aabe4e37bbaa6120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 2
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Sat, 12 Dec 2020 06:47:50 GMT
server: nginx
x-frames: 1
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_8850a02e6cd0e094b4c0978afd9d6199_23df4f04_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 253011

GET
H2 200 933946ee52384d9491ba8ab184f9b9540ccdb44d.jpg
64.media.tumblr.com/87080e79b0873b00ad8429a81513c4c4/073dfa9fe0d738a3-fb/s500x750/ 53 KB
54 KB 120ms
117ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/87080e79b0873b00ad8429a81513c4c4/073dfa9fe0d738a3-fb/s500x750/933946ee52384d9491ba8ab184f9b9540ccdb44d.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

aace7732faadf60618fa7629c08491b0356a0f1ee228f179f245b55cacf2a8d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Tue, 14 Dec 2021 01:49:48 GMT
server: nginx
x-frames: 1
etag: "26d1eabd3cd95d1ed6d4ee561c2c1ad2-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_87080e79b0873b00ad8429a81513c4c4_933946ee_500.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 54645

GET
H2 200 1e7027e5c9ce3ee8b3b954e01ff94040b899bf56.jpg
64.media.tumblr.com/4258c894ffc1934e19688a7678cdd3cc/3dce4b9258510341-eb/s540x810/ 47 KB
47 KB 119ms
116ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/4258c894ffc1934e19688a7678cdd3cc/3dce4b9258510341-eb/s540x810/1e7027e5c9ce3ee8b3b954e01ff94040b899bf56.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

424bd37035c5a2a5f1a75ab842e92068407aaa0938b52dc1eba785086eec9b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 2
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Tue, 28 Dec 2021 09:12:52 GMT
server: nginx
x-frames: 1
etag: "74f8e6d87ee54b5b45323d972e79b7d5-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_4258c894ffc1934e19688a7678cdd3cc_1e7027e5_540.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 48254

GET
H2 200 620a2e52691ce936975b8238774e0f90798eb6bb.png
64.media.tumblr.com/60cd29d70534b686b78a77e901687e36/bd4bda708c599b20-8c/s540x810/ 388 KB
389 KB 247ms
244ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/60cd29d70534b686b78a77e901687e36/bd4bda708c599b20-8c/s540x810/620a2e52691ce936975b8238774e0f90798eb6bb.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

650b59c0bf60db5ae7691e3597ddd22684dc3bcc534754e0485ce4a8c2cee9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Wed, 28 Apr 2021 23:00:41 GMT
server: nginx
x-frames: 1
etag: "3a36d212ec3e16b1e679d834ab28b7d8-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_60cd29d70534b686b78a77e901687e36_620a2e52_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 397662

GET
H2 200 e5507e358940cce4895ef4e2645fe26c067569ed.png
64.media.tumblr.com/94f5a004c587b1be78434671b176417b/bd4bda708c599b20-9d/s540x810/ 173 KB
173 KB 218ms
215ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/94f5a004c587b1be78434671b176417b/bd4bda708c599b20-9d/s540x810/e5507e358940cce4895ef4e2645fe26c067569ed.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

56b1031801c8ef12d5795d84373311bde8447b202306103fd96357ff44d5bfff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Wed, 28 Apr 2021 21:26:33 GMT
server: nginx
x-frames: 1
etag: "87869a1cee010fbda2fe501665f2e459-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_94f5a004c587b1be78434671b176417b_e5507e35_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 176997

GET
H2 200 a4acdd094d5e2ddd9218b57b0b4ce7f07c8b7680.png
64.media.tumblr.com/79693f988c0753314b1afee0fbe5d7a3/bd4bda708c599b20-60/s540x810/ 18 KB
18 KB 117ms
114ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/79693f988c0753314b1afee0fbe5d7a3/bd4bda708c599b20-60/s540x810/a4acdd094d5e2ddd9218b57b0b4ce7f07c8b7680.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f24b5c2339c8398244242d762ec9c69c47d668f97e1798ca8909bca5c3a9ed61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Sun, 13 Dec 2020 17:21:19 GMT
server: nginx
x-frames: 1
etag: "e12b0f55e677c4f53d40a915f8425f96-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_79693f988c0753314b1afee0fbe5d7a3_a4acdd09_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 18740

GET
H2 200 6c6ef9fd81252acfee790d69a9e6ec37fb0b1931.png
64.media.tumblr.com/96e81190a1d3627f353368ba88e3188d/bd4bda708c599b20-bf/s250x250_c1/ 37 KB
37 KB 117ms
114ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/96e81190a1d3627f353368ba88e3188d/bd4bda708c599b20-bf/s250x250_c1/6c6ef9fd81252acfee790d69a9e6ec37fb0b1931.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1dfa4109b7d02cb8ef705041fad8100c87c9a83c539d0dcbca191feac2ecfc5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 2
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Wed, 28 Apr 2021 23:05:58 GMT
server: nginx
x-frames: 1
etag: "4612bd8d7d8b887e4cbe68fdcaa3fb74-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_96e81190a1d3627f353368ba88e3188d_6c6ef9fd_250.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 37631

GET
H2 200 382ff7d6928455b296522b60323965797243492e.gifv
64.media.tumblr.com/9ee66a34404685281dc1fab605060f45/bd4bda708c599b20-be/s400x600/ 422 KB
422 KB 218ms
215ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/9ee66a34404685281dc1fab605060f45/bd4bda708c599b20-be/s400x600/382ff7d6928455b296522b60323965797243492e.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f65db3ab166b832e05280301d6710c2c065efcabde9896482c5a91c836f0d927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:17 GMT
vary: Accept
content-disposition: inline; filename="tumblr_9ee66a34404685281dc1fab605060f45_382ff7d6_400.webp"
strict-transport-security: max-age=31536000; preload
content-length: 431764
x-nc: MISS hhn 3
last-modified: Wed, 28 Apr 2021 13:20:07 GMT
server: nginx
etag: "8225c144c907d6c0fd626a6fa6c29998-1523937600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

cone_open_128.png
assets.tumblr.com/images/default_avatar/
Redirect Chain

https://api.tumblr.com/v2/blog/trugar.tumblr.com/avatar/128
https://assets.tumblr.com/images/default_avatar/cone_open_128.png

4 KB
4 KB

65ms
18ms

Image
image/png

192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.tumblr.com/images/default_avatar/cone_open_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

4097edffdaf025b488126918156cc789a86c268ae98433148300a227048489c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Sun, 01 Nov 2020 05:26:35 GMT
server: nginx
etag: "5f9e470b-e7d"
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
timing-allow-origin: *
content-length: 3709
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Fri, 25 Feb 2022 13:31:17 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://assets.tumblr.com/images/default_avatar/cone_open_128.png#_=_
x-rid: 254874f8329abb92c3b1f2839afaf9f7
content-type: application/json
content-length: 131
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

93362ffdee35aac332511a785f2c66b8c13eae09.jpg
64.media.tumblr.com/0725ccbb26a11b6fabd3bc282c8cd512/3f2c07c8cf60ef7a-2b/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/coolarkid.tumblr.com/avatar/128
https://64.media.tumblr.com/0725ccbb26a11b6fabd3bc282c8cd512/3f2c07c8cf60ef7a-2b/s128x128u_c1/93362ffdee35aac332511a785f2c66b8c13eae09.jpg

4 KB
4 KB

110ms
109ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/0725ccbb26a11b6fabd3bc282c8cd512/3f2c07c8cf60ef7a-2b/s128x128u_c1/93362ffdee35aac332511a785f2c66b8c13eae09.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e0dc8f37b244aa51d761e8bb39b88857cbbcaa7fb6944333b49ecbebd58c7fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Thu, 10 Dec 2020 16:05:49 GMT
server: nginx
x-frames: 1
etag: "cc3cc0b49e7c2d1b1781b6e38a27f9ab-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_0725ccbb26a11b6fabd3bc282c8cd512_93362ffd_128.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 4316

Redirect headers

date: Fri, 25 Feb 2022 13:31:17 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/0725ccbb26a11b6fabd3bc282c8cd512/3f2c07c8cf60ef7a-2b/s128x128u_c1/93362ffdee35aac332511a785f2c66b8c13eae09.jpg#_=_
x-rid: 48723aad3a35a26cf18848313ce75f50
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

avatar_c0baabdd22ba_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/dasha-on-line.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_c0baabdd22ba_128.png

7 KB
7 KB

109ms
109ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_c0baabdd22ba_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

dad9a6292a5538b27565dfb80a75a1fbbcaf4aef9bd291b2daa701a12c956eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 4
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Wed, 12 Jul 2017 09:58:26 GMT
server: nginx
x-frames: 1
etag: "22d5f8958185cf76af1212bdababa0b6-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-disposition: inline; filename="avatar_c0baabdd22ba_128.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 6996

Redirect headers

date: Fri, 25 Feb 2022 13:31:17 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_c0baabdd22ba_128.png#_=_
x-rid: c96dcdb3df288c661723985d30730719
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

9921628fccca1557117d8185fa166c2594b1e5e5.jpg
64.media.tumblr.com/9f7323f55eb33d9336b618d17f7174c8/cd7790d02c95b9bf-dc/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/ibanuje.tumblr.com/avatar/128
https://64.media.tumblr.com/9f7323f55eb33d9336b618d17f7174c8/cd7790d02c95b9bf-dc/s128x128u_c1/9921628fccca1557117d8185fa166c2594b1e5e5.jpg

4 KB
4 KB

6ms
6ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/9f7323f55eb33d9336b618d17f7174c8/cd7790d02c95b9bf-dc/s128x128u_c1/9921628fccca1557117d8185fa166c2594b1e5e5.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

266c698922388723ec8fe73e4467331688fa88957dbfbcf9d4e26d26de037b9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Wed, 16 Dec 2020 18:22:21 GMT
server: nginx
x-frames: 1
etag: "1383773b2b4b59673008d1042e871144-1498089600-66c08dc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_9f7323f55eb33d9336b618d17f7174c8_9921628f_128.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 3816

Redirect headers

date: Fri, 25 Feb 2022 13:31:17 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/9f7323f55eb33d9336b618d17f7174c8/cd7790d02c95b9bf-dc/s128x128u_c1/9921628fccca1557117d8185fa166c2594b1e5e5.jpg#_=_
x-rid: b870cf76ee05051bc838e8a8152f69e0
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

avatar_37b8773f0893_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/kn-tss.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_37b8773f0893_128.png

21 KB
21 KB

7ms
7ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_37b8773f0893_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

398cb62528d3b81e952c39fa96eef8055cc1493e20a1bcf8a45193ab00644214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Tue, 15 Dec 2020 12:31:20 GMT
server: nginx
x-frames: 1
etag: "de43b7184f56083c7ab72c336c851f0b-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-disposition: inline; filename="avatar_37b8773f0893_128.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 21652

Redirect headers

date: Fri, 25 Feb 2022 13:31:17 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_37b8773f0893_128.png#_=_
x-rid: 95582ffce6eefb058999f5865934695d
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

avatar_05fe19dfde02_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/evelynxdvmxn.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_05fe19dfde02_128.png

11 KB
11 KB

114ms
114ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_05fe19dfde02_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

78755b5d8cc0087f31506e43d970ae282baec0e797f792fe90851d3a2b62a8dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc: MISS hhn 4
date: Fri, 25 Feb 2022 13:31:17 GMT
last-modified: Thu, 03 Dec 2020 14:50:12 GMT
server: nginx
x-frames: 1
etag: "c224243de5f82aa57202b2635a12aadb-1498089600-81b500b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-disposition: inline; filename="avatar_05fe19dfde02_128.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 10827

Redirect headers

date: Fri, 25 Feb 2022 13:31:17 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_05fe19dfde02_128.png#_=_
x-rid: c9a0c01a9f1a6ebd13e04265dcb3a461
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 46ms
26ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 671527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
timing-allow-origin: *
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pq2%2F8FVBnYY1ekA%2FVwOjS0uqULS4oWUXmrX5%2FtFAliENvtZAKnmvMfqo6qtENMQEtHPz1LUxceyxDnemgx2SOmzLSXfa%2FFtBKXmyma28pzKjOVhywJeyzkh%2BU1mpZkmSTsZ4%2FwSSi3dryhxchzigc%2BUx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e314b09cd376945-FRA
expires: Wed, 15 Feb 2023 13:31:17 GMT

GET
H/1.1 200
OK navbar.js Show response
www.tumgir.com/static/js/ 469 B
868 B 94ms
94ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/navbar.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: ae1b9abbb61470260e103684bbd81cc23d3e69a1e9db92ef899dd539e0c9da15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/murderbot%20meme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 25 Feb 2022 13:31:17 GMT
Last-Modified: Thu, 17 Feb 2022 15:14:11 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"1d5-17f083f77d2"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 469
Expires: Sat, 25 Feb 2023 13:31:17 GMT

