URL: https://www.tumgir.com/canadianonlinecasino
Submission: On February 10 via manual from NL

Summary

This website contacted 18 IPs in 5 countries across 18 domains to perform 64 HTTP transactions. The main IP is 104.131.46.126, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.tumgir.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 17th 2020. Valid for: a year.
This is the only time www.tumgir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 104.131.46.126 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
6 6 152.199.21.147 15133 (EDGECAST)
7 192.0.77.3 2635 (AUTOMATTIC)
2 143.204.101.42 16509 (AMAZON-02)
8 104.75.88.112 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.144.3.29 14618 (AMAZON-AES)
5 99.86.119.41 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.218.209.154 16625 (AKAMAI-AS)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 143.204.2.21 16509 (AMAZON-02)
2 151.101.36.84 54113 (FASTLY)
1 1 108.168.193.183 36351 (SOFTLAYER)
2 94.31.29.131 6461 (ZAYO-6461)
1 1 173.192.101.24 36351 (SOFTLAYER)
64 18
Domain Requested by
23 www.tumgir.com www.tumgir.com
7 64.media.tumblr.com www.tumgir.com
6 api.tumblr.com 6 redirects
5 astertour.fun d18g6t7whf8ejf.cloudfront.net
3 api-public.addthis.com s7.addthis.com
3 s7.addthis.com www.tumgir.com
s7.addthis.com
2 www.ssaimg.com
2 widgets.pinterest.com s7.addthis.com
2 hinksdeba.top www.tumgir.com
2 freychang.fun d18g6t7whf8ejf.cloudfront.net
2 www.google-analytics.com www.tumgir.com
www.google-analytics.com
2 accounts.google.com www.tumgir.com
2 d18g6t7whf8ejf.cloudfront.net www.tumgir.com
1 ngp4.intnotif.club 1 redirects
1 ngp1.intnotif.club
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 www.facebook.com www.tumgir.com
1 ertented.online www.tumgir.com
1 www.youtube.com www.tumgir.com
1 fonts.googleapis.com www.tumgir.com
64 22

This site contains links to these domains. Also see Links.

Domain
www.stashbird.com
www.addthis.com
Subject Issuer Validity Valid
tumgir.com
Sectigo RSA Domain Validation Secure Server CA
2020-03-17 -
2021-03-17
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-01-19 -
2021-04-13
3 months crt.sh
*.media.tumblr.com
Sectigo RSA Domain Validation Secure Server CA
2020-02-10 -
2022-02-09
2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2
2020-05-26 -
2021-04-21
a year crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2021-01-10 -
2021-04-07
3 months crt.sh
*.google.com
GTS CA 1O1
2021-01-19 -
2021-04-13
3 months crt.sh
ertented.online
R3
2021-01-21 -
2021-04-21
3 months crt.sh
astertour.fun
Amazon
2020-11-16 -
2021-12-15
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-12-22 -
2021-03-21
3 months crt.sh
accounts.google.com
GTS CA 1O1
2021-01-19 -
2021-04-13
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-01-19 -
2021-04-13
3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2020-01-17 -
2021-03-17
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-11-16 -
2021-11-15
a year crt.sh
hinksdeba.top
Amazon
2020-10-22 -
2021-11-20
a year crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA
2020-07-16 -
2021-08-04
a year crt.sh
www.ssaimg.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-12 -
2022-04-14
2 years crt.sh

This page contains 7 frames:

Primary Page: https://www.tumgir.com/canadianonlinecasino
Frame ID: 286EE189EA0FDBD69C3CC4AAE1BF06F6
Requests: 58 HTTP requests in this frame

Frame: https://www.youtube.com/embed/dHJM362ZXjE?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
Frame ID: 1FE72647CB0869C2609F0A379A307761
Requests: 1 HTTP requests in this frame

Frame: https://astertour.fun/UXlnMUYwGwRceTBEBRczIxVaFHQXXFV3ImBBAAcyZg4PV340EwEfJT0WElUgIxYJRWg/HBMUdBcJMgMAJRwMQjEVHipSIhIaLnITNQM9XQgELT8IdxIBU2cMAjcEeAQfQSEAHwcxP3x+HAFfFHQXOB9aDRIVEBR0FzI2ZxcCS1cUdBc4JnwiNRcydAcpFVVoLTI0L1gqJC8yQgkeAxB6ExBBC38xADUiSBNjOzJCFhoUU3wHNjgOYTFhND8CLQcvIn8NMxQhYxQDGhZ8BzY9I1gXNjoyWQwSIT1lHgM0C3sxADs/Aio7PSZGHDMUIWMHNhUSaBAULz8CKjssIRx2PRwKUmNjOzB3CCQgMXQLEhMUFHQXOyVeIBotAHgBB0BSdxADHDNmEDYvV1kPNEoUegQATQphdgMfKGZzOSw2dBIYPT10HmEWFH8hGD4hZgxjLFYBHBgAIn4HE0ASaBU1LzRmEDstVl0KNEslYRFhDRJoEBQcIEh2KDwQYyA0KzFkHjpIC2gANTUjAh93ExReKCFEKlhxFU4fVn4+KxV0DhsSAA
Frame ID: F299CF1CC606FE14341EB2548A602505
Requests: 1 HTTP requests in this frame

Frame: https://astertour.fun/V1ZNTTA2NC4gDzZrL2tFJTpwaAIRc38LVGZuKntEYCElKwgyPCtjUzs5OClWJTkjOR45MzloAhE6GRoFZTMmCEUWBCouVj09BQhbM2MoC0gHAhUfQhUXGBt8LWcZD3NvHgYhBGcSDz5TFRAMAn8uOhkfASAiAQxxBQR/Ll8WFBsFUxAlHQhYP24oGFcUFSR5XQIhOgZ+E2IXClgaLAc6agYSNA9HFi4mDHsUEw4LAW4sDnxEDgUgHxVlEBUhBA8fDnl4EBd5OGAwDBkeYRk5FQhpAxo3JnwQOnQ3VgYbFQpnBXN/C2g/PQcXeG4zCSEJLTAbdHcdDg94fQJ7AxlqH28oC0c4LgQcQxUeNABdFSEHK1MgIi8fZWYgKyFYAwUFC1wVBHkCfBQQAR90Oz0rfAQ2EzQiXwRmHwZ6PjEDBWIBOSwLSBARHiYVZRAMH0MxDAV1XwM9ITtWAhQOHgMRc38PYRIUARd4bjMPH0M5Gg86Vg9lAAFnZwADLwNiDxgMCW9wJz5fOSZwP2URMX0PRg0HJw
Frame ID: 587FCA581829E0EF1310A6201B7C7D9F
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: A489089CD9ECDE90E25988C4E19633DB
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: FB5E33BC263AF0C80F50D8EF76DA4FA1
Requests: 1 HTTP requests in this frame

Frame: https://www.ssaimg.com/~zsl8TkCFOBM/05cde2d2b31aada3e4efe6fe9ec12e0e72a336dde78319bf01cef6693e8ddc51.png
Frame ID: 5BCB34CD5384F6E33F7FF205393573A7
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

