www.tumgir.com Open in urlscan Pro
167.71.185.16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tumgir.com/sarahyasemin
Effective URL:
https://www.tumgir.com/sarahyasemin
Submission: On October 20 via manual (October 20th 2021, 5:57:33 pm UTC) from US — Scanned from DE

Summary HTTP 233 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 66 IPs in 10 countries across 68 domains to perform 233 HTTP transactions. The main IP is 167.71.185.16, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.tumgir.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 29th 2021. Valid for: 9 months.

This is the only time www.tumgir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	167.71.185.16 167.71.185.16	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
6 6	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
44	192.0.77.3 192.0.77.3	2635 (AUTOMATTIC) (AUTOMATTIC)
8	104.108.144.126 104.108.144.126	16625 (AKAMAI-AS) (AKAMAI-AS)
3	143.204.101.184 143.204.101.184	16509 (AMAZON-02) (AMAZON-02)
3	143.204.101.193 143.204.101.193	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
2	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	72.247.226.64 72.247.226.64	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	107.22.28.167 107.22.28.167	14618 (AMAZON-AES) (AMAZON-AES)
11	13.224.193.111 13.224.193.111	16509 (AMAZON-02) (AMAZON-02)
1	157.240.20.35 157.240.20.35	32934 (FACEBOOK) (FACEBOOK)
2	142.250.186.173 142.250.186.173	15169 (GOOGLE) (GOOGLE)
3	104.21.45.207 104.21.45.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.225.78.51 13.225.78.51	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	13.224.193.105 13.224.193.105	16509 (AMAZON-02) (AMAZON-02)
6	54.88.209.254 54.88.209.254	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
1	2.16.181.64 2.16.181.64	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.107.161.131 104.107.161.131	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.225.64.38 34.225.64.38	14618 (AMAZON-AES) (AMAZON-AES)
19	23.14.94.38 23.14.94.38	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	52.73.58.202 52.73.58.202	14618 (AMAZON-AES) (AMAZON-AES)
1	3.224.226.7 3.224.226.7	14618 (AMAZON-AES) (AMAZON-AES)
3	72.247.225.32 72.247.225.32	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	18.159.140.98 18.159.140.98	16509 (AMAZON-02) (AMAZON-02)
4 8	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3	3.209.156.238 3.209.156.238	14618 (AMAZON-AES) (AMAZON-AES)
2 7	72.247.225.98 72.247.225.98	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	104.68.78.171 104.68.78.171	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.202.133.15 23.202.133.15	1273 (CW Vodafo...) (CW Vodafone Group PLC)
4	213.19.147.43 213.19.147.43	3356 (LEVEL3) (LEVEL3)
1	18.215.74.57 18.215.74.57	14618 (AMAZON-AES) (AMAZON-AES)
4	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	18.159.16.69 18.159.16.69	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 4	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
2 2	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
18	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 4	52.212.206.16 52.212.206.16	16509 (AMAZON-02) (AMAZON-02)
7 7	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1	199.187.193.185 199.187.193.185	47043 (SMARTADSE...) (SMARTADSERVER)
1 1	162.55.6.211 162.55.6.211	24940 (HETZNER-AS) (HETZNER-AS)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
6 7	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1	72.251.241.196 72.251.241.196	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	104.21.192.126 104.21.192.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	94.23.73.243 94.23.73.243	16276 (OVH) (OVH)
1 2	104.18.12.5 104.18.12.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
2 2	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
1	104.108.144.235 104.108.144.235	16625 (AKAMAI-AS) (AKAMAI-AS)
1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
2 3	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	91.228.74.189 91.228.74.189	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.176 212.82.100.176	34010 (YAHOO-IRD) (YAHOO-IRD)
3 3	18.195.106.43 18.195.106.43	16509 (AMAZON-02) (AMAZON-02)
1 1	47.252.78.131 47.252.78.131	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
3 3	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	63.215.202.140 63.215.202.140	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2 2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
1 1	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.208.41.69 52.208.41.69	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	185.183.112.148 185.183.112.148	60350 (VP) (VP)
1 2	18.213.10.151 18.213.10.151	14618 (AMAZON-AES) (AMAZON-AES)
1	51.89.21.31 51.89.21.31	16276 (OVH) (OVH)
1	52.218.204.90 52.218.204.90	16509 (AMAZON-02) (AMAZON-02)
2	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
1	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
233	66

20 167.71.185.16 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

tumgir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tumgir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.0.77.40 (San Francisco, United States) 6 redirects

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

api.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

64.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.108.144.126 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.101.184 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-184.fra50.r.cloudfront.net

d18g6t7whf8ejf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.101.193 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-193.fra50.r.cloudfront.net

dmmzkfd82wayn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.226.64 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-226-64.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.22.28.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-28-167.compute-1.amazonaws.com

mefagetobri.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
orektobedirect.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.224.193.111 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-111.fra2.r.cloudfront.net

shilternimpossip.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.20.35 (United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.173 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f13.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.45.207 (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.51 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-51.fra2.r.cloudfront.net

microusconvilla.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

player.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.105 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-105.fra2.r.cloudfront.net

tricketoffic.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.88.209.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-209-254.compute-1.amazonaws.com

prd-collector-anon.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.181.64 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-181-64.deploy.static.akamaitechnologies.com

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.107.161.131 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-161-131.deploy.static.akamaitechnologies.com