GET
H/1.1 200
OK sticky-sidebar.js Show response
www.tumgir.com/static/js/ 2 KB
1018 B 189ms
97ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/sticky-sidebar.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: aefa123ab4be4509c6970cb9a064c1031ed5ec6fae270e7c256b7a0826fa21f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/murderbot%20meme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 25 Feb 2022 13:31:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 17 Feb 2022 15:14:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"7e3-17f083f4e64"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sat, 25 Feb 2023 13:31:17 GMT

GET
H/1.1 200
OK tag.js Show response
www.tumgir.com/static/js/ 1 KB
1 KB 303ms
122ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/tag.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 0b926af2a7034742180dd7cd0cfa3b7bef72e49909fc7d88933f7e0364595a7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/murderbot%20meme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 25 Feb 2022 13:31:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 17 Feb 2022 15:14:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"575-17f083f4dcf"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sat, 25 Feb 2023 13:31:17 GMT

GET
H/1.1 200
OK notes.js Show response
www.tumgir.com/static/js/ 544 B
943 B 282ms
95ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/notes.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 79d0a037047a98fc9e0348e4bfa35789aa14d62cf80972bf3aac26f7a5b1a862

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/murderbot%20meme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 25 Feb 2022 13:31:17 GMT
Last-Modified: Thu, 17 Feb 2022 15:14:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"220-17f083f4e4e"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 544
Expires: Sat, 25 Feb 2023 13:31:17 GMT

GET
H/1.1 200
OK visit-blog.js Show response
www.tumgir.com/static/js/ 206 B
604 B 283ms
94ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/static/js/visit-blog.js?v=202112270023
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 2bc27aa5c9ce50f4f36f5cebcc828b69ba4abe70e81c796dc400f22a749cd298

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/murderbot%20meme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 25 Feb 2022 13:31:17 GMT
Last-Modified: Thu, 17 Feb 2022 15:14:05 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"ce-17f083f5ed3"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 206
Expires: Sat, 25 Feb 2023 13:31:17 GMT

GET
H/1.1 200
OK sw.js Show response
www.tumgir.com/ 100 KB
38 KB 344ms
188ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/sw.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 8c382d76b7f3c936b789e587ff26a8383cb504a1b7c7f6183f80a45d2a464c9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/murderbot%20meme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 25 Feb 2022 13:31:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sun, 19 Dec 2021 23:24:49 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"190ed-17dd50319be"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sat, 25 Feb 2023 13:31:17 GMT

GET
H2 200 / Show response
d18g6t7whf8ejf.cloudfront.net/ 252 KB
77 KB 229ms
170ms Script
text/plain 18.66.92.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-180.fra56.r.cloudfront.net
Software: /
Resource Hash: 5b7dfd880a6752132420cbc441b66fd32302a603c4b8c694e31c6ec5a62eae70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 13:31:17 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 78864
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-id: lu1SPmb7fiJVW26qPGVCm6O5RopFe3RRcU3X8J93ZPDbvKIzl4Y6Dw==

GET
H2 200 / Show response
dmmzkfd82wayn.cloudfront.net/ 250 KB
81 KB 313ms
230ms Script
text/plain 2600:9000:225f:dc00:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:dc00:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5859fa3632d55b480f7cab040f9a70fc6afea8b4689fadb133da51436c003db0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 13:31:17 GMT
content-encoding: gzip
x-amz-cf-pop: TXL50-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 82667
via: 1.1 2a449514cebabcf6ab64b86d6a229cfe.cloudfront.net (CloudFront)
x-amz-cf-id: 7SG0KWNqGaDmlKN9NM2kTVu8gqoYyPhOcw6k1MpaPLKuhXESOLS5HQ==

GET
H2 200 vidjs Show response
video-serve.com/ 1 KB
1 KB 252ms
149ms Script
application/json 205.251.219.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video-serve.com/vidjs?tid=947040
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.251.219.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-205-251-219-103.arn1.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 793d8ae8be17ac602c3d0839bee5021086493b18d069152781f46e60f45b1310

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 13:31:17 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: ARN1-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-type: application/json
content-length: 670
via: 1.1 8556a7e6f097b43ef38a15da76d83874.cloudfront.net (CloudFront)
x-amz-cf-id: ePlMLd0dpyecgRoMhHSFBmrx8NF7yOjMS54x3VtZ_fgNQsQtKriXdg==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 279ms
9ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Fri, 25 Feb 2022 13:31:17 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 GLgh9h2ePYw Show response
www.youtube.com/embed/ Frame 86EB 59 KB
26 KB 172ms
88ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0dde4afa866fce6f6329dc60ea8484c40eadab0f132cc37ff067749cd410cbaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Feb 2022 13:31:17 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 S9tKwSboJeg Show response
www.youtube.com/embed/ Frame 4A62 59 KB
25 KB 226ms
142ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d62cf0e6b7bbec5f55abc26eeb0286065effac88db5a713fe32c81d02a3d1d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Feb 2022 13:31:17 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Zn551Ymh-kM Show response
www.youtube.com/embed/ Frame A460 60 KB
26 KB 205ms
123ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efc7f27279f1c7582852d15cd287e855313131e69bfb4e0b2091b7473f546a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Feb 2022 13:31:17 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 www-player.css
www.youtube.com/s/player/450209b9/ Frame 86EB 337 KB
46 KB 67ms
67ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0777f3e0b8c0e29c02a500177bbe474c4cfa34f6427eece68a06f275d3a0f446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47098
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 86EB 15 KB
16 KB 126ms
38ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 267192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 11:18:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134279593-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5185
date: Fri, 25 Feb 2022 12:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 25 Feb 2022 14:04:52 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/450209b9/www-embed-player.vflset/ Frame 86EB 276 KB
85 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

794a3ac206f04961903d93cc7e73eff6c4bd0f82ea958c1d439018a54e743441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86481
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:16 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/ Frame 86EB 2 MB
539 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

504a4d6cc789f4dcf195e41badf63ac193a15508e2fa6bb74be4a42d019091a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551539
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:16 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/450209b9/fetch-polyfill.vflset/ Frame 86EB 10 KB
3 KB 102ms
102ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:16 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/450209b9/ Frame A460 337 KB
46 KB 131ms
131ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0777f3e0b8c0e29c02a500177bbe474c4cfa34f6427eece68a06f275d3a0f446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47098
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A460 15 KB
15 KB 112ms
49ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 267192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 11:18:05 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/450209b9/www-embed-player.vflset/ Frame A460 276 KB
85 KB 132ms
130ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

794a3ac206f04961903d93cc7e73eff6c4bd0f82ea958c1d439018a54e743441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86481
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:16 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/ Frame A460 2 MB
539 KB 139ms
138ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

504a4d6cc789f4dcf195e41badf63ac193a15508e2fa6bb74be4a42d019091a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551539
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:16 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/450209b9/fetch-polyfill.vflset/ Frame A460 10 KB
3 KB 144ms
144ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:16 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/450209b9/ Frame 4A62 337 KB
46 KB 143ms
140ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0777f3e0b8c0e29c02a500177bbe474c4cfa34f6427eece68a06f275d3a0f446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47098
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4A62 15 KB
15 KB 124ms
81ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 267192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 11:18:05 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/450209b9/www-embed-player.vflset/ Frame 4A62 276 KB
84 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

794a3ac206f04961903d93cc7e73eff6c4bd0f82ea958c1d439018a54e743441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86481
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:16 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/ Frame 4A62 2 MB
539 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

504a4d6cc789f4dcf195e41badf63ac193a15508e2fa6bb74be4a42d019091a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551539
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:16 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/450209b9/fetch-polyfill.vflset/ Frame 4A62 10 KB
3 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:16 GMT

GET
H2 200 / Show response
freychang.fun/ 15 B
349 B 167ms
131ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49111b262076e23277435bb35f9b872e33f4b0f82452ee8fc9f60a77c6faa7e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvO2uS3g9sTnq9%2FbLCk3RmTmZ6f4dpZhZ9DDgmQN5Lh5PLEtPAh93ZHuBx7Kjev2ByGKKlrD9B2fKDyXVVWhpLG%2BN9ou3Ocf%2FcevSFuEajgqjW1R0uyplhUgj4PjtEBM1mFTzefC8GriW%2Bnk"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6e314b0c392d91d5-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
shionismscol.xyz/ 0
489 B 137ms
104ms XHR
text/plain 108.157.4.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shionismscol.xyz/utx?cb=gO6jcfg3kxg8&top=www.tumgir.com&tid=852974
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-74.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 13:31:17 GMT
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: v1krPzZWhdOCoapT5Mp_tHSfHXbFoZeSFUpx4Oen_3M09-yyAHn0Zg==

GET
H2 200 GQYAXA4pBVt6HAwYbXo6MhRnDQ0iBVlaGyloXnEuPQl2biUdG3BBHCE8TXgYLiQAbww6Hm1+JR0IUmAHMzcFWgE9PBALCzM8QX4eShpTbg81ClZobxIjWlc5RRt+SwATN3Z2Lw Show response
shionismscol.xyz/NTlJeFBUWyoVb1QEK14lR1V0XWJzHHs+NAQBLk4kAk4hHmhQUy9WM1lWPBw2R1YnDH5bXD1dYnMKKz0oRlsnLQB8TgAxA11eJTsWe3ceIGVjbhw+G39RcToXTUExMilgcQMrM3l1HRcbVFEuLRVjf3ErN3xsCBEkZ2oLORN5CA8eBUIJJjw8... Frame FD76 3 KB
2 KB 125ms
104ms Document
text/html 108.157.4.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shionismscol.xyz/NTlJeFBUWyoVb1QEK14lR1V0XWJzHHs+NAQBLk4kAk4hHmhQUy9WM1lWPBw2R1YnDH5bXD1dYnMKKz0oRlsnLQB8TgAxA11eJTsWe3ceIGVjbhw+G39RcToXTUExMilgcQMrM3l1HRcbVFEuLRVjf3ErN3xsCBEkZ2oLORN5CA8eBUIJJjw8e3saEjdWeBtNAnpoADMVdFYlOTdGaxoSO3tsMR8Ue14cOxdkCDkgOV14GBYof2EMLhV6Thw5FWR0fjBgQXEROxlsankcM1NvMTkCYFVsShZ5Uj0wCHFKDzkVe2AoLmhGbA9NaHN/IToCYlUsIDhkWhk5fXR1CB87QHs+GxJmYX0JBwVjKyE8DGAcPmUNawgtNHJ6DDkDBVo/GQYAXA4pBVt6HAwYbXo6MhRnDQ0iBVlaGyloXnEuPQl2biUdG3BBHCE8TXgYLiQAbww6Hm1+JR0IUmAHMzcFWgE9PBALCzM8QX4eShpTbg81ClZobxIjWlc5RRt+SwATN3Z2Lw
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-74.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: fdb74b81e033338cbb6acd5d5d6f73dfcd1a677c74c5c11ffbbb350ef7784ec3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

content-type: text/html
content-length: 1227
date: Fri, 25 Feb 2022 13:31:17 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: aYYuRlGQDUimpeML-B7lhEDRZcpUuviKD4yPCcu3Jrn8KjYNc-De6g==

GET
H2 200 / Show response
freychang.fun/ 16 B
702 B 141ms
122ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2069f8c0ff0366996c9a35799bfca3e7d51e880ca8841b27e4067657848b9b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hThgRFNAgOZa1QNtsNUT1melWVTbyaS6Uf6EXAiOJtAjKzychthzrII60iHsi%2B6x46dyOHCK4KHds%2FYmTIeHx1X%2FiK40mTv69mxbOh06ueAS7CPDpndkmOoMej6tGFyK8runQXxwEsoXPOdn"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6e314b0c393491d5-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
shionismscol.xyz/ 0
489 B 212ms
194ms XHR
text/plain 108.157.4.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shionismscol.xyz/utx?cb=vX9zY1ueNjaL&top=www.tumgir.com&tid=853405
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-74.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 13:31:17 GMT
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: _ouTCWzKl-qlrIHXbEt2EEzNuS7-iEu684kuLy-BYE7gcvhR58j2Rg==