64
Requests

97 %
HTTPS

35 %
IPv6

18
Domains

22
Subdomains

18
IPs

5
Countries

724 kB
Transfer

1550 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://api.tumblr.com/v2/blog/canadianonlinecasino.tumblr.com/avatar/128 HTTP 302
  • https://64.media.tumblr.com/d891eedb22d095b02a89a73eca87e7c6/15bccd948bfda3ad-25/s128x128u_c1/c00b3d3b4d949deef5e4825604673f31436b0884.png
Request Chain 11
  • https://api.tumblr.com/v2/blog/marchempel2.tumblr.com/avatar/128 HTTP 302
  • https://64.media.tumblr.com/avatar_68a1929ae1f1_128.png
Request Chain 12
  • https://api.tumblr.com/v2/blog/logwire.tumblr.com/avatar/128 HTTP 302
  • https://64.media.tumblr.com/ad9b9c3840adccd7ac4f91ed4e58373d/6e575b4a69bcb9b6-2f/s128x128u_c1/1ec3ffd542e6512a62789cae67d4d5343d20a62c.jpg
Request Chain 13
  • https://api.tumblr.com/v2/blog/cellsdividing.tumblr.com/avatar/128 HTTP 302
  • https://64.media.tumblr.com/fba6a49f70629ac69df2ba53b30f6cb0/d7e2bfdaa1379e15-e8/s128x128u_c1/c62366361df612737461bf8b4d381c5421f7cb92.jpg
Request Chain 14
  • https://api.tumblr.com/v2/blog/garrettfest.tumblr.com/avatar/128 HTTP 302
  • https://64.media.tumblr.com/avatar_28f3e3648934_128.png
Request Chain 15
  • https://api.tumblr.com/v2/blog/majasartchamber.tumblr.com/avatar/128 HTTP 302
  • https://64.media.tumblr.com/98301fb11897dc0b9656562222ea970f/bc9148da4ab0dd98-77/s128x128u_c1/c689af01134835a5b7d7abb6f10015f70a7b6a4e.jpg
Request Chain 62
  • https://ngp1.intnotif.club/adServe/wpnFeed/getImage?ai=ZWa5rhg46-u_xu5CfgY5ult248FJq917Hy1WQF77YQpT4wH9soC_yVBjQacPzuGDItdMPv6UzOhN8RNBjNjDKRAUcaUl7GOzVdXzaEfSkxm-lsHUBhK8iGFGmai1axBOFWHTF5jgTKbGR8jWWCPuQ4v6I7mUmG1IS4puaDq6V_vfVHbC3kR39c1F32dT0cACJl8mMetby4yK24Nnn9EXtkcqP3P6ipKKx4foAVY58EOWUoolglT3zmYSzXcYgha1g3dKbeBvEJar5i9-DGgPdFU8E8rfGsspGGXOURa1YfWnYkO0SQ5-aQgpCBPYtKlma8yRslOlVkfU9d3tvFVPOTAfylq-UhqJz05ZqgiRrWHKooKnwxmKS0KHgqIRtr3sPadFZktLta2hT5LYlt1wxOF62pXiSE8B7Uac_Ho06j-mo0rxwZuXXwuToAxy6Bh_SL4kJg2Uo0greTEH-Qrgw0dh0-CJJGBCdI3ivxLmXx7ZZsp8hxthZr6GDSeucHfixwrgj6lnGjNjuOWHPhBQwqNj_ZPBiA0b_F3EYeo2XvHlBCLcxo5Uv4kS9VGdLpdPyBjhtoVupYtVMa6nlieV-Q HTTP 302
  • https://www.ssaimg.com/~zsl8TkCFOBM/05cde2d2b31aada3e4efe6fe9ec12e0e72a336dde78319bf01cef6693e8ddc51.png
Request Chain 63
  • https://ngp4.intnotif.club/adServe/wpnFeed/getImage?ai=ZWa5rhg46-uptnnAKgtNh1t248FJq917Hy1WQF77YQpT4wH9soC_yVBjQacPzuGDItdMPv6UzOhN8RNBjNjDKRAUcaUl7GOzVdXzaEfSkxm-lsHUBhK8iGFGmai1axBOFWHTF5jgTKbGR8jWWCPuQ4v6I7mUmG1IS4puaDq6V_vfVHbC3kR39c1F32dT0cACJl8mMetby4yK24Nnn9EXtkcqP3P6ipKK4sq_KjIaYqxhqMPiJ0YRUrE4b8Ov49ximJcug4ZoKorMczztYZanxVU8E8rfGsspGGXOURa1YfWnYkO0SQ5-aQgpCBPYtKlma8yRslOlVkfrXIriiOkutjAfylq-UhqJz05ZqgiRrWHKooKnwxmKS0KHgqIRtr3sPadFZktLta2hT5LYlt1wxOF62pXiSE8B7Uac_Ho06j-mo0rxwZuXXwuToAxy6Bh_SL4kJg2Uo0greTEH-Qrgw0dh0-CJJGBCdI3ivxLmXx7ZZsp8hxthZr6GDSeucHfixwrgj6lnGjNjuOWHPhBQwqNj_ZPBiA0b_F3EYeo2XvHlBCLcxo5Uv4kS9VGdLpdPyBjhtoVupYvddYBFTarm6Q HTTP 302
  • https://www.ssaimg.com/~zsl8TkCFOBM/170d3ace66b7c0b97abebf664d9da23aa10a8e7826249b7796c030e2a574cf99.jpeg

64 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request canadianonlinecasino
www.tumgir.com/
43 KB
9 KB
Document
General
Full URL
https://www.tumgir.com/canadianonlinecasino
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Next.js
Resource Hash
a7ce91e16918dfd35a27a7a7aeb9aaf010c20d307b6ad4825b9f886ee11f6640

Request headers

Host
www.tumgir.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Wed, 10 Feb 2021 12:09:21 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
Next.js
ETag
"ad9d-wp7iiAWwU+3RFJR7k7+s2qBF4w8"
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Vary
Accept-Encoding
Content-Encoding
gzip
d5f7adf39c80fb81ddba.css
www.tumgir.com/_next/static/css/
13 KB
4 KB
Stylesheet
General
Full URL
https://www.tumgir.com/_next/static/css/d5f7adf39c80fb81ddba.css
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
aa719bf6dd1f65794099ac0ead04a5711f7d16d639e4d6d8212954a5172ccce6

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"351d-1778667af14"
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
main-b8a45bdd5c1ce2ada2d4.js
www.tumgir.com/_next/static/chunks/
17 KB
7 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/main-b8a45bdd5c1ce2ada2d4.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
084dbcdcc13e33079ff7d8334267e71e76d83c23fbac18b3af5ad4cd4f802454

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"43c0-1778667af14"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
webpack-50bee04d1dc61f8adf5b.js
www.tumgir.com/_next/static/chunks/
2 KB
1 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/webpack-50bee04d1dc61f8adf5b.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"603-1778667af10"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
framework.ae55bf7e6c20d673e3c3.js
www.tumgir.com/_next/static/chunks/
128 KB
42 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/framework.ae55bf7e6c20d673e3c3.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b0d07fd0ecfc8286de3cb0d3d5267f2c6c668c267ad547369585bc13b7d7f6f8

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"20005-1778667af14"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
75b8bd039adf8b1e7f8845878104139c878455d5.5858c56812fd1f98de2b.js
www.tumgir.com/_next/static/chunks/
40 KB
13 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/75b8bd039adf8b1e7f8845878104139c878455d5.5858c56812fd1f98de2b.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b912c2aa7360777ad00910ef5fca9e837fd084e6fb6440a75dc8043cf115b583

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"9f56-1778667af14"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
cb776751d7dbba9cdb1dbd2b9ed437caf9783b4f.3016bed3304132fdfe99.js
www.tumgir.com/_next/static/chunks/
9 KB
4 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/cb776751d7dbba9cdb1dbd2b9ed437caf9783b4f.3016bed3304132fdfe99.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
68b6f1c8ef3792406071b4fe9276b676b98c66fba81c4fcb27eaadd3c956dd43

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"25dc-1778667af14"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
_app-69a0a15d9bb8f2609f18.js
www.tumgir.com/_next/static/chunks/pages/
16 KB
6 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/_app-69a0a15d9bb8f2609f18.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
096a126be074b4f71dfe17e8d1c23957f26223486105c7c6d47c5b04f66fa699

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"3efd-1778667af14"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
48b400cb1677b84980585e2f91b8189e10cfc0c6.1ccdff7db7311ced0399.js
www.tumgir.com/_next/static/chunks/
14 KB
5 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/48b400cb1677b84980585e2f91b8189e10cfc0c6.1ccdff7db7311ced0399.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
84783510a00ea9d3d6ad22f24a0a4b7450d466a5f2654d6adc872577d7ef442c

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"365a-1778667af14"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
%5Bname%5D-86de6e0d199e48a7821b.js
www.tumgir.com/_next/static/chunks/pages/
7 KB
3 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/%5Bname%5D-86de6e0d199e48a7821b.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
80d1e6157d0c575d8e3035a50d05b1a35b6887d29944150769259f69814e3944

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1c3a-1778667af14"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
css2
fonts.googleapis.com/
4 KB
739 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dac82c181db29f567f8c6a98cb9dfc7cede1f4972031d27e374eb50cb6c23b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Feb 2021 12:09:21 GMT
server
ESF
date
Wed, 10 Feb 2021 12:09:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Feb 2021 12:09:21 GMT
c00b3d3b4d949deef5e4825604673f31436b0884.png
64.media.tumblr.com/d891eedb22d095b02a89a73eca87e7c6/15bccd948bfda3ad-25/s128x128u_c1/
Redirect Chain
  • https://api.tumblr.com/v2/blog/canadianonlinecasino.tumblr.com/avatar/128
  • https://64.media.tumblr.com/d891eedb22d095b02a89a73eca87e7c6/15bccd948bfda3ad-25/s128x128u_c1/c00b3d3b4d949deef5e4825604673f31436b0884.png
3 KB
3 KB
Image
General
Full URL
https://64.media.tumblr.com/d891eedb22d095b02a89a73eca87e7c6/15bccd948bfda3ad-25/s128x128u_c1/c00b3d3b4d949deef5e4825604673f31436b0884.png
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
7bd90976a4308357a7319557c9e6d2bdf039a587855c6237f13acb3d76246898
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Wed, 10 Feb 2021 12:09:22 GMT
last-modified
Wed, 10 Feb 2021 11:43:49 GMT
server
nginx
x-frames
1
etag
"69397536acb6bf31f407d83c5e88692a-1498089600-d0062b7"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_d891eedb22d095b02a89a73eca87e7c6_c00b3d3b_128.png"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
3149

Redirect headers

date
Wed, 10 Feb 2021 12:09:22 GMT
server
openresty
x-cache-avatar
true
strict-transport-security
max-age=31536000; preload
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location
https://64.media.tumblr.com/d891eedb22d095b02a89a73eca87e7c6/15bccd948bfda3ad-25/s128x128u_c1/c00b3d3b4d949deef5e4825604673f31436b0884.png#_=_
x-rid
55059672635457114461122857200702322467
content-type
application/json
content-length
204
x-ua-compatible
IE=Edge,chrome=1
avatar_68a1929ae1f1_128.png
64.media.tumblr.com/
Redirect Chain
  • https://api.tumblr.com/v2/blog/marchempel2.tumblr.com/avatar/128
  • https://64.media.tumblr.com/avatar_68a1929ae1f1_128.png
26 KB
26 KB
Image
General
Full URL
https://64.media.tumblr.com/avatar_68a1929ae1f1_128.png
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
44eedddf179147880dd920312839539be9b869b5a866cdc3c258542ba1cfc7de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Wed, 10 Feb 2021 12:09:22 GMT
last-modified
Wed, 09 Dec 2020 10:49:16 GMT
server
nginx
x-frames
1
etag
"47d3f16de13a9521c96f76b8bbf81893-1498089600-d0062b7"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-disposition
inline; filename="avatar_68a1929ae1f1_128.png"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
26444

Redirect headers

date
Wed, 10 Feb 2021 12:09:22 GMT
server
openresty
x-cache-avatar
true
strict-transport-security
max-age=31536000; preload
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location
https://64.media.tumblr.com/avatar_68a1929ae1f1_128.png#_=_
x-rid
69101042342153929744609669411063119177
content-type
application/json
content-length
121
x-ua-compatible
IE=Edge,chrome=1
1ec3ffd542e6512a62789cae67d4d5343d20a62c.jpg
64.media.tumblr.com/ad9b9c3840adccd7ac4f91ed4e58373d/6e575b4a69bcb9b6-2f/s128x128u_c1/
Redirect Chain
  • https://api.tumblr.com/v2/blog/logwire.tumblr.com/avatar/128
  • https://64.media.tumblr.com/ad9b9c3840adccd7ac4f91ed4e58373d/6e575b4a69bcb9b6-2f/s128x128u_c1/1ec3ffd542e6512a62789cae67d4d5343d20a62c.jpg
11 KB
11 KB
Image
General
Full URL
https://64.media.tumblr.com/ad9b9c3840adccd7ac4f91ed4e58373d/6e575b4a69bcb9b6-2f/s128x128u_c1/1ec3ffd542e6512a62789cae67d4d5343d20a62c.jpg
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
c3265145b355e2920f488e8ec6797931d75b92f23d4c291e57b376b41064e232
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"fe96bde50bb2871b109b954803174fa3-1498089600-59cc1ea"
x-frames
1
access-control-max-age
86400
content-disposition
inline; filename="tumblr_ad9b9c3840adccd7ac4f91ed4e58373d_1ec3ffd5_128.jpg"
content-length
11095
x-nc
HIT hhn 3
last-modified
Fri, 30 Oct 2020 18:05:13 GMT
server
nginx
date
Wed, 10 Feb 2021 12:09:22 GMT
strict-transport-security
max-age=31536000; preload
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
timing-allow-origin
*

Redirect headers

date
Wed, 10 Feb 2021 12:09:22 GMT
server
openresty
x-cache-avatar
true
strict-transport-security
max-age=31536000; preload
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location
https://64.media.tumblr.com/ad9b9c3840adccd7ac4f91ed4e58373d/6e575b4a69bcb9b6-2f/s128x128u_c1/1ec3ffd542e6512a62789cae67d4d5343d20a62c.jpg#_=_
x-rid
3369337778671304125050517515920250236
content-type
application/json
content-length
204
x-ua-compatible
IE=Edge,chrome=1
c62366361df612737461bf8b4d381c5421f7cb92.jpg
64.media.tumblr.com/fba6a49f70629ac69df2ba53b30f6cb0/d7e2bfdaa1379e15-e8/s128x128u_c1/
Redirect Chain
  • https://api.tumblr.com/v2/blog/cellsdividing.tumblr.com/avatar/128
  • https://64.media.tumblr.com/fba6a49f70629ac69df2ba53b30f6cb0/d7e2bfdaa1379e15-e8/s128x128u_c1/c62366361df612737461bf8b4d381c5421f7cb92.jpg
4 KB
4 KB
Image
General
Full URL
https://64.media.tumblr.com/fba6a49f70629ac69df2ba53b30f6cb0/d7e2bfdaa1379e15-e8/s128x128u_c1/c62366361df612737461bf8b4d381c5421f7cb92.jpg
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5b9984b88dc733fb6f873f9e5ac6605dc21630bb71f36edfa85a01d76242bc61
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"eaae3890df2995bb5ed46f1053034fd1-1498089600-59cc1ea"
x-frames
1
access-control-max-age
86400
content-disposition
inline; filename="tumblr_fba6a49f70629ac69df2ba53b30f6cb0_c6236636_128.jpg"
content-length
3617
x-nc
HIT hhn 1
last-modified
Thu, 05 Nov 2020 08:38:18 GMT
server
nginx
date
Wed, 10 Feb 2021 12:09:22 GMT
strict-transport-security
max-age=31536000; preload
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
timing-allow-origin
*

Redirect headers

date
Wed, 10 Feb 2021 12:09:22 GMT
server
openresty
x-cache-avatar
true
strict-transport-security
max-age=31536000; preload
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location
https://64.media.tumblr.com/fba6a49f70629ac69df2ba53b30f6cb0/d7e2bfdaa1379e15-e8/s128x128u_c1/c62366361df612737461bf8b4d381c5421f7cb92.jpg#_=_
x-rid
180160640781221176901224048205820427784
content-type
application/json
content-length
204
x-ua-compatible
IE=Edge,chrome=1
avatar_28f3e3648934_128.png
64.media.tumblr.com/
Redirect Chain
  • https://api.tumblr.com/v2/blog/garrettfest.tumblr.com/avatar/128
  • https://64.media.tumblr.com/avatar_28f3e3648934_128.png
21 KB
22 KB
Image
General
Full URL
https://64.media.tumblr.com/avatar_28f3e3648934_128.png
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a23b28be2cd678b8958fea7d188723f643c6b4108ce53fb10a17cb49cc812c60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 10 Feb 2021 12:09:22 GMT
last-modified
Mon, 14 Dec 2020 11:59:23 GMT
server
nginx
x-frames
1
etag
"f3e2d8b484ec27ad1b4eb870f6b3d855-1498089600-d0062b7"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-disposition
inline; filename="avatar_28f3e3648934_128.png"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
21992