GET
H2 200 IXkZHAQSDScNRSB1EhRfAwkpIX0LdVMKYjdLCSBBCWEzCFoEUxM9UAwNWRpxIA0JIE4xcxIpQi5AKjZUKlMiGAQWHVkMbDoJPihcGgpNJEUNVhtzWSB8OgZnGgEhCA Show response
shionismscol.xyz/TjZiOGsvVAFVVC8LAB4ePFpfHVkIE1B+D38OBQ4feUEKXlMrXAQWCCJZF1wNPFkMTEUgUxYdWQgPO1QDBGVSDCkATwFMCBxvGnQzFAQ0Ch93U1FMLgNcDVMiDHwOcgwlfS9AKhd7UVsEBltaHVkIeCNiBythUlEqNG8XXAYpfixRG3xQUmle... Frame 1869 3 KB
2 KB 114ms
105ms Document
text/html 108.157.4.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shionismscol.xyz/TjZiOGsvVAFVVC8LAB4ePFpfHVkIE1B+D38OBQ4feUEKXlMrXAQWCCJZF1wNPFkMTEUgUxYdWQgPO1QDBGVSDCkATwFMCBxvGnQzFAQ0Ch93U1FMLgNcDVMiDHwOcgwlfS9AKhd7UVsEBltaHVkIeCNiBythUlEqNG8XXAYpfixRG3xQUmleAmUOQj0gAlt3Egt8OGsmemYgWxkHTC8PKTRkFGgCd1AsazI2fBUMWwVxVwAhCQcMXVk6ZwN/LnZ8FU9TBFwVATl8RldyPz5+A1YHeFAJQAQsfgV1OXxGV2goLXsAVlo7UDF6UisFEQo9CU4FWgU2ZS1sRiUBK18IOHohUwcNTxpLDh9eOllYe1oEbjl3U1FMBg1iIwEhJ3wqWQw+QwR+In5/IXkZHAQSDScNRSB1EhRfAwkpIX0LdVMKYjdLCSBBCWEzCFoEUxM9UAwNWRpxIA0JIE4xcxIpQi5AKjZUKlMiGAQWHVkMbDoJPihcGgpNJEUNVhtzWSB8OgZnGgEhCA
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-74.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 29f9fbd17e787e75b7ab130fb31598bc2587548455a20c43b41367d25f03d9e7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

content-type: text/html
content-length: 1228
date: Fri, 25 Feb 2022 13:31:17 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: P3rSBIXHOg_WVAHsAmEwPqkv7yu_IYT4lqCRdC6G6MNrzBAsaaMoJw==

GET
H2 204 cFcOW3x8VQ5VfX0
ndollarhe.com/YjliSURNBgE6eQBDCgMQJnsBCipXASEfHSBfUS4OOmgWcSAjfEQ9LQYEWnx2Ww5WbzQLXV96dkRKFigwF0pfeGILVwQmeURPX3lqWhdUZ3ZETF94YhZJAy55Ux8SPTAOBFN/ 0
252 B 205ms
150ms Image
text/plain 2606:4700:3034::6815:3895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndollarhe.com/YjliSURNBgE6eQBDCgMQJnsBCipXASEfHSBfUS4OOmgWcSAjfEQ9LQYEWnx2Ww5WbzQLXV96dkRKFigwF0pfeGILVwQmeURPX3lqWhdUZ3ZETF94YhZJAy55Ux8SPTAOBFN/cFcOW3x8VQ5VfX0
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3895 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhOgb9XzOzRzlzOOuX9GMEeP1HZ6h0unsML899TF0DppMktIXnhpYFNReLzZfVFZeOis4WFN4h2Oes2hv0qMagCf28TQfrRFEZ3EUDGWYwoKw6MpO5AVRm0UaAp%2F7eRv9IbuMXJ467VBCeb2"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6e314b0c788a9066-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 MTNmUUgeDAUidVR7ChcsZHUqAnt7dQMUDnBQVhd8YlgWJhxpckAlIVUOXmR6CARSdzhYV1tiehdAEjA8REBbY3gBBEA4JldcW2NuRw5Wf3AfBUhjbkQOV3c8QVIBbHkXQxIlJAwCUGV9BgpTaX8GBFNg
ndollarhe.com/ 0
491 B 159ms
105ms Image
text/plain 2606:4700:3034::6815:3895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndollarhe.com/MTNmUUgeDAUidVR7ChcsZHUqAnt7dQMUDnBQVhd8YlgWJhxpckAlIVUOXmR6CARSdzhYV1tiehdAEjA8REBbY3gBBEA4JldcW2NuRw5Wf3AfBUhjbkQOV3c8QVIBbHkXQxIlJAwCUGV9BgpTaX8GBFNg
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3895 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggI%2FFkWAa3C8iFn5TWh0o33FbE5ErcaYV9Ddv0FUdw7V%2BSqYmXxPi0jd8cKIP%2FSsmeWDUSMrSzwANYJldEC6Jr3Q1TkA745V2iaH7b%2Bvg%2FuCmAeq5eMpOy7GQBSSNYmmmQcI38AUSccD6kRn"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6e314b0c788d9066-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 d3IydEJYTVEHfzo1Rg4bGTtxISk1I2EDJiMgdDYGNjR4PxUcNxQAKxNPCkFxQ0IHUjIeFg9Ge1EBRhU2AgEPRWQeHFQbf1EED0VsR1wHQ2xHVEdJc1EGQhUlSkMUBDYDHg9FdENHBU13T0UFQ3RA
ndollarhe.com/ 0
253 B 159ms
105ms Image
text/plain 2606:4700:3034::6815:3895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndollarhe.com/d3IydEJYTVEHfzo1Rg4bGTtxISk1I2EDJiMgdDYGNjR4PxUcNxQAKxNPCkFxQ0IHUjIeFg9Ge1EBRhU2AgEPRWQeHFQbf1EED0VsR1wHQ2xHVEdJc1EGQhUlSkMUBDYDHg9FdENHBU13T0UFQ3RA
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3895 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNM8W3hVlKp1gin%2BgpXTmGMxdMG1lkxlgk%2FjuTokek1WGWNyRMOMlt7hysP92Xl%2B7jfMNB2Ig6Hs642xTpL9hsMoP4VmPmVaBXr9i5dTasNzezfl3p7yiHUYmJ934GF2ukO5kYpVsu4d4rfl"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6e314b0c788f9066-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 96ms
47ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1244458086&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fmurderbot%2520meme&ul=en-us&de=UTF-8&dt=%23murderbot%20meme%20%7C%20Explore%20Tumblr%20Posts%20and%20Blogs%20%7C%20Tumgir&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1146043254&gjid=1747307724&cid=1120401997.1645795878&tid=UA-134279593-1&_gid=1006225116.1645795878&_r=1&gtm=2ou2n0&z=440667595

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 13:31:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 143ms
71ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:17 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7184
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 / Show response
freychang.fun/ 15 B
365 B 115ms
114ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26ac7fe4b417bb8b7c9b944185ab84dd8a11f333a792bc422d39e00bd563eecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5STYxCQbuwz1iYL1xb7Vz6pqiSgjQ3effQ6stvXtzJvtNzmubTiJLa0dD7Y67s2T2XoHh6%2BrjDQ8A8M3tBlVYXSLqbspU4qR4ROL4J78jSPplGLmOAPevHhZDBsp6DSgJmKzpTl0kFASMwB3"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6e314b0cda9c91d5-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
shionismscol.xyz/ 0
488 B 104ms
103ms XHR
text/plain 108.157.4.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shionismscol.xyz/utx?cb=XiU4nk1y0Xa1&top=www.tumgir.com&tid=921528
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-74.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 13:31:17 GMT
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: s8YpRxizsPeMi1L044qcTfdQZtmCj2PEbHFLgp-_Fglhhtwu_XogrA==

GET
H2 200 PxU Show response
shionismscol.xyz/Y0xrSXQCLggkSwJxCW8BESBWbEYlaVkPEA4hESISB3RZPhUaIkUqGAw5Dy8GDCIfZxoGOE57MgQYBnwOMn4MPTUxfAcfDgwELXpBMSotcDMAGikmNiINGAseVhgtLgcaHAwcHi0fJn0nIi9eDTwtKT0aTCkFKiU7OR1bLjA2eRIdHVsHLhFB... Frame DA5D 3 KB
2 KB 101ms
101ms Document
text/html 108.157.4.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shionismscol.xyz/Y0xrSXQCLggkSwJxCW8BESBWbEYlaVkPEA4hESISB3RZPhUaIkUqGAw5Dy8GDCIfZxoGOE57MgQYBnwOMn4MPTUxfAcfDgwELXpBMSotcDMAGikmNiINGAseVhgtLgcaHAwcHi0fJn0nIi9eDTwtKT0aTCkFKiU7OR1bLjA2eRIdHVsHLhFBAC0pJjAvDSUzNjF8BAodABYjMEAwAi4uMyogPiM1MicaCzcqHD0nMRYpWwswOSAbbEYhHgwYBSElBAs2Jw4lLzJXKCV5RVsUAAMOMSJeBSUiCiUvMlcJIC4uVxsHEwMoIR8qJRk4DiwfBxsIHxMVBAxkORUIPyI4Jh8MCzsIOCkLIlJ1PB9FFBQGPRcyfhgNPgsjDgVEUnQnHy4bGygAPCQPMQcSJXg+AxMQICofBA4bBX06JDYuAT0UODwqJ1Z/PSVFGR4FOS4xIh8OEA95PCoiBHUvMSEKCwItODIdPS0SNSAPKjJWIyx5QEUmGCYaE3EOAS4TJzs/PxU
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-74.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 78a4634dd415c1ddaf8c08d9601ad8f1e9a17a5ac794ddd6b5ebae76aa8a6c79

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

content-type: text/html
content-length: 1225
date: Fri, 25 Feb 2022 13:31:17 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: _qEaN2pNt46IMc5zAdFkjEUoKHUqgLzrkgD45J0QmFOSzmppONTvXw==

GET
H3 200 / Show response
freychang.fun/ 15 B
639 B 152ms
134ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49111b262076e23277435bb35f9b872e33f4b0f82452ee8fc9f60a77c6faa7e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wqV4q5MO%2FqdIhiPsz71i%2FFKO1topzo6bKmJP7fuuMDarbNCuzdxsitUeqIyyUMNPXLagmhz4s7MlBftHEVEljiDu4E0Uj3fmCZCKluMYPpRQ%2FqF9GB1Ve5UiGrgXNkpZc7FnOEMPo4cD%2B%2Fv"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6e314b0d2c815c62-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
shionismscol.xyz/ 0
489 B 199ms
197ms XHR
text/plain 108.157.4.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shionismscol.xyz/utx?cb=kI4dbUyBFaUx&top=www.tumgir.com&tid=853405
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-74.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 13:31:18 GMT
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: LeKdCM8IzgL3qcnnpO1dfN0DRddvPOkBZlr5jnuk11XMJ6ltF2La8A==

GET
H2 204 P2VIdS06OR5uaGwoDSc1d2lPZ2x9YUxrbn1gQGA
ndollarhe.com/WHlTWUp3RjAqdws/OGsHNT92awg5DgoeHwARJxs9DiE1ay0XOD8+bCwQN2Rzakhma3J+CTo9d2lfIC0rLAwgZHt+ED0/JWVfJWR7dkpnd3hsV2B/ 0
279 B 418ms
416ms Image
text/plain 2606:4700:3034::6815:3895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndollarhe.com/WHlTWUp3RjAqdws/OGsHNT92awg5DgoeHwARJxs9DiE1ay0XOD8+bCwQN2Rzakhma3J+CTo9d2lfIC0rLAwgZHt+ED0/JWVfJWR7dkpnd3hsV2B/P2VIdS06OR5uaGwoDSc1d2lPZ2x9YUxrbn1gQGA
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3895 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CRSC32qt3uwKUrGJ14ViMpadQm5MeXVy0ozahAOHL1eldH7ansMMbY0baP2I32WjMgOOLyhfhSrLT1XtX0u7R9Ef3vieSu%2F0ZtpXHgjLiMaVsxrAH%2F0AUeJ%2Bp53C8Nhp%2BnOSxbdgQyX%2BzkF"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6e314b0d09849066-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 89ms
71ms Image
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 257ms
102ms Image
text/html 2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 333ms
178ms Image
text/html 2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 aGpMU0kTSD8kFh0YIHFzSgI4JzkbUGN8Ph8dYic8BQ0lIWcLBSF8Oh9EJiBrREg%2FPi9KUH1%2FaxsHOnFzSl5iY2tESDgyLjcDKHFzSlJ4ZX5ZWm5%2FaxsfLgwgDFhuaWtYUilmelhbLn5xCV90fn0MWn5%2BK10PL35%2FXQt0Zn1eDC42KF5IMQ Show response
mefagetobri.top/ 56 KB
23 KB 340ms
124ms Script
application/javascript 107.22.28.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mefagetobri.top/aGpMU0kTSD8kFh0YIHFzSgI4JzkbUGN8Ph8dYic8BQ0lIWcLBSF8Oh9EJiBrREg%2FPi9KUH1%2FaxsHOnFzSl5iY2tESDgyLjcDKHFzSlJ4ZX5ZWm5%2FaxsfLgwgDFhuaWtYUilmelhbLn5xCV90fn0MWn5%2BK10PL35%2FXQt0Zn1eDC42KF5IMQ
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-28-167.compute-1.amazonaws.com
Software: / Express
Resource Hash: 3517aa9a0eee13e0c108ebf537bfa21942a8a717dc4a703980ad717742c189e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"e0f2-4LFzYLMjFwy9xb2rgZfd+mhKd4k"
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 86EB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