Redirect headers

date
Wed, 10 Feb 2021 12:09:22 GMT
server
openresty
x-cache-avatar
true
strict-transport-security
max-age=31536000; preload
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location
https://64.media.tumblr.com/avatar_28f3e3648934_128.png#_=_
x-rid
1759942107845670170112718120296820810622
content-type
application/json
content-length
121
x-ua-compatible
IE=Edge,chrome=1
c689af01134835a5b7d7abb6f10015f70a7b6a4e.jpg
64.media.tumblr.com/98301fb11897dc0b9656562222ea970f/bc9148da4ab0dd98-77/s128x128u_c1/
Redirect Chain
  • https://api.tumblr.com/v2/blog/majasartchamber.tumblr.com/avatar/128
  • https://64.media.tumblr.com/98301fb11897dc0b9656562222ea970f/bc9148da4ab0dd98-77/s128x128u_c1/c689af01134835a5b7d7abb6f10015f70a7b6a4e.jpg
9 KB
9 KB
Image
General
Full URL
https://64.media.tumblr.com/98301fb11897dc0b9656562222ea970f/bc9148da4ab0dd98-77/s128x128u_c1/c689af01134835a5b7d7abb6f10015f70a7b6a4e.jpg
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
6ee43ccd8a429eac864a21ce28ffe0a7870538dcf66b668b4bf25572c13bbbf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 10 Feb 2021 12:09:22 GMT
last-modified
Mon, 14 Dec 2020 17:05:16 GMT
server
nginx
x-frames
1
etag
"0bac1b186e486c542a2a589b61488721-1498089600-d0062b7"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_98301fb11897dc0b9656562222ea970f_c689af01_128.jpg"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
8930

Redirect headers

date
Wed, 10 Feb 2021 12:09:22 GMT
server
openresty
x-cache-avatar
true
strict-transport-security
max-age=31536000; preload
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location
https://64.media.tumblr.com/98301fb11897dc0b9656562222ea970f/bc9148da4ab0dd98-77/s128x128u_c1/c689af01134835a5b7d7abb6f10015f70a7b6a4e.jpg#_=_
x-rid
4139141298037581715537779964389740734
content-type
application/json
content-length
204
x-ua-compatible
IE=Edge,chrome=1
5d3b11a1e2cf5efe16fd802e03648b2914de0c91.jpg
64.media.tumblr.com/e35a0df5ed9b745c8e74c024f2322a6b/6fad9a313ba59a9e-48/s500x750/
37 KB
38 KB
Image
General
Full URL
https://64.media.tumblr.com/e35a0df5ed9b745c8e74c024f2322a6b/6fad9a313ba59a9e-48/s500x750/5d3b11a1e2cf5efe16fd802e03648b2914de0c91.jpg
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5381907600102cea1dfdb7cc7105f942f348004dcd715b99878b5483db4bce62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Wed, 10 Feb 2021 12:09:22 GMT
last-modified
Wed, 10 Feb 2021 11:50:49 GMT
server
nginx
x-frames
1
etag
"dfe55a8c2dbb11e08b8bfd3e3cdca2fd-1498089600-d0062b7"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_e35a0df5ed9b745c8e74c024f2322a6b_5d3b11a1_500.jpg"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
38051
sw.js
www.tumgir.com/
160 KB
161 KB
Script
General
Full URL
https://www.tumgir.com/sw.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2226817fa4c105adcb289f1dd78fd1353bacf8b7a467517b8b7cf2a554ab16d0

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:22 GMT
Last-Modified
Tue, 09 Feb 2021 10:47:10 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6022682e-28145"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
164165
/
d18g6t7whf8ejf.cloudfront.net/
113 KB
41 KB
Script
General
Full URL
https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-42.fra50.r.cloudfront.net
Software
/
Resource Hash
fc77c2ca63b0c7d914d4ad8d91c8850742f6c3c0c5237bc660d1c113df3373fc

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Feb 2021 12:09:22 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
41979
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-id
b9gX42e0oPl04n_fcmlkD0MtM2wlvYe3Av0L3-TYDSC0icBgzjmMpw==
/
d18g6t7whf8ejf.cloudfront.net/
158 KB
52 KB
Script
General
Full URL
https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852975
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-42.fra50.r.cloudfront.net
Software
/
Resource Hash
4a8af6316ec7596ceb6fc3c37272e553a3c55d19d82a590d50f9118440c7c09a

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Feb 2021 12:09:22 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
52594
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-id
NRfQkMeMVGgSrUxRNmY2QbpHX-t8vvIhOeOggILQDqi3i5-QMLEnLw==
_buildManifest.js
www.tumgir.com/_next/static/6S39-qw0wpEIapUqzGSIG/
989 B
1 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/6S39-qw0wpEIapUqzGSIG/_buildManifest.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
27e995c2b7b105b36c39fe23f2ce867ab8ba21c74d5c5bd1f1075f21dcb9caa5

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:22 GMT
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"3dd-1778667af18"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
989
_ssgManifest.js
www.tumgir.com/_next/static/6S39-qw0wpEIapUqzGSIG/
76 B
429 B
Script
General
Full URL
https://www.tumgir.com/_next/static/6S39-qw0wpEIapUqzGSIG/_ssgManifest.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:22 GMT
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"4c-1778667af18"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
76
addthis_widget.js
s7.addthis.com/js/300/
353 KB
114 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Wed, 10 Feb 2021 12:09:22 GMT
x-host
s7.addthis.com
content-length
116325
dHJM362ZXjE
www.youtube.com/embed/ Frame 1FE7
0
0
Document
General
Full URL
https://www.youtube.com/embed/dHJM362ZXjE?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/dHJM362ZXjE?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.tumgir.com/canadianonlinecasino
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.tumgir.com/canadianonlinecasino

Response headers

cache-control
no-cache
content-length
22599
content-encoding
br
strict-transport-security
max-age=31536000
expires
Tue, 27 Apr 1971 19:44:06 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
x-content-type-options
nosniff
content-type
text/html; charset=utf-8
date
Wed, 10 Feb 2021 12:09:22 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=HM19_5eagxk; path=/; domain=.youtube.com; secure; expires=Mon, 09-Aug-2021 12:09:22 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Wed, 10-Feb-2021 12:39:22 GMT YSC=zhlQVQ_Y4TM; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=HM19_5eagxk; path=/; domain=.youtube.com; secure; expires=Mon, 09-Aug-2021 12:09:22 GMT; httponly; samesite=None CONSENT=PENDING+780; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aDBvU1MTEhwkDB1CA3FpSlgbJyMbCkB8JB9HQScmBVcGIX0LXwJ8IB8eBSBxRBIcPjVKCl5%2FcRtdGXFpSgNBZXFEEhsyNDdZC3FpSghbZWRZAE1%2FcRtFDQw6DAJNaXFYUVxqa1sBX35lXgkJfmcNVg1%2BMlAIDH41XAEOMWMOCFpka18SEg
ertented.online/
0
0
Script
General
Full URL
https://ertented.online/aDBvU1MTEhwkDB1CA3FpSlgbJyMbCkB8JB9HQScmBVcGIX0LXwJ8IB8eBSBxRBIcPjVKCl5%2FcRtdGXFpSgNBZXFEEhsyNDdZC3FpSghbZWRZAE1%2FcRtFDQw6DAJNaXFYUVxqa1sBX35lXgkJfmcNVg1%2BMlAIDH41XAEOMWMOCFpka18SEg
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/sw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.144.3.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-3-29.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
x-powered-by
Express
access-control-allow-methods
GET, POST
utx
astertour.fun/
0
414 B
XHR
General
Full URL
https://astertour.fun/utx?cb=Me0GBPuCLkeO&top=www.tumgir.com&tid=852974
Requested by
Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.119.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-119-41.lhr61.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Feb 2021 12:09:22 GMT
via
1.1 63dac58fb826a8fc06ff08c0724846f7.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
LHR61-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://www.tumgir.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
vjqVcxGWIQ20x3m8TkTANMjjbafa5ZdA_9eGq4XOOqJm4xTMstm-2Q==
Aio7PSZGHDMUIWMHNhUSaBAULz8CKjssIRx2PRwKUmNjOzB3CCQgMXQLEhMUFHQXOyVeIBotAHgBB0BSdxADHDNmEDYvV1kPNEoUegQATQphdgMfKGZzOSw2dBIYPT10HmEWFH8hGD4hZgxjLFYBHBgAIn4HE0ASaBU1LzRmEDstVl0KNEslYRFhDRJoEBQcIEh2K...
astertour.fun/UXlnMUYwGwRceTBEBRczIxVaFHQXXFV3ImBBAAcyZg4PV340EwEfJT0WElUgIxYJRWg/HBMUdBcJMgMAJRwMQjEVHipSIhIaLnITNQM9XQgELT8IdxIBU2cMAjcEeAQfQSEAHwcxP3x+HAFfFHQXOB9aDRIVEBR0FzI2ZxcCS1cUdBc4JnwiNRc... Frame F299
0
0
Document
General
Full URL
https://astertour.fun/UXlnMUYwGwRceTBEBRczIxVaFHQXXFV3ImBBAAcyZg4PV340EwEfJT0WElUgIxYJRWg/HBMUdBcJMgMAJRwMQjEVHipSIhIaLnITNQM9XQgELT8IdxIBU2cMAjcEeAQfQSEAHwcxP3x+HAFfFHQXOB9aDRIVEBR0FzI2ZxcCS1cUdBc4JnwiNRcydAcpFVVoLTI0L1gqJC8yQgkeAxB6ExBBC38xADUiSBNjOzJCFhoUU3wHNjgOYTFhND8CLQcvIn8NMxQhYxQDGhZ8BzY9I1gXNjoyWQwSIT1lHgM0C3sxADs/Aio7PSZGHDMUIWMHNhUSaBAULz8CKjssIRx2PRwKUmNjOzB3CCQgMXQLEhMUFHQXOyVeIBotAHgBB0BSdxADHDNmEDYvV1kPNEoUegQATQphdgMfKGZzOSw2dBIYPT10HmEWFH8hGD4hZgxjLFYBHBgAIn4HE0ASaBU1LzRmEDstVl0KNEslYRFhDRJoEBQcIEh2KDwQYyA0KzFkHjpIC2gANTUjAh93ExReKCFEKlhxFU4fVn4+KxV0DhsSAA
Requested by
Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.119.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-119-41.lhr61.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

:method
GET
:authority
astertour.fun
:scheme
https
:path
/UXlnMUYwGwRceTBEBRczIxVaFHQXXFV3ImBBAAcyZg4PV340EwEfJT0WElUgIxYJRWg/HBMUdBcJMgMAJRwMQjEVHipSIhIaLnITNQM9XQgELT8IdxIBU2cMAjcEeAQfQSEAHwcxP3x+HAFfFHQXOB9aDRIVEBR0FzI2ZxcCS1cUdBc4JnwiNRcydAcpFVVoLTI0L1gqJC8yQgkeAxB6ExBBC38xADUiSBNjOzJCFhoUU3wHNjgOYTFhND8CLQcvIn8NMxQhYxQDGhZ8BzY9I1gXNjoyWQwSIT1lHgM0C3sxADs/Aio7PSZGHDMUIWMHNhUSaBAULz8CKjssIRx2PRwKUmNjOzB3CCQgMXQLEhMUFHQXOyVeIBotAHgBB0BSdxADHDNmEDYvV1kPNEoUegQATQphdgMfKGZzOSw2dBIYPT10HmEWFH8hGD4hZgxjLFYBHBgAIn4HE0ASaBU1LzRmEDstVl0KNEslYRFhDRJoEBQcIEh2KDwQYyA0KzFkHjpIC2gANTUjAh93ExReKCFEKlhxFU4fVn4+KxV0DhsSAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.tumgir.com/canadianonlinecasino
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.tumgir.com/canadianonlinecasino

Response headers

content-type
text/html
content-length
1235
date
Wed, 10 Feb 2021 12:09:22 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 63dac58fb826a8fc06ff08c0724846f7.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-C1
x-amz-cf-id
d6GySsfXjVVOWRyAd41xPRLRbEH2i3difAptXXkCSK3GO5Hw7KGcfA==
utx
astertour.fun/
0
414 B
XHR
General
Full URL
https://astertour.fun/utx?cb=3j4q6u7PCakk&top=www.tumgir.com&tid=852975
Requested by
Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852975
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.119.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-119-41.lhr61.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Feb 2021 12:09:22 GMT
via
1.1 63dac58fb826a8fc06ff08c0724846f7.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
LHR61-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://www.tumgir.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
VJDiYvOLi-LLMLk-5OPms8JgYvEGXvwbtf64c7s10NMQrJ1YDwyMGA==
PQcXeG4zCSEJLTAbdHcdDg94fQJ7AxlqH28oC0c4LgQcQxUeNABdFSEHK1MgIi8fZWYgKyFYAwUFC1wVBHkCfBQQAR90Oz0rfAQ2EzQiXwRmHwZ6PjEDBWIBOSwLSBARHiYVZRAMH0MxDAV1XwM9ITtWAhQOHgMRc38PYRIUARd4bjMPH0M5Gg86Vg9lAAFnZwADL...
astertour.fun/V1ZNTTA2NC4gDzZrL2tFJTpwaAIRc38LVGZuKntEYCElKwgyPCtjUzs5OClWJTkjOR45MzloAhE6GRoFZTMmCEUWBCouVj09BQhbM2MoC0gHAhUfQhUXGBt8LWcZD3NvHgYhBGcSDz5TFRAMAn8uOhkfASAiAQxxBQR/Ll8WFBsFUxAlHQhYP24... Frame 587F
0
0
Document
General
Full URL
https://astertour.fun/V1ZNTTA2NC4gDzZrL2tFJTpwaAIRc38LVGZuKntEYCElKwgyPCtjUzs5OClWJTkjOR45MzloAhE6GRoFZTMmCEUWBCouVj09BQhbM2MoC0gHAhUfQhUXGBt8LWcZD3NvHgYhBGcSDz5TFRAMAn8uOhkfASAiAQxxBQR/Ll8WFBsFUxAlHQhYP24oGFcUFSR5XQIhOgZ+E2IXClgaLAc6agYSNA9HFi4mDHsUEw4LAW4sDnxEDgUgHxVlEBUhBA8fDnl4EBd5OGAwDBkeYRk5FQhpAxo3JnwQOnQ3VgYbFQpnBXN/C2g/PQcXeG4zCSEJLTAbdHcdDg94fQJ7AxlqH28oC0c4LgQcQxUeNABdFSEHK1MgIi8fZWYgKyFYAwUFC1wVBHkCfBQQAR90Oz0rfAQ2EzQiXwRmHwZ6PjEDBWIBOSwLSBARHiYVZRAMH0MxDAV1XwM9ITtWAhQOHgMRc38PYRIUARd4bjMPH0M5Gg86Vg9lAAFnZwADLwNiDxgMCW9wJz5fOSZwP2URMX0PRg0HJw
Requested by
Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852975
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.119.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-119-41.lhr61.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

:method
GET
:authority
astertour.fun
:scheme
https
:path
/V1ZNTTA2NC4gDzZrL2tFJTpwaAIRc38LVGZuKntEYCElKwgyPCtjUzs5OClWJTkjOR45MzloAhE6GRoFZTMmCEUWBCouVj09BQhbM2MoC0gHAhUfQhUXGBt8LWcZD3NvHgYhBGcSDz5TFRAMAn8uOhkfASAiAQxxBQR/Ll8WFBsFUxAlHQhYP24oGFcUFSR5XQIhOgZ+E2IXClgaLAc6agYSNA9HFi4mDHsUEw4LAW4sDnxEDgUgHxVlEBUhBA8fDnl4EBd5OGAwDBkeYRk5FQhpAxo3JnwQOnQ3VgYbFQpnBXN/C2g/PQcXeG4zCSEJLTAbdHcdDg94fQJ7AxlqH28oC0c4LgQcQxUeNABdFSEHK1MgIi8fZWYgKyFYAwUFC1wVBHkCfBQQAR90Oz0rfAQ2EzQiXwRmHwZ6PjEDBWIBOSwLSBARHiYVZRAMH0MxDAV1XwM9ITtWAhQOHgMRc38PYRIUARd4bjMPH0M5Gg86Vg9lAAFnZwADLwNiDxgMCW9wJz5fOSZwP2URMX0PRg0HJw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.tumgir.com/canadianonlinecasino
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.tumgir.com/canadianonlinecasino