78ms
47ms

XHR
application/json

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35a4dc61a1020b3f4c457749b6a8e056610e566af883961660a65d3a3e6fa752

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 25 Feb 2022 13:31:18 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 86EB 29 B
587 B 148ms
39ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:29:18 GMT
x-content-type-options: nosniff
age: 120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Feb 2022 13:44:18 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame A460
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

79ms
47ms

XHR
application/json

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4127961e7c06745f31d1db9fc4458e716f417744dd29eab7b5bbadb163893be9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 25 Feb 2022 13:31:18 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A460 29 B
89 B 95ms
39ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:29:18 GMT
x-content-type-options: nosniff
age: 120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Feb 2022 13:44:18 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 169ms
46ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Origin: https://www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube.com
vary: origin referer x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 25 Feb 2022 13:31:18 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 86EB 45 KB
22 KB 101ms
54ms XHR
application/json+protobuf 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cd336a3036ff6204ab2e00966a86d22821152aeca02ae8323c44ed4b280a21e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22148
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/ Frame 86EB 119 KB
37 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40d933ee8974c700bc2f951870c4ec8b613be371def35992bc2460e5d8fa3e08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77453
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37809
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:25 GMT

GET
H2 200 R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js Show response
www.google.com/js/th/ Frame 86EB 35 KB
14 KB 127ms
38ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47646be25c50852fa975f0f776a24b58b33bdff3d9e68994f8b7dcdff0c167ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 19:50:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 19:50:35 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/ Frame 86EB 26 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd7af74616008b91eee3a6545f45f3b961dcec295ed7ddc4dea31a007b850d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7806
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:17 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/ Frame A460 119 KB
37 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40d933ee8974c700bc2f951870c4ec8b613be371def35992bc2460e5d8fa3e08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77453
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37809
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:25 GMT

GET
H2 200 R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js Show response
www.google.com/js/th/ Frame A460 35 KB
13 KB 89ms
48ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47646be25c50852fa975f0f776a24b58b33bdff3d9e68994f8b7dcdff0c167ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 19:50:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 19:50:35 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/ Frame A460 26 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd7af74616008b91eee3a6545f45f3b961dcec295ed7ddc4dea31a007b850d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7806
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:17 GMT

GET
DATA 200
OK truncated
/ Frame 86EB 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQVva4RfraHBICmARxWrIbQjUSmEg9HE7Ai40n3og=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 86EB 3 KB
3 KB 128ms
40ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQVva4RfraHBICmARxWrIbQjUSmEg9HE7Ai40n3og=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b3ce500a59896dfd8bcc55276eb8d271fb1b2789456c933b3f28ec33609d99eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 10:59:38 GMT
x-content-type-options: nosniff
age: 9100
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2752
x-xss-protection: 0
server: fife
etag: "vd2"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 06 Feb 2022 03:18:28 GMT

GET
H2 200 hqdefault.webp
i.ytimg.com/vi_webp/GLgh9h2ePYw/ Frame 86EB 8 KB
8 KB 137ms
49ms Image
image/webp 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/GLgh9h2ePYw/hqdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

759fae71d9d63cccbdc0df953b7c4159e7fb51677cff6eca36abbfbf90a284a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8384
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Feb 2022 15:31:18 GMT

GET
DATA 200
OK truncated
/ Frame A460 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQnWsy7EV1oKiGPX1-z995CKZv2T0jVZvIbHSK3=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A460 3 KB
3 KB 122ms
43ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQnWsy7EV1oKiGPX1-z995CKZv2T0jVZvIbHSK3=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

157b492c2139e45d53cc279ef42e81a749ef127e24856691d44f1586e1cb7f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 10:50:33 GMT
x-content-type-options: nosniff
age: 9645
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2897
x-xss-protection: 0
server: fife
etag: "v4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 06 Oct 2021 18:23:11 GMT

GET
H2 200 hqdefault.webp
i.ytimg.com/vi_webp/Zn551Ymh-kM/ Frame A460 4 KB
4 KB 117ms
39ms Image
image/webp 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/Zn551Ymh-kM/hqdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efa7f7f1d869a7e1a2385881dc2221459e439ce59cfbaf9e4f8abadf01c695c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 12:07:50 GMT
x-content-type-options: nosniff
age: 5008
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4056
x-xss-protection: 0
server: sffe
etag: "1528501951"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Feb 2022 14:07:50 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 4A62
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

44ms
44ms

XHR
application/json

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd8713e683c22c91c67da07588c6461fe10df6947dcc84d991115ee011fbd65d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 25 Feb 2022 13:31:18 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4A62 29 B
54 B 82ms
37ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:29:18 GMT
x-content-type-options: nosniff
age: 120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Feb 2022 13:44:18 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/ Frame 4A62 119 KB
37 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40d933ee8974c700bc2f951870c4ec8b613be371def35992bc2460e5d8fa3e08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77453
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37809
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:25 GMT

GET
H3 200 R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js Show response
www.google.com/js/th/ Frame 4A62 35 KB
13 KB 91ms
42ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47646be25c50852fa975f0f776a24b58b33bdff3d9e68994f8b7dcdff0c167ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 19:50:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 19:50:35 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/ Frame 4A62 26 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd7af74616008b91eee3a6545f45f3b961dcec295ed7ddc4dea31a007b850d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7806
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 01:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 16:00:17 GMT

GET
DATA 200
OK truncated
/ Frame 4A62 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLSnuJzh7SKH3zncpQJteh-zjNs2MI7LDn8GQw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4A62 724 B
813 B 39ms
39ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLSnuJzh7SKH3zncpQJteh-zjNs2MI7LDn8GQw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

486d57d8e9f08d08222713e26a602936f989acdbe22cd5207c6161bf487e0411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 11:47:27 GMT
x-content-type-options: nosniff
server: fife
age: 6231
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 724
x-xss-protection: 0
expires: Sat, 26 Feb 2022 11:47:27 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/S9tKwSboJeg/ Frame 4A62 15 KB
15 KB 39ms
39ms Image
image/webp 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/S9tKwSboJeg/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d024cb3f9cc8f5edfeb9d0c135f6c0b79345440f20dd559adf9e2111b5d8dda7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 11:48:24 GMT
x-content-type-options: nosniff
age: 6174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15260
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Feb 2022 13:48:24 GMT

GET
H2 200 LktHXDsFAENYaV8sUF58FFhBRWleXhQcPA-ALAgkuBwcBSX4qW0ZbYl9YUF58RAUdGCEAS0cvaV5eGQUnCUtHXCsJDR4DZUlcRQ8kHgEYCWleKExUYlxAQVt5VEBNXGleXgYNKg0cHEl+KltGW2JfWFMZcQ Show response
d18g6t7whf8ejf.cloudfront.net/3bExsbnUPIwIIShglCFNNWX5VWUFKJh8BGxxxJyUHJScLLToKahgUEVF8SgIUAitRSBACL1FfUw0oDlNBSjgcAR5ROQIKEAolAgsRSjkNUxgDNgUCGQ1pXihAQnxJXEVEOwUAEQM7H0tHXCIYS0dcfVxARUl/ Frame FD76 409 B
602 B 152ms
152ms Script
text/plain 18.66.92.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/3bExsbnUPIwIIShglCFNNWX5VWUFKJh8BGxxxJyUHJScLLToKahgUEVF8SgIUAitRSBACL1FfUw0oDlNBSjgcAR5ROQIKEAolAgsRSjkNUxgDNgUCGQ1pXihAQnxJXEVEOwUAEQM7H0tHXCIYS0dcfVxARUl/LktHXDsFAENYaV8sUF58FFhBRWleXhQcPA-ALAgkuBwcBSX4qW0ZbYl9YUF58RAUdGCEAS0cvaV5eGQUnCUtHXCsJDR4DZUlcRQ8kHgEYCWleKExUYlxAQVt5VEBNXGleXgYNKg0cHEl+KltGW2JfWFMZcQ
Requested by: Host: shionismscol.xyz
URL: https://shionismscol.xyz/NTlJeFBUWyoVb1QEK14lR1V0XWJzHHs+NAQBLk4kAk4hHmhQUy9WM1lWPBw2R1YnDH5bXD1dYnMKKz0oRlsnLQB8TgAxA11eJTsWe3ceIGVjbhw+G39RcToXTUExMilgcQMrM3l1HRcbVFEuLRVjf3ErN3xsCBEkZ2oLORN5CA8eBUIJJjw8e3saEjdWeBtNAnpoADMVdFYlOTdGaxoSO3tsMR8Ue14cOxdkCDkgOV14GBYof2EMLhV6Thw5FWR0fjBgQXEROxlsankcM1NvMTkCYFVsShZ5Uj0wCHFKDzkVe2AoLmhGbA9NaHN/IToCYlUsIDhkWhk5fXR1CB87QHs+GxJmYX0JBwVjKyE8DGAcPmUNawgtNHJ6DDkDBVo/GQYAXA4pBVt6HAwYbXo6MhRnDQ0iBVlaGyloXnEuPQl2biUdG3BBHCE8TXgYLiQAbww6Hm1+JR0IUmAHMzcFWgE9PBALCzM8QX4eShpTbg81ClZobxIjWlc5RRt+SwATN3Z2Lw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-180.fra56.r.cloudfront.net
Software: /
Resource Hash: 1f18fe84cb7753612d933df006d8a102a1003702b0246a79735f3070edf71d6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shionismscol.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 325
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-id: bgEBfbv04CVa3NHyoGHLp-erbHyFJTVZCQf_KU-KrnLErXz-MiyyvQ==

GET
H2 200 NAZleW0iAzYudmgHNip2f0Q5LSlzVn49OyEJZSM4PBcrIzM7BzRvPi9fNSYxJw40KG58JG1ne2tQaGE8Jww8Jjw9R2p5JTpHanl6fkxobHgMR2p5PCcMbn1ufSB9e3s2VGxgbnxSOT-k7IgcvLCklCyxseQhXa35lfVR9e3tmCTA9JiJHagpufFI0ICArR2p5LCsB... Show response
d18g6t7whf8ejf.cloudfront.net/9YlhJS04BNyctcRYxLXZ2V2t9e3tEMjokIBJlJgkKMxAYM3coHm8/ Frame 1869 578 B
727 B 163ms
158ms Script
text/plain 18.66.92.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/9YlhJS04BNyctcRYxLXZ2V2t9e3tEMjokIBJlJgkKMxAYM3coHm8/NAZleW0iAzYudmgHNip2f0Q5LSlzVn49OyEJZSM4PBcrIzM7BzRvPi9fNSYxJw40KG58JG1ne2tQaGE8Jww8Jjw9R2p5JTpHanl6fkxobHgMR2p5PCcMbn1ufSB9e3s2VGxgbnxSOT-k7IgcvLCklCyxseQhXa35lfVR9e3tmCTA9JiJHagpufFI0ICArR2p5LCsBMyZia1BoKiM8DTUsbnwkYXFlfkxsfn52TGB5bnxSKygtLxAxbHkIV2t+ZX1Ufjx2
Requested by: Host: shionismscol.xyz
URL: https://shionismscol.xyz/TjZiOGsvVAFVVC8LAB4ePFpfHVkIE1B+D38OBQ4feUEKXlMrXAQWCCJZF1wNPFkMTEUgUxYdWQgPO1QDBGVSDCkATwFMCBxvGnQzFAQ0Ch93U1FMLgNcDVMiDHwOcgwlfS9AKhd7UVsEBltaHVkIeCNiBythUlEqNG8XXAYpfixRG3xQUmleAmUOQj0gAlt3Egt8OGsmemYgWxkHTC8PKTRkFGgCd1AsazI2fBUMWwVxVwAhCQcMXVk6ZwN/LnZ8FU9TBFwVATl8RldyPz5+A1YHeFAJQAQsfgV1OXxGV2goLXsAVlo7UDF6UisFEQo9CU4FWgU2ZS1sRiUBK18IOHohUwcNTxpLDh9eOllYe1oEbjl3U1FMBg1iIwEhJ3wqWQw+QwR+In5/IXkZHAQSDScNRSB1EhRfAwkpIX0LdVMKYjdLCSBBCWEzCFoEUxM9UAwNWRpxIA0JIE4xcxIpQi5AKjZUKlMiGAQWHVkMbDoJPihcGgpNJEUNVhtzWSB8OgZnGgEhCA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-180.fra56.r.cloudfront.net
Software: /
Resource Hash: 616b509494558ff819a90abd7027a4af4d64fd8b752aefa9cbfaf5219e5849dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shionismscol.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 451
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-id: cmLypSFAClOSG1wr21xSAbhjqcB0DwXjw1b2yOStPHtM3tLFZES1yQ==