Response headers

content-type
text/html
content-length
1229
date
Wed, 10 Feb 2021 12:09:22 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 63dac58fb826a8fc06ff08c0724846f7.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-C1
x-amz-cf-id
TL6Q2a_xo5rN5EVsx_gSobCpOI7SH-KLR4l6yFJXwU1e24Ckl4_8bQ==
login.php
www.facebook.com/
0
0
Image
General
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ServiceLogin
accounts.google.com/
0
0
Image
General
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ServiceLogin
accounts.google.com/
0
0
Image
General
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
2655
date
Wed, 10 Feb 2021 11:25:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 10 Feb 2021 13:25:07 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/
2 KB
1 KB
Script
General
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.154 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-154.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Feb 2021 12:09:22 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
B402EDC6F7271ED7
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=12361
accept-ranges
bytes
content-length
948
x-amz-id-2
3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5c61e9923da745ae/
1 KB
691 B
Script
General
Full URL
https://v1.addthisedge.com/live/boost/ra-5c61e9923da745ae/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1407278f2000cc72b2c477790dd5b22eb51167d6dafc9ddc1c31b81b12a3434

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Feb 2021 12:09:23 GMT
content-encoding
gzip
etag
1208431126--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=57, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
515
300lo.json
m.addthis.com/live/red_lojson/
89 B
249 B
Script
General
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=6023ccf292ad7b06&bkl=0&bl=1&pdt=611&sid=6023ccf292ad7b06&pub=ra-5c61e9923da745ae&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tumgir.com&fp=canadianonlinecasino&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1612958962913&jsl=0&uvs=6023ccf2b97cfc4d000&skipb=1&callback=addthis.cbs.jsonp__74444356706924330
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c10c9d97726d442a2e9e070dde927696e5ef652dd8f6bb540a04b656765653e4

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Feb 2021 12:09:23 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame A489
0
0

sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame FB5E
0
0
Document
General
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.tumgir.com/canadianonlinecasino
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.tumgir.com/canadianonlinecasino

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Thu, 04 Jun 2020 15:49:19 GMT
etag
W/"5ed917ff-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Wed, 10 Feb 2021 12:09:22 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
48b400cb1677b84980585e2f91b8189e10cfc0c6.1ccdff7db7311ced0399.js
www.tumgir.com/_next/static/chunks/
0
5 KB
Other
General
Full URL
https://www.tumgir.com/_next/static/chunks/48b400cb1677b84980585e2f91b8189e10cfc0c6.1ccdff7db7311ced0399.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/75b8bd039adf8b1e7f8845878104139c878455d5.5858c56812fd1f98de2b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"365a-1778667af14"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
index-bab707f85f8c82274add.js
www.tumgir.com/_next/static/chunks/pages/
0
2 KB
Other
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/index-bab707f85f8c82274add.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/75b8bd039adf8b1e7f8845878104139c878455d5.5858c56812fd1f98de2b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1211-1778667af14"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
about-169275872cc37b901869.js
www.tumgir.com/_next/static/chunks/pages/static/
0
3 KB
Other
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/static/about-169275872cc37b901869.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/75b8bd039adf8b1e7f8845878104139c878455d5.5858c56812fd1f98de2b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"21cb-1778667af10"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
privacy-policy-d74ff3b0b8c06c6440c2.js
www.tumgir.com/_next/static/chunks/pages/static/
0
5 KB
Other
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/static/privacy-policy-d74ff3b0b8c06c6440c2.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/75b8bd039adf8b1e7f8845878104139c878455d5.5858c56812fd1f98de2b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"3075-1778667af14"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
%5Bname%5D-86de6e0d199e48a7821b.js
www.tumgir.com/_next/static/chunks/pages/
0
3 KB
Other
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/%5Bname%5D-86de6e0d199e48a7821b.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/75b8bd039adf8b1e7f8845878104139c878455d5.5858c56812fd1f98de2b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1c3a-1778667af14"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
%5Bname%5D-c1e58f21a96c2d3bfdf2.js
www.tumgir.com/_next/static/chunks/pages/tag/
0
2 KB
Other
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/tag/%5Bname%5D-c1e58f21a96c2d3bfdf2.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/75b8bd039adf8b1e7f8845878104139c878455d5.5858c56812fd1f98de2b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"108a-1778667af14"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
/
freychang.fun/
16 B
748 B
Fetch
General
Full URL
https://freychang.fun/?f=798ea619170d9541d47494b8579ef5f6
Requested by
Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
058db641ad1958bd9400dbf47e502e71b02e157f611bb316279c6922d853fd73

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Feb 2021 12:09:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.tumgir.com
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0kKnHViM08p8h%2BeEYTJFYi87dwSYFqAm7pAb7lSrYiDVzmywjOkrV%2BqwcJnO9FPfygtPdyS8qmjnVGdlgk8AYVIh2RiaZk0krIrgNeO9waFPCs3SF4PmUKNc"}]}
access-control-allow-credentials
true
cf-ray
61f5b8909fab2b65-FRA
access-control-allow-headers
X-Requested-With, content-type
cf-request-id
082d71ae5e00002b65ce35a000000001
collect
www.google-analytics.com/j/
2 B
66 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=295975674&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumgir.com%2Fcanadianonlinecasino&ul=en-us&de=UTF-8&dt=canadianonlinecasino%20-%20Tumblr%20blog%20%7C%20Tumgir&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1912779301&gjid=744572319&cid=321768425.1612958963&tid=UA-134279593-1&_gid=2142513202.1612958963&_r=1&_slc=1&z=1295432998
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Feb 2021 12:09:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tumgir.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
freychang.fun/
15 B
332 B
Fetch
General
Full URL
https://freychang.fun/?f=798ea619170d9541d47494b8579ef5f6
Requested by
Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852975
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48563f125241bfa9cb83ace23440db119d49f26c4d59c73e744e492996bc48b2

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Feb 2021 12:09:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.tumgir.com
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WQbZB8KIUPAMXqSjywMPn%2FLnVzxC7dIs%2BHG7Iuia5uN4nqYdVYUoJ9zNChb1B09O8q7vAAZDx1EWnpH3vcbL%2FQC52MvcKCeyJQIMIjf03rhwBOtvzJOZKCdl"}]}
access-control-allow-credentials
true
cf-ray
61f5b890afdb2b65-FRA
access-control-allow-headers
X-Requested-With, content-type
cf-request-id
082d71ae6c00002b65771ce000000001
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/
263 KB
76 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Wed, 10 Feb 2021 12:09:23 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
cVZVQ2BqEFhCfn9SS0JpYldWVSQ8BwJOYWoWEQc8cVdTQmJ1U11KZn9VVEU
hinksdeba.top/c1BMZmVcby8VWD4YHiEwQj8ONwsxOC4nICU0fhIXJgUWHCsePw1AERo0cV5QQWl7U0MDOShbVFUjOAcRBiNxVVVDYWoPCxU/
0
214 B
Image
General
Full URL
https://hinksdeba.top/c1BMZmVcby8VWD4YHiEwQj8ONwsxOC4nICU0fhIXJgUWHCsePw1AERo0cV5QQWl7U0MDOShbVFUjOAcRBiNxVVVDYWoPCxU/cVZVQ2BqEFhCfn9SS0JpYldWVSQ8BwJOYWoWEQc8cVdTQmJ1U11KZn9VVEU
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/canadianonlinecasino
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.2.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-2-21.mxp64.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Feb 2021 12:09:23 GMT
via
1.1 0b3aabf27b5332d4cc604adbe2f7f804.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C1
x-amz-cf-id
Wo9G4vVBrv3A--5VbuUJHCgSIqOnqNUdAIVJZXvsA0z6URG5o5fFMQ==
x-cache
Miss from cloudfront
%5Bname%5D-c1e58f21a96c2d3bfdf2.js
www.tumgir.com/_next/static/chunks/pages/tag/
4 KB
2 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/tag/%5Bname%5D-c1e58f21a96c2d3bfdf2.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/75b8bd039adf8b1e7f8845878104139c878455d5.5858c56812fd1f98de2b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4d7c24e92ef85a7818d8cc064e412ef6aa8bdb9e7326b5da874ecfe60add3191