GET
H2 200 gTm5zQ2gtAR0lVzoHF35RfF9GcVBoBAAsBj5TFgsyPgUjNSM4SAc5DHNeVS8JIAlOZQ0gDU5yTi8KEX5caBoDLANzBR0oCicZHy4SNEgGIlUjAQkqBCIPVnEue0BDZlp+RgQqBioBBDBNfF4dN018XkJzRn5LQAFNfF4EKgZ4WlZwKmtcQzteekdWcVgvHg-MvDTk... Show response
dmmzkfd82wayn.cloudfront.net/ Frame DA5D 937 B
919 B 181ms
180ms Script
text/plain 2600:9000:225f:dc00:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/gTm5zQ2gtAR0lVzoHF35RfF9GcVBoBAAsBj5TFgsyPgUjNSM4SAc5DHNeVS8JIAlOZQ0gDU5yTi8KEX5caBoDLANzBR0oCicZHy4SNEgGIlUjAQkqBCIPVnEue0BDZlp+RgQqBioBBDBNfF4dN018XkJzRn5LQAFNfF4EKgZ4WlZwKmtcQzteekdWcVgvHg-MvDTkLESgBOktBBV19WV1wXmtcQ2sDJhoeL018LVZxWCIHGCZNfF4UJgslAVpmWn4NGzEHIwtWcS53Vl1zRnpZRntGdl5WcVg9DxUiGidLQQVdfVldcF5oG04
Requested by: Host: shionismscol.xyz
URL: https://shionismscol.xyz/Y0xrSXQCLggkSwJxCW8BESBWbEYlaVkPEA4hESISB3RZPhUaIkUqGAw5Dy8GDCIfZxoGOE57MgQYBnwOMn4MPTUxfAcfDgwELXpBMSotcDMAGikmNiINGAseVhgtLgcaHAwcHi0fJn0nIi9eDTwtKT0aTCkFKiU7OR1bLjA2eRIdHVsHLhFBAC0pJjAvDSUzNjF8BAodABYjMEAwAi4uMyogPiM1MicaCzcqHD0nMRYpWwswOSAbbEYhHgwYBSElBAs2Jw4lLzJXKCV5RVsUAAMOMSJeBSUiCiUvMlcJIC4uVxsHEwMoIR8qJRk4DiwfBxsIHxMVBAxkORUIPyI4Jh8MCzsIOCkLIlJ1PB9FFBQGPRcyfhgNPgsjDgVEUnQnHy4bGygAPCQPMQcSJXg+AxMQICofBA4bBX06JDYuAT0UODwqJ1Z/PSVFGR4FOS4xIh8OEA95PCoiBHUvMSEKCwItODIdPS0SNSAPKjJWIyx5QEUmGCYaE3EOAS4TJzs/PxU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:dc00:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 031f4bac487c82ea9d81facc8a66ef7131c37c588eec8faa68e2dd385d881ccb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shionismscol.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: gzip
x-amz-cf-pop: TXL50-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 642
via: 1.1 2a449514cebabcf6ab64b86d6a229cfe.cloudfront.net (CloudFront)
x-amz-cf-id: kfk2rftQwqCkQr8iECh9J3OJSST4Ty6csgigNnNkSFvAPYnud6Mqlg==

GET
H3 204 generate_204
www.youtube.com/ Frame 86EB 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?9oDkIA
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame A460 0
9 B 39ms
39ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?l1oDBg
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/murderbot%20meme
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A460 4 KB
3 KB 51ms
19ms Script
text/javascript 2a00:1450:400e:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Feb 2022 13:31:18 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 86EB 4 KB
2 KB 56ms
27ms Script
text/javascript 2a00:1450:400e:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Feb 2022 13:31:18 GMT

GET
H2 204 utx Show response
arderstartir.xyz/ 0
490 B 139ms
102ms XHR
text/plain 108.157.4.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arderstartir.xyz/utx?tid=846710&top=www.tumgir.com&cb=KdWp1aQZKakB
Requested by: Host: mefagetobri.top
URL: https://mefagetobri.top/aGpMU0kTSD8kFh0YIHFzSgI4JzkbUGN8Ph8dYic8BQ0lIWcLBSF8Oh9EJiBrREg%2FPi9KUH1%2FaxsHOnFzSl5iY2tESDgyLjcDKHFzSlJ4ZX5ZWm5%2FaxsfLgwgDFhuaWtYUilmelhbLn5xCV90fn0MWn5%2BK10PL35%2FXQt0Zn1eDC42KF5IMQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-86.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 13:31:18 GMT
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: AG9mcShAuADoe1UlCI8-wvvFid37BAJyILhxjPkIoN0JOweI46QJHg==

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4A62 4 KB
2 KB 41ms
24ms Script
text/javascript 2a00:1450:400e:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Feb 2022 13:31:18 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/98/ Frame A460 52 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:400e:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/98/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 21:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15480
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:03:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 25 Feb 2022 21:11:21 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 4A62 0
9 B 39ms
39ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Kk5SVQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/98/ Frame 86EB 52 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:400e:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/98/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 21:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15480
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:03:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 25 Feb 2022 21:11:21 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/98/ Frame 4A62 52 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:400e:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/98/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 21:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15480
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:03:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 25 Feb 2022 21:11:21 GMT

POST
H2 200 / Show response
lyjuster.xyz/ 0
37 B 336ms
97ms XHR
text/plain 44.195.137.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lyjuster.xyz/
Requested by: Host: mefagetobri.top
URL: https://mefagetobri.top/aGpMU0kTSD8kFh0YIHFzSgI4JzkbUGN8Ph8dYic8BQ0lIWcLBSF8Oh9EJiBrREg%2FPi9KUH1%2FaxsHOnFzSl5iY2tESDgyLjcDKHFzSlJ4ZX5ZWm5%2FaxsfLgwgDFhuaWtYUilmelhbLn5xCV90fn0MWn5%2BK10PL35%2FXQt0Zn1eDC42KF5IMQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-137-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 86EB 98 B
142 B 49ms
49ms XHR
application/json+protobuf 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9071395f6b63b40c10f0db498f0e1d844502734dd268a077a7085486d6b4e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 44ms
44ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Origin: https://www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube.com
vary: origin referer x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 25 Feb 2022 13:31:18 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-6103d59079bcdcec/ 1 KB
680 B 32ms
23ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-6103d59079bcdcec/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e552184493eea74a53b11e52b6e6eec9c35d90cece6592d9bdf6cf1090ad8c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: gzip
etag: 706338575--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=21, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 504

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 181ms
144ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=6218da25ca867819&bkl=0&bl=1&pdt=786&sid=6218da25ca867819&pub=ra-6103d59079bcdcec&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tumgir.com&fp=tag%2Fmurderbot%2520meme&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1645795878622&jsl=1&uvs=6218da253dadb263000&skipb=1&callback=addthis.cbs.jsonp__80911312468662340
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e7c40fab0741f349bf28290e154abe61bdffb6436fcc8c756ab54d5dd35af674

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 13:31:18 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 3D28 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame CAC2 71 KB
26 KB 10ms
9ms Document
text/html 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Fri, 25 Feb 2022 13:31:18 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/151870/ Frame B8F4
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
https://cds.connatix.com/p/151870/connatix.player.dc.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

979 KB
237 KB

16ms
9ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/151870/connatix.player.dc.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2cb5dd9bf07ede3ae0b1e1ff9c4aa3a2cc27331bd946044f95b023b8d402c638

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: br
last-modified: Fri, 25 Feb 2022 08:50:24 GMT
age: 16511
etag: "d4e9e0f3a728c90bc63a92acb61425a1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 242373

Redirect headers

location: https://cds.connatix.com/p/151870/connatix.player.dc.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
date: Fri, 25 Feb 2022 13:31:18 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
server: Kestrel
accept-ranges: bytes
content-length: 0

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 9ms
9ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 25 Feb 2022 13:31:18 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
269 B 350ms
158ms XHR
application/json 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fmurderbot%2520meme

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.tumgir.com/tag/murderbot%20meme
last-modified: Fri, 25 Feb 2022 13:00:00 GMT
server: nginx/1.15.8
date: Fri, 25 Feb 2022 13:31:19 GMT
content-type: application/json
access-control-allow-origin: https://www.tumgir.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
295 B 373ms
182ms Script
application/json 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fmurderbot%2520meme&callback=_ate.cbs.rcb_bn1s0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

575510b3e0505b372c6a70ed847226fe0d794c7327c9dbe9a635c01fc44c958d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.tumgir.com/tag/murderbot%20meme
last-modified: Fri, 25 Feb 2022 13:31:18 GMT
server: nginx/1.15.8
date: Fri, 25 Feb 2022 13:31:19 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
295 B 376ms
185ms Script
application/json 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tumgir.com%2Ftag%2Fmurderbot%2520meme&callback=_ate.cbs.rcb_5euc0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

060234194dc936c74fb0c1561c728595e0dcc84ad225177bb46f10ba8886dc97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.tumgir.com/tag/murderbot%20meme
last-modified: Fri, 25 Feb 2022 13:31:18 GMT
server: nginx/1.15.8
date: Fri, 25 Feb 2022 13:31:19 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 popunder.gif
ndollarhe.com/ 35 B
624 B 59ms
36ms Image
image/gif 2606:4700:3034::6815:3895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndollarhe.com/popunder.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:3895 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Fri, 25 Feb 2022 13:31:18 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Feb 2022 18:34:06 GMT
server: cloudflare
age: 241032
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2VJpFbS%2Bd%2BI6z8eklY4Cidx9CFQsiAq4RpoQqHo7dGMMTsJHr0o0Y5XMZk9Y53gO9sYhxao0UUgyIEgNz5UiMLwjkhzPsCt8%2FNsFzROh4pipyKNj%2FyBhXfwZhqTgLmisD6m1MzX9TVvoQ7A"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e314b123baf5c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK si
capi.connatix.com/tr/ 0
188 B 592ms
111ms Image
application/json 18.217.77.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=4774eef9-309c-40d8-8dc1-bf70e43e9987&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.77.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-77-222.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
access-control-allow-credentials: true
server: Kestrel
Connection: keep-alive
Content-Length: 0
content-type: application/json

GET
H2 200 multi Show response
shionismscol.xyz/ 3 KB
2 KB 105ms
105ms XHR
text/plain 108.157.4.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shionismscol.xyz/multi?cs=UlhFVUdgYXZnfmVgcmd2YmF8bXQ&abt=0&red=1&sm=76&k=murderbot%20meme%20explore%20tumblr%20posts%20blogs%20tumgir&v=1.0.57.0&sts=0&prn=0&emb=0&tid=853405&u=252542216697935&fs=1&ref=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fmurderbot%2520meme&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F98.0.4758.80%20safari%2F537.36&tzd=0&uloc=&if=0&_IyoX=1645795878793&crc=1
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-74.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: a4a640f5eb70ba52e2cc0b5b3da47b05be967d9894e740b8daf3ca7561bfcbcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: text/plain
content-length: 1424
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
x-amz-cf-id: pUWaNiknQB3R5Q_2DJ7To6wWgQmO3nvgNegGWbKgPBETB0mrN-Y7Tw==

POST
H3 204 QnAwY0RtT1MQeRYmcVAlF0kVUQYbF3I5ICwiQCISc0JWUQkBJWhXYjYZVF58d0IJVHBkAFkHeXFCFhAwIwRFEHlwQABUYiseVgx5cFZGXnRsSB5VanBWRV52d0IFV3ZwQQZVfXVJA1ZiNgBRBHlzVkAXMC5NAVVwd0cJVnx1SAdacQ
ndollarhe.com/ 0
470 B 117ms
117ms Ping
text/plain 2606:4700:3034::6815:3895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ndollarhe.com/QnAwY0RtT1MQeRYmcVAlF0kVUQYbF3I5ICwiQCISc0JWUQkBJWhXYjYZVF58d0IJVHBkAFkHeXFCFhAwIwRFEHlwQABUYiseVgx5cFZGXnRsSB5VanBWRV52d0IFV3ZwQQZVfXVJA1ZiNgBRBHlzVkAXMC5NAVVwd0cJVnx1SAdacQ
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:3895 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKpB%2B%2FlAJ1%2BQ0qZP9tJWpUUS6XOwruSlNkmknGqAQU4K8Spzui9aQfXehIU%2BI1J5Isgx9KyWukGQSGn41SdfVDtUjAjFVNXO5NtgyDV5RE0NelqU2kcZZX8U0ow4ncnpDyX4cOUsaAekHyH2"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6e314b127c425c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 floater Show response
shionismscol.xyz/ 2 KB
2 KB 414ms
414ms XHR
text/plain 108.157.4.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shionismscol.xyz/floater?cs=dDVVbWxHB2JdVU0MY1lVRgZgVV0&abt=0&red=1&sm=83&k=murderbot%20meme%20explore%20tumblr%20posts%20blogs%20tumgir&v=0.8.6.2&sts=0&prn=0&emb=0&tid=852974&u=252542216697935&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fmurderbot%2520meme&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F98.0.4758.80%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td1_oi1_&_NvUP=1645795878796&crc=1
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-74.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 65cdda06842fa726551a6b6dd25dea0989c5118dad12dd5b923d463dc0a6e195