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"108a-1778667af14"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
shares-post.json
api-public.addthis.com/url/serviceapi/
2 B
268 B
XHR
General
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tumgir.com%2Fcanadianonlinecasino
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://www.tumgir.com/canadianonlinecasino
last-modified
Wed, 10 Feb 2021 12:00:00 GMT
server
nginx/1.15.8
date
Wed, 10 Feb 2021 12:09:23 GMT
content-type
application/json
access-control-allow-origin
https://www.tumgir.com
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
count.json
widgets.pinterest.com/v1/urls/
92 B
154 B
Script
General
Full URL
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.tumgir.com%2Fcanadianonlinecasino&callback=window._ate.cbs.rcb_2n6a0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a7bbf03e2454320d6ae1cffa14af0054f7eea61ede99a246577cb1210d2409e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Feb 2021 12:09:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
31
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
x-envoy-upstream-service-time
3
accept-ranges
none
x-pinterest-rid
6454618408064968
shares.json
api-public.addthis.com/url/
33 B
295 B
Script
General
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tumgir.com%2Fcanadianonlinecasino&callback=_ate.cbs.rcb_gg4v0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
5943ab79bc9081f64f0917e64eb16196a4132615f6866cd99a04e99bcb950a2b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.tumgir.com/canadianonlinecasino
last-modified
Wed, 10 Feb 2021 12:09:23 GMT
server
nginx/1.15.8
date
Wed, 10 Feb 2021 12:09:23 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
53
count.json
widgets.pinterest.com/v1/urls/
89 B
326 B
Script
General
Full URL
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.tumgir.com%2Fcanadianonlinecasino&callback=window._ate.cbs.rcb_1fey0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7de33c22b41a2ae21aa99d9f8643e0f27888965dfe8c2cbbf6e95b03652fd595
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Feb 2021 12:09:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
31
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=887
x-envoy-upstream-service-time
4
accept-ranges
none
x-pinterest-rid
1772414330927648
expires
Wed, 10 Feb 2021 12:23:52 GMT
shares.json
api-public.addthis.com/url/
33 B
295 B
Script
General
Full URL
https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tumgir.com%2Fcanadianonlinecasino&callback=_ate.cbs.rcb_hpcy0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
43063610c357dc2bb6f9c813444a43e87b7329096e766c26f7429a18e2bc35c3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.tumgir.com/canadianonlinecasino
last-modified
Wed, 10 Feb 2021 12:09:23 GMT
server
nginx/1.15.8
date
Wed, 10 Feb 2021 12:09:23 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
53
truncated
/
443 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
about-169275872cc37b901869.js
www.tumgir.com/_next/static/chunks/pages/static/
8 KB
3 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/static/about-169275872cc37b901869.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/75b8bd039adf8b1e7f8845878104139c878455d5.5858c56812fd1f98de2b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b1aac1b1d343f6a6d2705678da1133c8205bae71c38e602c3419761cfe4a8a6c

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"21cb-1778667af10"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
index-bab707f85f8c82274add.js
www.tumgir.com/_next/static/chunks/pages/
5 KB
2 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/index-bab707f85f8c82274add.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/75b8bd039adf8b1e7f8845878104139c878455d5.5858c56812fd1f98de2b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f8c906618cdcd47a0f4f92b6dd1f84eceed489cb5b2a9979e5f643f4b974fb37

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"1211-1778667af14"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
privacy-policy-d74ff3b0b8c06c6440c2.js
www.tumgir.com/_next/static/chunks/pages/static/
12 KB
5 KB
Script
General
Full URL
https://www.tumgir.com/_next/static/chunks/pages/static/privacy-policy-d74ff3b0b8c06c6440c2.js
Requested by
Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/75b8bd039adf8b1e7f8845878104139c878455d5.5858c56812fd1f98de2b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.131.46.126 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
82945f27fffec386343e9aaf0eb717b82232d86c24d9c8e7cc98a5ff85f1a010

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 12:09:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:47:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"3075-1778667af14"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
popunder.gif
hinksdeba.top/
35 B
369 B
Image
General
Full URL
https://hinksdeba.top/popunder.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.2.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-2-21.mxp64.r.cloudfront.net
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Wed, 10 Feb 2021 12:09:23 GMT
content-encoding
gzip
x-amz-cf-pop
MXP64-C1
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
content-length
58
via
1.1 0b3aabf27b5332d4cc604adbe2f7f804.cloudfront.net (CloudFront)
x-amz-cf-id
RHDpcZaXfZAETvAHVMKsDbSApOFEltVl_Im7zh9W2ghIAV8uMHyRYA==
floater
astertour.fun/
8 KB
5 KB
XHR
General
Full URL
https://astertour.fun/floater?cs=ZnBUU2VXRmJhU1cRZWtVUhViZVVW&abt=0&red=1&sm=83&k=tumblr%20blog%20tumgir%20best&v=0.5.55.3&sts=0&prn=0&emb=0&tid=852974&u=722380950907532&fs=1&aa=td6&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww.tumgir.com%2Fcanadianonlinecasino&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F83.0.4103.61%20safari%2F537.36&tzd=1&uloc=&if=0&_07pI=1612958963863&crc=1
Requested by
Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.119.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-119-41.lhr61.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
0f2c08e6aec4a2c4bde884b718ab8d99974dc84c7f2b6ab8b2f85f5623a1ff1f

Request headers

Referer
https://www.tumgir.com/canadianonlinecasino
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Feb 2021 12:09:24 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
LHR61-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://www.tumgir.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
text/plain
content-length
4614
via
1.1 63dac58fb826a8fc06ff08c0724846f7.cloudfront.net (CloudFront)
x-amz-cf-id
RVQd9PfkHgvTP9S0YdFqg9zvfL7269LZlpUlKbhTMOuw1aKcIsXo1A==
getImage
ngp1.intnotif.club/adServe/wpnFeed/
0
0

05cde2d2b31aada3e4efe6fe9ec12e0e72a336dde78319bf01cef6693e8ddc51.png
www.ssaimg.com/~zsl8TkCFOBM/ Frame 5BCB
Redirect Chain
  • https://ngp1.intnotif.club/adServe/wpnFeed/getImage?ai=ZWa5rhg46-u_xu5CfgY5ult248FJq917Hy1WQF77YQpT4wH9soC_yVBjQacPzuGDItdMPv6UzOhN8RNBjNjDKRAUcaUl7GOzVdXzaEfSkxm-lsHUBhK8iGFGmai1axBOFWHTF5jgTKbGR8...
  • https://www.ssaimg.com/~zsl8TkCFOBM/05cde2d2b31aada3e4efe6fe9ec12e0e72a336dde78319bf01cef6693e8ddc51.png
6 KB
6 KB
Image
General
Full URL
https://www.ssaimg.com/~zsl8TkCFOBM/05cde2d2b31aada3e4efe6fe9ec12e0e72a336dde78319bf01cef6693e8ddc51.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.131 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.131.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
05cde2d2b31aada3e4efe6fe9ec12e0e72a336dde78319bf01cef6693e8ddc51

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Feb 2021 12:09:27 GMT
last-modified
Thu, 12 Nov 2020 02:04:23 GMT
server
NetDNA-cache/2.2
etag
"5fac9827-1606"
x-cache
HIT
content-type
image/png
accept-ranges
bytes
content-length
5638

Redirect headers

access-control-allow-origin
*
date
Wed, 10 Feb 2021 12:09:26 GMT
server
nginx
content-length
0
location
https://www.ssaimg.com/~zsl8TkCFOBM/05cde2d2b31aada3e4efe6fe9ec12e0e72a336dde78319bf01cef6693e8ddc51.png
access-control-allow-methods
POST
170d3ace66b7c0b97abebf664d9da23aa10a8e7826249b7796c030e2a574cf99.jpeg
www.ssaimg.com/~zsl8TkCFOBM/ Frame 5BCB
Redirect Chain
  • https://ngp4.intnotif.club/adServe/wpnFeed/getImage?ai=ZWa5rhg46-uptnnAKgtNh1t248FJq917Hy1WQF77YQpT4wH9soC_yVBjQacPzuGDItdMPv6UzOhN8RNBjNjDKRAUcaUl7GOzVdXzaEfSkxm-lsHUBhK8iGFGmai1axBOFWHTF5jgTKbGR8...
  • https://www.ssaimg.com/~zsl8TkCFOBM/170d3ace66b7c0b97abebf664d9da23aa10a8e7826249b7796c030e2a574cf99.jpeg
5 KB
5 KB
Image
General
Full URL
https://www.ssaimg.com/~zsl8TkCFOBM/170d3ace66b7c0b97abebf664d9da23aa10a8e7826249b7796c030e2a574cf99.jpeg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.131 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.131.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
170d3ace66b7c0b97abebf664d9da23aa10a8e7826249b7796c030e2a574cf99