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 13:31:19 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: text/plain
content-length: 1060
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
x-amz-cf-id: d_8AhG_4KxhqeU34y4rUjG4j-BrETLJ6G6gCFL8ZilLftnUUWz203A==

GET
H3 200 popunder.gif
ndollarhe.com/ 35 B
588 B 23ms
22ms Image
image/gif 2606:4700:3034::6815:3895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndollarhe.com/popunder.gif
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:3895 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Fri, 25 Feb 2022 13:31:18 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Feb 2022 18:34:06 GMT
server: cloudflare
age: 241032
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxiai14GtgFlq3p6Mp1Olsyafmyr9%2BWG9XdXABgD6dAoEac8zF5X7oqfpJg6lx2i%2BFpt%2Bmsvh%2Fra1XVgrxUUkh1sj8d%2Fv0enHAxr58ei2YRLpx5jNtP63Ew8BmMN7kKgNQ%2BREezmANPLGJpE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e314b128c595c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 player.css
cds.connatix.com/p/151870/ 56 KB
8 KB 8ms
7ms Stylesheet
text/css 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/151870/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: abfa5ce24f65db048040344e04b17c9f99d99170f41393641a1531828c05b3ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: br
last-modified: Fri, 25 Feb 2022 08:50:24 GMT
age: 16512
etag: "0a34539cb7da12fef4114e7cd93564e7"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 8618

POST
H/1.1 200
OK pls Show response
capi.connatix.com/core/ Frame B8F4 3 KB
2 KB 360ms
129ms XHR
application/x-protobuf 18.217.77.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=151870&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.77.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-77-222.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 0148571bdd2d5a5ef37b0a1cb465f1e3281253a069c3d4450fb01a0ccd5ded55

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2006

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame B8F4 0
315 B 111ms
111ms XHR
application/x-protobuf 18.217.77.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=151870&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.77.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-77-222.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Fri, 25 Feb 2022 13:31:18 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK analytics.js Show response
s.srvsynd.com/2/234175/ 6 KB
3 KB 124ms
29ms Script
text/javascript 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.tumgir.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=963968048794229&ti=x1303031500150298796341158805504&de=2&to=3&pv=fcb7cfef-c9d7-40ab-9a82-50590326ab13

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-213-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c8906fbe24261ebfc52536903d02f7981d4767f0dc6c63e3f0490d1499676182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 13:31:18 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 2820
Expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 146ms
55ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

9b7a32389b4e0941e45638f72f8b29668b4ddf68d80da6445e707cab9ede1594

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27834
x-xss-protection: 0
server: sffe
etag: "1142 / 305 of 1000 / last-modified: 1645790816"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 25 Feb 2022 13:31:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 86ms
38ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 239490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 18:59:49 GMT

GET
H2 200 2_media.bin Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/b6895034-e67f-4ea9-80d6-187261ebb991/ Frame B8F4 378 B
544 B 76ms
6ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/b6895034-e67f-4ea9-80d6-187261ebb991/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: df74eebfd082e07e839d575f047fe4d7181430fd9f2a4170a67c71ace2f076e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:19 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 18:16:37 GMT
age: 87782
etag: "1ff6629069f88f26342a0872efb953fd"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 307

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B8F4 367 KB
122 KB 159ms
51ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b9019b46768d884816f34f0572435e6b9060ff9d0ef785996285a9b7d97a715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124251
x-xss-protection: 0
expires: Fri, 25 Feb 2022 13:31:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 235404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 20:07:55 GMT

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame B8F4 1 KB
873 B 531ms
198ms XHR
application/x-protobuf 18.217.77.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=151870&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.77.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-77-222.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 0dd8a6e14f10fa5526fa5d29f4c6c60ca781190164f7582b5524eeead92702df

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Fri, 25 Feb 2022 13:31:19 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 577

GET
H2 200 1_th.jpg
img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/b6895034-e67f-4ea9-80d6-187261ebb991/ 11 KB
10 KB 35ms
17ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/b6895034-e67f-4ea9-80d6-187261ebb991/1_th.jpg?crop=522:293,smart&width=522&height=293&format=jpeg&quality=60&fit=crop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 64573aa4628f059fe609e5e9d704a352c7cb92993d7c5ca6430f911d7773fdec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:19 GMT
content-encoding: br
age: 91811
etag: "DAqO/n4yRCYlyHBi7hefsbVnB6z5R+/5MUbN08YYvJo"
access-control-max-age: 86400
fastly-io-info: ifsz=78312 idim=2560x1440 ifmt=jpeg ofsz=10956 odim=522x293 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 10490

POST
H/1.1 200
OK postback Show response
s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/ 0
145 B 111ms
27ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/postback?oz_pl=1&ap=undefined&ti=x1303031500150298796341158805504&de=2&ui=00000000-0000-0000-0000-000000000000&di=www.tumgir.com&md=2&sr=connatix.com&pp=963968048794229&to=3&pv=fcb7cfef-c9d7-40ab-9a82-50590326ab13&ci=234175&dt=2341751597675869250012&_x=1
Requested by: Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.tumgir.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=963968048794229&ti=x1303031500150298796341158805504&de=2&to=3&pv=fcb7cfef-c9d7-40ab-9a82-50590326ab13
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 25 Feb 2022 13:31:18 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.srvsynd.com/2/2.51.0/ 156 KB
49 KB 30ms
29ms Script
text/javascript 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.srvsynd.com/2/2.51.0/main.js

Requested by

Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.tumgir.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=963968048794229&ti=x1303031500150298796341158805504&de=2&to=3&pv=fcb7cfef-c9d7-40ab-9a82-50590326ab13

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-213-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b605eddb7a032886f23e2eb80db244d6c5ff0e6094eb59570bb03495307d5b84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 25 Feb 2022 13:31:18 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 49548
Expires: Mon, 03 Nov 2053 08:29:40 GMT

GET
H2 200 playlist.m3u8 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/b6895034-e67f-4ea9-80d6-187261ebb991/ Frame B8F4 309 B
271 B 6ms
6ms XHR
application/x-mpegurl 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/b6895034-e67f-4ea9-80d6-187261ebb991/playlist.m3u8
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:19 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 18:16:36 GMT
age: 91811
etag: "8a966507b13615ecdc1330a4bc9dcfe1"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 164

GET
H2 200 0.m3u8 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/b6895034-e67f-4ea9-80d6-187261ebb991/ Frame B8F4 721 B
339 B 7ms
7ms XHR
application/x-mpegurl 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/b6895034-e67f-4ea9-80d6-187261ebb991/0.m3u8
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e7435e717fa63bc5d3dec53b91e4136447006cf33cb58c54cd8ab410d13df9c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:19 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 18:16:36 GMT
age: 91811
etag: "8904238cef97e45d449a31e2b73b233b"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 276

GET
H2 206 0.mp4 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/b6895034-e67f-4ea9-80d6-187261ebb991/ Frame B8F4 1 KB
1 KB 7ms
6ms XHR
video/mp4 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/b6895034-e67f-4ea9-80d6-187261ebb991/0.mp4
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6350ced555079be0e27d4aeb80210a8b17ac3cf0c127b5aba0e7add682ccb1ca

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-1361

Response headers

date: Fri, 25 Feb 2022 13:31:19 GMT
last-modified: Tue, 23 Feb 2021 18:16:36 GMT
age: 91811
etag: "db612956a964a73c5555e7045673500b"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1361/6233249
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1362

GET
H3 200 pubads_impl_2022022302.js Show response
securepubads.g.doubleclick.net/gpt/ 363 KB
121 KB 80ms
36ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022302.js?cb=31065323

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

c81e03e9977dae81a66597e7019e6b582bcb67a9c4add349b692804d7b3830d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 08:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124136
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 18:13:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 25 Feb 2023 08:59:53 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 86 B
104 B 90ms
45ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.tumgir.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

6375c3268643e3a61617e08447cbb24e2c03257749834b5d2f117e3e24ee0138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Feb 2022 13:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Fri, 25 Feb 2022 13:31:19 GMT

GET
H2 206 0.mp4 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/b6895034-e67f-4ea9-80d6-187261ebb991/ Frame B8F4 647 KB
647 KB 9ms
8ms XHR
video/mp4 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/b6895034-e67f-4ea9-80d6-187261ebb991/0.mp4
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 115904799d8eece939d8a5dce0079379402b024b81d9f25513c98c16d54a0740

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=1362-663575

Response headers

date: Fri, 25 Feb 2022 13:31:19 GMT
last-modified: Tue, 23 Feb 2021 18:16:36 GMT
age: 91811
etag: "db612956a964a73c5555e7045673500b"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 1362-663575/6233249
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 662214

POST
H/1.1 200
OK postback Show response
s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/ 0
145 B 27ms
27ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/postback?oz_pl=1&ap=undefined&ti=x1303031500150298796341158805504&de=2&ui=00000000-0000-0000-0000-000000000000&di=www.tumgir.com&md=2&sr=connatix.com&pp=963968048794229&to=3&pv=fcb7cfef-c9d7-40ab-9a82-50590326ab13&ci=234175&dt=2341751597675869250012&_x=1
Requested by: Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.tumgir.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=963968048794229&ti=x1303031500150298796341158805504&de=2&to=3&pv=fcb7cfef-c9d7-40ab-9a82-50590326ab13
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 25 Feb 2022 13:31:18 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 206 0.mp4 Show response
vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/b6895034-e67f-4ea9-80d6-187261ebb991/ Frame B8F4 631 KB
631 KB 7ms
7ms XHR
video/mp4 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-4774eef9-309c-40d8-8dc1-bf70e43e9987/60764267-557e-410f-85cb-f102d92ee134/b6895034-e67f-4ea9-80d6-187261ebb991/0.mp4
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bb9845a7b5be83451784347fd6220f60d5dc6940e681aa6ed0178733f8cca6f7

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=663576-1309310

Response headers

date: Fri, 25 Feb 2022 13:31:19 GMT
last-modified: Tue, 23 Feb 2021 18:16:36 GMT
age: 91811
etag: "db612956a964a73c5555e7045673500b"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 663576-1309310/6233249
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 645735

POST
H/1.1 200
OK postback Show response
s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/ 0
145 B 45ms
27ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/postback?ap=undefined&ti=x1303031500150298796341158805504&de=2&ui=00000000-0000-0000-0000-000000000000&di=www.tumgir.com&md=2&sr=connatix.com&pp=963968048794229&to=3&pv=fcb7cfef-c9d7-40ab-9a82-50590326ab13&ci=234175&dt=2341751597675869250012&sid=ARuIC2EMEAQ7a_rj&oz_sc=10f8ec3312f9723207a05112&oz_df=1645795879557&oz_l=148&cv=3
Requested by: Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.51.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 25 Feb 2022 13:31:18 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 bridge3.502.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A01E 588 KB
191 KB 89ms
40ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e4f55efcc67f64b25439780e031ec3414567ce8593bb05924437b63c8a87095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 195644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Feb 2022 23:35:02 GMT
expires: Wed, 22 Feb 2023 23:35:02 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Feb 2022 23:28:24 GMT
content-type: text/html
age: 222977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B8F4 44 KB
17 KB 161ms
48ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Feb 2022 13:31:19 GMT

GET
H3 200 bridge3.502.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A20D 588 KB
191 KB 95ms
72ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e4f55efcc67f64b25439780e031ec3414567ce8593bb05924437b63c8a87095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 195644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Feb 2022 23:35:02 GMT
expires: Wed, 22 Feb 2023 23:35:02 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Feb 2022 23:28:24 GMT
content-type: text/html
age: 222977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.502.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4848 588 KB
191 KB 48ms
39ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e4f55efcc67f64b25439780e031ec3414567ce8593bb05924437b63c8a87095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 195644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Feb 2022 23:35:02 GMT
expires: Wed, 22 Feb 2023 23:35:02 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Feb 2022 23:28:24 GMT
content-type: text/html
age: 222977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DD61 37 KB
13 KB 168ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 25 Feb 2022 14:12:25 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 38A3 37 KB
13 KB 174ms
44ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 25 Feb 2022 14:12:25 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 88FA 37 KB
13 KB 202ms
73ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 25 Feb 2022 14:12:25 GMT

POST
H/1.1 200
OK mq Show response
capi.connatix.com/tr/ Frame B8F4 0
315 B 111ms
111ms XHR
application/x-protobuf 18.217.77.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/mq?v=151870&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.77.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-77-222.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Fri, 25 Feb 2022 13:31:19 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame B8F4 0
315 B 111ms
110ms XHR
application/x-protobuf 18.217.77.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=151870&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.77.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-77-222.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Fri, 25 Feb 2022 13:31:19 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
BLOB 200
OK 0b326f44-5957-4992-b846-e8f7aaa2dedf
https://www.tumgir.com/ Frame 8A88 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tumgir.com/0b326f44-5957-4992-b846-e8f7aaa2dedf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

POST
H/1.1 200
OK postback Show response
s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/ 0
145 B 30ms
30ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/postback?ap=undefined&ti=x1303031500150298796341158805504&de=2&ui=00000000-0000-0000-0000-000000000000&di=www.tumgir.com&md=2&sr=connatix.com&pp=963968048794229&to=3&pv=fcb7cfef-c9d7-40ab-9a82-50590326ab13&ci=234175&dt=2341751597675869250012&sid=ARuIC2EMEAQ7a_rj&oz_sc=10f8ec3312f9723207a05112&oz_df=1645795879760&oz_l=5254&cv=3
Requested by: Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.51.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 25 Feb 2022 13:31:19 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame B8F4 0
315 B 110ms
110ms XHR
application/x-protobuf 18.217.77.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=151870&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.77.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-77-222.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Fri, 25 Feb 2022 13:31:19 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK postback Show response
s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/ 0
145 B 28ms
27ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/postback?ap=undefined&ti=x1303031500150298796341158805504&de=2&ui=00000000-0000-0000-0000-000000000000&di=www.tumgir.com&md=2&sr=connatix.com&pp=963968048794229&to=3&pv=fcb7cfef-c9d7-40ab-9a82-50590326ab13&ci=234175&dt=2341751597675869250012&sid=ARuIC2EMEAQ7a_rj&oz_sc=10f8ec3312f9723207a05112&oz_df=1645795879976&oz_l=5658&cv=3
Requested by: Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.51.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 25 Feb 2022 13:31:19 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/ 0
145 B 27ms
27ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/postback?ap=undefined&ti=x1303031500150298796341158805504&de=2&ui=00000000-0000-0000-0000-000000000000&di=www.tumgir.com&md=2&sr=connatix.com&pp=963968048794229&to=3&pv=fcb7cfef-c9d7-40ab-9a82-50590326ab13&ci=234175&dt=2341751597675869250012&sid=ARuIC2EMEAQ7a_rj&oz_sc=10f8ec3312f9723207a05112&oz_df=1645795880135&oz_l=59&cv=3
Requested by: Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.51.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 25 Feb 2022 13:31:19 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/ 0
145 B 28ms
27ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/postback?ap=undefined&ti=x1303031500150298796341158805504&de=2&ui=00000000-0000-0000-0000-000000000000&di=www.tumgir.com&md=2&sr=connatix.com&pp=963968048794229&to=3&pv=fcb7cfef-c9d7-40ab-9a82-50590326ab13&ci=234175&dt=2341751597675869250012&sid=ARuIC2EMEAQ7a_rj&oz_sc=10f8ec3312f9723207a05112&oz_df=1645795880287&oz_l=335&cv=3
Requested by: Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.51.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 25 Feb 2022 13:31:19 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 86EB 28 B
54 B 55ms
54ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/GLgh9h2ePYw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
X-YouTube-Client-Version: 1.20220223.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtaaFZmY3IwNHN1YyiltOOQBg%3D%3D
X-YouTube-Ad-Signals: dt=1645795877845&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C356%2C200&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 25 Feb 2022 13:31:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 25 Feb 2022 13:31:20 GMT

GET
BLOB 200
OK cfd0d1ba-2f91-4b4e-b960-128dabba4d6d
https://www.tumgir.com/ 771 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tumgir.com/cfd0d1ba-2f91-4b4e-b960-128dabba4d6d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c01143c3f403ccc52ac8fa994e3407c3deede4fad6fdcd3f3e2133244e74a693

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 771

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A460 28 B
54 B 58ms
58ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Zn551Ymh-kM?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
X-YouTube-Client-Version: 1.20220223.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs2cFZPWVN0dkQzYyiltOOQBg%3D%3D
X-YouTube-Ad-Signals: dt=1645795877976&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C356%2C200&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 25 Feb 2022 13:31:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 25 Feb 2022 13:31:20 GMT

POST
H/1.1 200
OK postback Show response
s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/ 0
145 B 27ms
27ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/postback?ap=undefined&ti=x1303031500150298796341158805504&de=2&ui=00000000-0000-0000-0000-000000000000&di=www.tumgir.com&md=2&sr=connatix.com&pp=963968048794229&to=3&pv=fcb7cfef-c9d7-40ab-9a82-50590326ab13&ci=234175&dt=2341751597675869250012&sid=ARuIC2EMEAQ7a_rj&oz_sc=10f8ec3312f9723207a05112&oz_df=1645795880446&oz_l=538&cv=3
Requested by: Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.51.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 25 Feb 2022 13:31:19 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame B8F4 0
315 B 111ms
110ms XHR
application/x-protobuf 18.217.77.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=151870&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.77.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-77-222.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Fri, 25 Feb 2022 13:31:20 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4A62 28 B
54 B 55ms
54ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/450209b9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/S9tKwSboJeg?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
X-YouTube-Client-Version: 1.20220223.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtDZWIzYXpRUC1QdyiltOOQBg%3D%3D
X-YouTube-Ad-Signals: dt=1645795878184&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C356%2C200&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 25 Feb 2022 13:31:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 25 Feb 2022 13:31:20 GMT

POST
H/1.1 200
OK postback Show response
s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/ 0
145 B 28ms
27ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/postback?ap=undefined&ti=x1303031500150298796341158805504&de=2&ui=00000000-0000-0000-0000-000000000000&di=www.tumgir.com&md=2&sr=connatix.com&pp=963968048794229&to=3&pv=fcb7cfef-c9d7-40ab-9a82-50590326ab13&ci=234175&dt=2341751597675869250012&sid=ARuIC2EMEAQ7a_rj&oz_sc=10f8ec3312f9723207a05112&oz_df=1645795880651&oz_l=11433&cv=3
Requested by: Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.51.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 25 Feb 2022 13:31:20 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H3 204 dHl0AHp8fHcfOTUuJQR8Yz82TSF4fnQNeHJ2dwF1dH1wDA
ndollarhe.com/OU1FT0IWciY8f3QVEDUPfnUGHTVoDBMoKnQPFB0VeH0cCAF/eWM7K11wfXpwAHpxaTJQKXh8cB8+MS42TD54fXIJeGMmLF8ieH1yCXt1f3IJe2B4AVE5MT8xHH4EanB/aHcJNVwvNSYhUmAmKywXPnZhI1QsPyAsWDo2YSFWIGB9BEojJD8nWiw... 0
470 B 140ms
140ms Ping
text/plain 2606:4700:3034::6815:3895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ndollarhe.com/OU1FT0IWciY8f3QVEDUPfnUGHTVoDBMoKnQPFB0VeH0cCAF/eWM7K11wfXpwAHpxaTJQKXh8cB8+MS42TD54fXIJeGMmLF8ieH1yCXt1f3IJe2B4AVE5MT8xHH4EanB/aHcJNVwvNSYhUmAmKywXPnZhI1QsPyAsWDo2YSFWIGB9BEojJD8nWiwtO2xJIyJqdXojMCMuHHoGeHUMfnV+dwh7fHhzD3V1fXUNf2M5fwljfWF0F39jOn8LeHd6dgt/dHl0AHp8fHcfOTUuJQR8Yz82TSF4fnQNeHJ2dwF1dH1wDA
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:3895 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:31:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5ZhrrzAfL7ljkPs8mRlZFZTuT2ynFEC8%2FNNeOg8KrjC%2FpmEq52Ef525M7PMHTtZJLJGo13kNdU34%2BgkbblKEsaKnetMzDxhQ93%2BI4KFlmlCKSJm4bxjEKVaYsGdPEwk7oZ7Hapqm508dnm%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6e314b21bd905c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET snapecaht.png
webpick-cdn.s3.amazonaws.com/ 0
0

POST
H/1.1 200
OK postback Show response
s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/ 0
145 B 28ms
28ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.srvsynd.com/2/2.51.0/234175/ARuIC2EMEAQ7a_rj/postback?ap=undefined&ti=x1303031500150298796341158805504&de=2&ui=00000000-0000-0000-0000-000000000000&di=www.tumgir.com&md=2&sr=connatix.com&pp=963968048794229&to=3&pv=fcb7cfef-c9d7-40ab-9a82-50590326ab13&ci=234175&dt=2341751597675869250012&sid=ARuIC2EMEAQ7a_rj&oz_sc=10f8ec3312f9723207a05112&oz_df=1645795881226&oz_l=344&cv=3
Requested by: Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.51.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 25 Feb 2022 13:31:20 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK snapecaht.png
webpick-cdn.s3.amazonaws.com/ Frame C2ED 3 KB
3 KB 611ms
185ms Image
image/png 52.218.217.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webpick-cdn.s3.amazonaws.com/snapecaht.png
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.217.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5af1e32d6499ad2c5e9249164daa9a39860fb4e6f64b223b04fe0afa0c0b6ee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 25 Feb 2022 13:31:22 GMT
Last-Modified: Tue, 25 Dec 2018 13:48:43 GMT
Server: AmazonS3
x-amz-request-id: WYTX04CJ6YKBJC6D
ETag: "84cde431b32705bc6e18c3d7ccc2dd29"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2888
x-amz-id-2: /nlgGL1t2piinNG6dAhJSLNqXD2aHi2F5hBKmAzpWjMcV5Nsr5v2oVvQZmcKjuEM68HZL0RHZNk=
x-amz-meta-s3b-last-modified: 20181225T134720Z

GET
DATA 200
OK truncated
/ Frame C2ED 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52878d35bbd3319522a493c873f3dfe8fe7b15c11a3bb4aafca023115122e702

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C2ED 814 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK sv Show response
capi.connatix.com/tr/ Frame B8F4 0
315 B 111ms
110ms XHR
application/x-protobuf 18.217.77.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sv?v=151870&cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=ee7ea835-cb32-4f74-a0c0-d0ea2b1e3398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.77.222 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-77-222.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Fri, 25 Feb 2022 13:31:20 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: webpick-cdn.s3.amazonaws.com
URL: https://webpick-cdn.s3.amazonaws.com/snapecaht.png