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Feb 2021 12:09:32 GMT
last-modified
Thu, 12 Nov 2020 02:04:22 GMT
server
NetDNA-cache/2.2
etag
"5fac9826-1537"
x-cache
HIT
content-type
image/jpeg
accept-ranges
bytes
content-length
5431

Redirect headers

access-control-allow-origin
*
date
Wed, 10 Feb 2021 12:09:32 GMT
server
nginx
content-length
0
location
https://www.ssaimg.com/~zsl8TkCFOBM/170d3ace66b7c0b97abebf664d9da23aa10a8e7826249b7796c030e2a574cf99.jpeg
access-control-allow-methods
POST

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
ngp1.intnotif.club
URL
https://ngp1.intnotif.club/adServe/wpnFeed/getImage?ai=ZWa5rhg46-u_xu5CfgY5ult248FJq917Hy1WQF77YQpT4wH9soC_yVBjQacPzuGDItdMPv6UzOhN8RNBjNjDKRAUcaUl7GOzVdXzaEfSkxm-lsHUBhK8iGFGmai1axBOFWHTF5jgTKbGR8jWWCPuQ4v6I7mUmG1IS4puaDq6V_vfVHbC3kR39c1F32dT0cACJl8mMetby4yK24Nnn9EXtkcqP3P6ipKKx4foAVY58EOWUoolglT3zmYSzXcYgha1g3dKbeBvEJar5i9-DGgPdFU8E8rfGsspGGXOURa1YfWnYkO0SQ5-aQgpCBPYtKlma8yRslOlVkfU9d3tvFVPOTAfylq-UhqJz05ZqgiRrWHKooKnwxmKS0KHgqIRtr3sPadFZktLta2hT5LYlt1wxOF62pXiSE8B7Uac_Ho06j-mo0rxwZuXXwuToAxy6Bh_SL4kJg2Uo0greTEH-Qrgw0dh0-CJJGBCdI3ivxLmXx7ZZsp8hxthZr6GDSeucHfixwrgj6lnGjNjuOWHPhBQwqNj_ZPBiA0b_F3EYeo2XvHlBCLcxo5Uv4kS9VGdLpdPyBjhtoVupYtVMa6nlieV-Q

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| s function| m0bb function| w0FF function| f022 function| O0bb function| x3nn number| LAST_CORRECT_EVENT_TIME number| _2272354398 number| _2138653374 string| GoogleAnalyticsObject function| ga function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share object| addthis_config object| webpackJsonp_N_E object| _N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| __BUILD_MANIFEST object| __SSG_MANIFEST object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| __@@##MUH number| iinf object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| len string| a number| refS

9 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: zhlQVQ_Y4TM
.addthis.com/ Name: uvc
Value: 1%7C6
.tumgir.com/ Name: _gat
Value: 1
.tumgir.com/ Name: _gid
Value: GA1.2.2142513202.1612958963
.tumgir.com/ Name: _ga
Value: GA1.2.321768425.1612958963
.addthis.com/ Name: loc
Value: MDAwMDBFVUNIWkgyMjc0MTg4NTAwMDAwMDBDSA==
www.tumgir.com/ Name: __atuvs
Value: 6023ccf2b97cfc4d000
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: HM19_5eagxk
www.tumgir.com/ Name: __atuvc
Value: 1%7C6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64.media.tumblr.com
accounts.google.com
api-public.addthis.com
api.tumblr.com
astertour.fun
d18g6t7whf8ejf.cloudfront.net
ertented.online
fonts.googleapis.com
freychang.fun
hinksdeba.top
m.addthis.com
ngp1.intnotif.club
ngp4.intnotif.club
s7.addthis.com
v1.addthisedge.com
widgets.pinterest.com
www.facebook.com
www.google-analytics.com
www.ssaimg.com
www.tumgir.com
www.youtube.com
z.moatads.com
ngp1.intnotif.club
s7.addthis.com
104.131.46.126
104.75.88.112
108.168.193.183
143.204.101.42
143.204.2.21
151.101.36.84
152.199.21.147
173.192.101.24
192.0.77.3
23.218.209.154
2606:4700:e2::ac40:8512
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:811::200d
2a00:1450:4001:812::200e
2a00:1450:4001:813::200e
2a03:2880:f11c:8183:face:b00c:0:25de
54.144.3.29
94.31.29.131
99.86.119.41
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
058db641ad1958bd9400dbf47e502e71b02e157f611bb316279c6922d853fd73
05cde2d2b31aada3e4efe6fe9ec12e0e72a336dde78319bf01cef6693e8ddc51
084dbcdcc13e33079ff7d8334267e71e76d83c23fbac18b3af5ad4cd4f802454
096a126be074b4f71dfe17e8d1c23957f26223486105c7c6d47c5b04f66fa699
0f2c08e6aec4a2c4bde884b718ab8d99974dc84c7f2b6ab8b2f85f5623a1ff1f
170d3ace66b7c0b97abebf664d9da23aa10a8e7826249b7796c030e2a574cf99
2226817fa4c105adcb289f1dd78fd1353bacf8b7a467517b8b7cf2a554ab16d0
26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840
27e995c2b7b105b36c39fe23f2ce867ab8ba21c74d5c5bd1f1075f21dcb9caa5
2dac82c181db29f567f8c6a98cb9dfc7cede1f4972031d27e374eb50cb6c23b6
43063610c357dc2bb6f9c813444a43e87b7329096e766c26f7429a18e2bc35c3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eedddf179147880dd920312839539be9b869b5a866cdc3c258542ba1cfc7de
48563f125241bfa9cb83ace23440db119d49f26c4d59c73e744e492996bc48b2
4a8af6316ec7596ceb6fc3c37272e553a3c55d19d82a590d50f9118440c7c09a
4d7c24e92ef85a7818d8cc064e412ef6aa8bdb9e7326b5da874ecfe60add3191
5381907600102cea1dfdb7cc7105f942f348004dcd715b99878b5483db4bce62
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5943ab79bc9081f64f0917e64eb16196a4132615f6866cd99a04e99bcb950a2b
5b9984b88dc733fb6f873f9e5ac6605dc21630bb71f36edfa85a01d76242bc61
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
68b6f1c8ef3792406071b4fe9276b676b98c66fba81c4fcb27eaadd3c956dd43
6ee43ccd8a429eac864a21ce28ffe0a7870538dcf66b668b4bf25572c13bbbf8
7bd90976a4308357a7319557c9e6d2bdf039a587855c6237f13acb3d76246898
7de33c22b41a2ae21aa99d9f8643e0f27888965dfe8c2cbbf6e95b03652fd595
80d1e6157d0c575d8e3035a50d05b1a35b6887d29944150769259f69814e3944
82945f27fffec386343e9aaf0eb717b82232d86c24d9c8e7cc98a5ff85f1a010
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84783510a00ea9d3d6ad22f24a0a4b7450d466a5f2654d6adc872577d7ef442c
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a23b28be2cd678b8958fea7d188723f643c6b4108ce53fb10a17cb49cc812c60
a7bbf03e2454320d6ae1cffa14af0054f7eea61ede99a246577cb1210d2409e9
a7ce91e16918dfd35a27a7a7aeb9aaf010c20d307b6ad4825b9f886ee11f6640
aa719bf6dd1f65794099ac0ead04a5711f7d16d639e4d6d8212954a5172ccce6
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b0d07fd0ecfc8286de3cb0d3d5267f2c6c668c267ad547369585bc13b7d7f6f8
b1407278f2000cc72b2c477790dd5b22eb51167d6dafc9ddc1c31b81b12a3434
b1aac1b1d343f6a6d2705678da1133c8205bae71c38e602c3419761cfe4a8a6c
b912c2aa7360777ad00910ef5fca9e837fd084e6fb6440a75dc8043cf115b583
c10c9d97726d442a2e9e070dde927696e5ef652dd8f6bb540a04b656765653e4
c3265145b355e2920f488e8ec6797931d75b92f23d4c291e57b376b41064e232
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
f8c906618cdcd47a0f4f92b6dd1f84eceed489cb5b2a9979e5f643f4b974fb37
fc77c2ca63b0c7d914d4ad8d91c8850742f6c3c0c5237bc660d1c113df3373fc