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: YFl-i_Y96vA
.youtube.com/	1970-01-20 05:29:07	Name: VISITOR_INFO1_LIVE Value: Ceb3azQP-Pw
.tumgir.com/	1970-01-20 18:41:07	Name: _ga Value: GA1.2.1120401997.1645795878
.tumgir.com/	1970-01-20 01:11:22	Name: _gid Value: GA1.2.1006225116.1645795878
.tumgir.com/	1970-01-20 01:09:55	Name: _gat_gtag_UA_134279593_1 Value: 1
freychang.fun/	1970-01-20 09:48:19	Name: csu Value: 252542216697935@2
www.tumgir.com/	1970-01-20 10:35:51	Name: __atuvc Value: 1%7C8
www.tumgir.com/	1970-01-20 01:09:57	Name: __atuvs Value: 6218da253dadb263000
.addthis.com/	1970-01-20 10:35:51	Name: uvc Value: 1%7C8
.addthis.com/	1970-01-20 10:35:51	Name: loc Value: MDAwMDBFVURFQlkyMjkzMTkwMTAwNTAwMDBDSA==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	error	URL: blob:https://www.tumgir.com/0b326f44-5957-4992-b846-e8f7aaa2dedf Message: Mixed Content: The page at 'blob:https://www.tumgir.com/0b326f44-5957-4992-b846-e8f7aaa2dedf' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://www.tumgir.com/0b326f44-5957-4992-b846-e8f7aaa2dedf Message: Mixed Content: The page at 'blob:https://www.tumgir.com/0b326f44-5957-4992-b846-e8f7aaa2dedf' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64.media.tumblr.com
accounts.google.com
api-public.addthis.com
api.tumblr.com
arderstartir.xyz
assets.tumblr.com
capi.connatix.com
cd.connatix.com
cdnjs.cloudflare.com
cds.connatix.com
d18g6t7whf8ejf.cloudfront.net
dmmzkfd82wayn.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
googleads.g.doubleclick.net
i.ytimg.com
imasdk.googleapis.com
img.connatix.com
jnn-pa.googleapis.com
lyjuster.xyz
m.addthis.com
mefagetobri.top
ndollarhe.com
pagead2.googlesyndication.com
s.srvsynd.com
s0.2mdn.net
s7.addthis.com
securepubads.g.doubleclick.net
shionismscol.xyz
static.doubleclick.net
v1.addthisedge.com
vid.connatix.com
video-serve.com
webpick-cdn.s3.amazonaws.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.tumgir.com
www.youtube.com
yt3.ggpht.com
z.moatads.com
s7.addthis.com
webpick-cdn.s3.amazonaws.com
107.22.28.167
108.157.4.74
108.157.4.86
142.250.185.98
151.101.194.137
151.101.2.137
167.71.185.16
18.203.213.28
18.217.77.222
18.66.92.180
192.0.77.3
192.0.77.40
2.18.235.40
205.251.219.103
23.35.236.122
2600:9000:225f:dc00:6:2e3c:5fc0:21
2606:4700:3030::ac43:dadd
2606:4700:3034::6815:3895
2606:4700::6810:125e
2a00:1450:4001:803::200d
2a00:1450:4001:808::200e
2a00:1450:4001:808::2016
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:812::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a00:1450:400e:80f::2003
2a03:2880:f11c:8183:face:b00c:0:25de
44.195.137.121
52.218.217.59
01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84
0148571bdd2d5a5ef37b0a1cb465f1e3281253a069c3d4450fb01a0ccd5ded55
031f4bac487c82ea9d81facc8a66ef7131c37c588eec8faa68e2dd385d881ccb
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
060234194dc936c74fb0c1561c728595e0dcc84ad225177bb46f10ba8886dc97
0777f3e0b8c0e29c02a500177bbe474c4cfa34f6427eece68a06f275d3a0f446
0b926af2a7034742180dd7cd0cfa3b7bef72e49909fc7d88933f7e0364595a7f
0dd8a6e14f10fa5526fa5d29f4c6c60ca781190164f7582b5524eeead92702df
0dde4afa866fce6f6329dc60ea8484c40eadab0f132cc37ff067749cd410cbaa
0e4f55efcc67f64b25439780e031ec3414567ce8593bb05924437b63c8a87095
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f85f1c006c5789babc7f370e2a01245ce375406ab904ad99f0620d7821f50a9
115904799d8eece939d8a5dce0079379402b024b81d9f25513c98c16d54a0740
157b492c2139e45d53cc279ef42e81a749ef127e24856691d44f1586e1cb7f73
1a2d8668bd8513e6c798d670829efa6e912d069f1241a0a9b3037afe3df00795
1dfa4109b7d02cb8ef705041fad8100c87c9a83c539d0dcbca191feac2ecfc5d
1e552184493eea74a53b11e52b6e6eec9c35d90cece6592d9bdf6cf1090ad8c0
1f18fe84cb7753612d933df006d8a102a1003702b0246a79735f3070edf71d6b
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
266c698922388723ec8fe73e4467331688fa88957dbfbcf9d4e26d26de037b9a
26ac7fe4b417bb8b7c9b944185ab84dd8a11f333a792bc422d39e00bd563eecb
29f9fbd17e787e75b7ab130fb31598bc2587548455a20c43b41367d25f03d9e7
2bc27aa5c9ce50f4f36f5cebcc828b69ba4abe70e81c796dc400f22a749cd298
2cb5dd9bf07ede3ae0b1e1ff9c4aa3a2cc27331bd946044f95b023b8d402c638
2dfcc437dd50333338bf639b34b9778566c9b960105aa0f50af680ca66a030ca
2e3f22095e4206f71c3b902d6b1fcc81ae3fcf4746ba470cf92bd6a8fdb02523
3517aa9a0eee13e0c108ebf537bfa21942a8a717dc4a703980ad717742c189e6
35a4dc61a1020b3f4c457749b6a8e056610e566af883961660a65d3a3e6fa752
394d5e98f3babca93058fc4d3faee7b9485d155a1131522737b451fa18be534a
398cb62528d3b81e952c39fa96eef8055cc1493e20a1bcf8a45193ab00644214
3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96
3b9562b329ea0d9b6e1d16e1a02c006f7b0311a5af1165e0798a07585baeb024
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4097edffdaf025b488126918156cc789a86c268ae98433148300a227048489c7
40d933ee8974c700bc2f951870c4ec8b613be371def35992bc2460e5d8fa3e08
4127961e7c06745f31d1db9fc4458e716f417744dd29eab7b5bbadb163893be9
424bd37035c5a2a5f1a75ab842e92068407aaa0938b52dc1eba785086eec9b19
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46a95c4045e3d2125291d2e21fea0b3a737818068bfc91cc8d6b4f908312418a
47646be25c50852fa975f0f776a24b58b33bdff3d9e68994f8b7dcdff0c167ea
486d57d8e9f08d08222713e26a602936f989acdbe22cd5207c6161bf487e0411
49111b262076e23277435bb35f9b872e33f4b0f82452ee8fc9f60a77c6faa7e1
49cdabd47fb581dac64a09ed2fe82dca1f4bf6d8b37c70ce8797ea1435ff8de3
4b9019b46768d884816f34f0572435e6b9060ff9d0ef785996285a9b7d97a715
504a4d6cc789f4dcf195e41badf63ac193a15508e2fa6bb74be4a42d019091a2
52878d35bbd3319522a493c873f3dfe8fe7b15c11a3bb4aafca023115122e702
56b1031801c8ef12d5795d84373311bde8447b202306103fd96357ff44d5bfff
575510b3e0505b372c6a70ed847226fe0d794c7327c9dbe9a635c01fc44c958d
5859fa3632d55b480f7cab040f9a70fc6afea8b4689fadb133da51436c003db0
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5af1e32d6499ad2c5e9249164daa9a39860fb4e6f64b223b04fe0afa0c0b6ee2
5b7dfd880a6752132420cbc441b66fd32302a603c4b8c694e31c6ec5a62eae70
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
616b509494558ff819a90abd7027a4af4d64fd8b752aefa9cbfaf5219e5849dd
6350ced555079be0e27d4aeb80210a8b17ac3cf0c127b5aba0e7add682ccb1ca
6375c3268643e3a61617e08447cbb24e2c03257749834b5d2f117e3e24ee0138
64573aa4628f059fe609e5e9d704a352c7cb92993d7c5ca6430f911d7773fdec
650b59c0bf60db5ae7691e3597ddd22684dc3bcc534754e0485ce4a8c2cee9a1
65cdda06842fa726551a6b6dd25dea0989c5118dad12dd5b923d463dc0a6e195
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d9454ab0e661b595fb38dccdee04be48191af90a0d607bff9c6f7d6dc72fb32
7572814baf8cc90e1c7efbe78e8cd1da912f536b15e547d2e0165e4ad0caee3e
759fae71d9d63cccbdc0df953b7c4159e7fb51677cff6eca36abbfbf90a284a4
766ebb0d886ae6e1e4a67f6b54b6115281fa176a0d92084a50d7a9332d24b222
78755b5d8cc0087f31506e43d970ae282baec0e797f792fe90851d3a2b62a8dc
78a4634dd415c1ddaf8c08d9601ad8f1e9a17a5ac794ddd6b5ebae76aa8a6c79
793d8ae8be17ac602c3d0839bee5021086493b18d069152781f46e60f45b1310
794a3ac206f04961903d93cc7e73eff6c4bd0f82ea958c1d439018a54e743441
79d0a037047a98fc9e0348e4bfa35789aa14d62cf80972bf3aac26f7a5b1a862
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
8c382d76b7f3c936b789e587ff26a8383cb504a1b7c7f6183f80a45d2a464c9d
8cd336a3036ff6204ab2e00966a86d22821152aeca02ae8323c44ed4b280a21e
937cff9aebca1179570e209854cce0ec2987b73d0a523a3bace25b5c32567f74
984a33912d108639a1702ef6ae2ab796ad2c002c36f8f78a596d6fc389c2a9f9
9b7a32389b4e0941e45638f72f8b29668b4ddf68d80da6445e707cab9ede1594
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a640f5eb70ba52e2cc0b5b3da47b05be967d9894e740b8daf3ca7561bfcbcd
aace7732faadf60618fa7629c08491b0356a0f1ee228f179f245b55cacf2a8d8
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abfa5ce24f65db048040344e04b17c9f99d99170f41393641a1531828c05b3ce
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae1b9abbb61470260e103684bbd81cc23d3e69a1e9db92ef899dd539e0c9da15
aefa123ab4be4509c6970cb9a064c1031ed5ec6fae270e7c256b7a0826fa21f6
b3ce500a59896dfd8bcc55276eb8d271fb1b2789456c933b3f28ec33609d99eb
b605eddb7a032886f23e2eb80db244d6c5ff0e6094eb59570bb03495307d5b84
bb9845a7b5be83451784347fd6220f60d5dc6940e681aa6ed0178733f8cca6f7
bbd07ac7eee3ac14dfd5bf39873bd45cfb82581f6baff586d18249d3eeb05bbf
bd7af74616008b91eee3a6545f45f3b961dcec295ed7ddc4dea31a007b850d79
c01143c3f403ccc52ac8fa994e3407c3deede4fad6fdcd3f3e2133244e74a693
c0ca0100b546f4bcabf3a908458459d0c31c59e67f12168470ae72564eefe974
c2069f8c0ff0366996c9a35799bfca3e7d51e880ca8841b27e4067657848b9b2
c81e03e9977dae81a66597e7019e6b582bcb67a9c4add349b692804d7b3830d7
c8906fbe24261ebfc52536903d02f7981d4767f0dc6c63e3f0490d1499676182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd8713e683c22c91c67da07588c6461fe10df6947dcc84d991115ee011fbd65d
d024cb3f9cc8f5edfeb9d0c135f6c0b79345440f20dd559adf9e2111b5d8dda7
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d62cf0e6b7bbec5f55abc26eeb0286065effac88db5a713fe32c81d02a3d1d6f
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9071395f6b63b40c10f0db498f0e1d844502734dd268a077a7085486d6b4e0c
dad9a6292a5538b27565dfb80a75a1fbbcaf4aef9bd291b2daa701a12c956eea
dcef44149ee72d9d57201c7a0144e3946a89bb72dda3bb73ed5276311854298c
df74eebfd082e07e839d575f047fe4d7181430fd9f2a4170a67c71ace2f076e1
e0dc8f37b244aa51d761e8bb39b88857cbbcaa7fb6944333b49ecbebd58c7fae
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2e59c9a7b15a405dd525cceff78570c65c21b616b6870c4130fe21270b5ecea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7435e717fa63bc5d3dec53b91e4136447006cf33cb58c54cd8ab410d13df9c6
e7c40fab0741f349bf28290e154abe61bdffb6436fcc8c756ab54d5dd35af674
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef3b58dd750c240990c38e4bbfef456d3c8c2a5de0fcc4a0615cbaff797a22bc
efa7f7f1d869a7e1a2385881dc2221459e439ce59cfbaf9e4f8abadf01c695c5
efc7f27279f1c7582852d15cd287e855313131e69bfb4e0b2091b7473f546a30
f232bb105089375f756c7ba1e05100d5736863cace604114aabe4e37bbaa6120
f24b5c2339c8398244242d762ec9c69c47d668f97e1798ca8909bca5c3a9ed61
f65db3ab166b832e05280301d6710c2c065efcabde9896482c5a91c836f0d927
f8820f80820bc3a3d86b738acac7be6d54d6ca13987cbdf7ad019dee6304b02f
fb80a89668b10c6718f371cf79d63bb51acf15a003e4fde2ac048a99059b90e8
fdb74b81e033338cbb6acd5d5d6f73dfcd1a677c74c5c11ffbbb350ef7784ec3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.tumgir.com Open in urlscan Pro 167.71.185.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

189 Requests

93 %HTTPS

55 %IPv6

29 Domains

44 Subdomains

39 IPs

3 Countries

10730 kBTransfer

20731 kBSize

10 Cookies

1 Outgoing links

Page URL History

Redirected requests

189 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tumgir.com Open in urlscan Pro
167.71.185.16 Public Scan

Screenshot
Live screenshot

Full Image

189
Requests

93 %
HTTPS

55 %
IPv6

29
Domains

44
Subdomains

39
IPs

3
Countries

10730 kB
Transfer

20731 kB
Size

10
Cookies

189 HTTP transactions
6 data transactions