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.225.64.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-64-38.compute-1.amazonaws.com

atrack.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 23.14.94.38 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-14-94-38.deploy.static.akamaitechnologies.com

mcd.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.73.58.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-58-202.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.226.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-226-7.compute-1.amazonaws.com

premiumsrv.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.247.225.32 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-32.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.159.140.98 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-140-98.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.209.156.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-156-238.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 72.247.225.98 (United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.68.78.171 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-68-78-171.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.202.133.15 (Netherlands)

ASN1273 (CW Vodafone Group PLC, EU)
PTR: a23-202-133-15.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.74.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-74-57.compute-1.amazonaws.com

s2s.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.123 (Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.16.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-16-69.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.30 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (Ascension Island) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.212.206.16 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-206-16.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.66 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.185 (Canada)

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.6.211 (United States) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.211.6.55.162.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 76.223.111.131 (Seattle, United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.192.126 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.73.243 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip243.ip-94-23-73.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.12.5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (Albuquerque, United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.248 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.222.80.231 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.144.235 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-235.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.242 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.189 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.176 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: pr-bh-ing.pbp.vip.ir2.yahoo.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.106.43 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-106-43.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.252.78.131 (San Mateo, United States) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.215.202.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-login.dotomi.com

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Southampton, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.91 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.41.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-41-69.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (Netherlands) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.213.10.151 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-10-151.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.21.31 (Germany)

ASN16276 (OVH, FR)
PTR: p22.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.204.90 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

webpick-cdn.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	tumblr.com 6 redirects api.tumblr.com 64.media.tumblr.com	37 MB
28	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	36 KB
26	ex.co player.ex.co prd-collector-anon.ex.co mcd.ex.co	2 MB
20	tumgir.com 1 redirects tumgir.com www.tumgir.com	266 KB
12	aniview.com player.aniview.com track1.aniview.com premiumsrv.aniview.com sync.aniview.com s2s.aniview.com	202 KB
11	shilternimpossip.xyz shilternimpossip.xyz	10 KB
9	yahoo.com 4 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	7 KB
9	doubleclick.net 7 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	7 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	181 KB
7	adsrvr.org 6 redirects match.adsrvr.org	3 KB
7	casalemedia.com 2 redirects ssum.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	8 KB
7	advertising.com 5 redirects pixel.advertising.com ads.adaptv.advertising.com	2 KB
7	addthis.com s7.addthis.com m.addthis.com api-public.addthis.com	217 KB
6	cloudfront.net d18g6t7whf8ejf.cloudfront.net dmmzkfd82wayn.cloudfront.net	240 KB
4	adnxs.com 3 redirects ib.adnxs.com secure.adnxs.com	3 KB
4	bidr.io 4 redirects match.prod.bidr.io	2 KB
4	adform.net 3 redirects c1.adform.net	2 KB
4	spotxchange.com search.spotxchange.com	4 KB
4	unrulymedia.com 1 redirects tag.targeting.unrulymedia.com sync.targeting.unrulymedia.com	2 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	google.com adservice.google.com accounts.google.com www.google.com	2 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net	869 B
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	onaudience.com 3 redirects pixel.onaudience.com	1 KB
3	1rx.io 2 redirects tag.1rx.io sync.1rx.io	1 KB
3	avplayer.com player.avplayer.com atrack.avplayer.com	71 KB
3	freychang.fun freychang.fun	2 KB
2	eqads.com 1 redirects um2.eqads.com	563 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	947 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	559 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	microusconvilla.xyz microusconvilla.xyz	579 B
2	gstatic.com fonts.gstatic.com	80 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	amazonaws.com webpick-cdn.s3.amazonaws.com Failed	3 KB
1	id5-sync.com id5-sync.com	531 B
1	adotmob.com 1 redirects sync.adotmob.com	307 B
1	gumgum.com rtb.gumgum.com	238 B
1	playground.xyz 1 redirects ads.playground.xyz	486 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	turn.com 1 redirects ad.turn.com	518 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	clientgear.com 1 redirects event.clientgear.com	261 B
1	quantserve.com 1 redirects pixel.quantserve.com	541 B
1	simpli.fi um.simpli.fi	611 B
1	bluekai.com tags.bluekai.com	304 B
1	deepintent.com match.deepintent.com	44 B
1	erne.co 1 redirects green.erne.co	325 B
1	ad4m.at ad4m.at	915 B
1	adgrx.com cm.adgrx.com	408 B
1	loopme.me 1 redirects csync.loopme.me	217 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	contextweb.com 1 redirects bh.contextweb.com	497 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	criteo.com dis.criteo.com	334 B
1	orektobedirect.xyz orektobedirect.xyz	37 B
1	googleapis.com fonts.googleapis.com	1 KB
1	tricketoffic.xyz tricketoffic.xyz	415 B
1	addthisedge.com v1.addthisedge.com	680 B
1	facebook.com www.facebook.com
1	mefagetobri.top mefagetobri.top	23 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	607 B
1	moatads.com z.moatads.com	1 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
233	68

	Domain	Requested by
44	64.media.tumblr.com	www.tumgir.com
19	mcd.ex.co	player.avplayer.com
19	www.tumgir.com	www.tumgir.com
11	simage2.pubmatic.com	ads.pubmatic.com
11	shilternimpossip.xyz	d18g6t7whf8ejf.cloudfront.net dmmzkfd82wayn.cloudfront.net
8	ups.analytics.yahoo.com	4 redirects ssum.casalemedia.com www.tumgir.com
7	match.adsrvr.org	6 redirects ssum.casalemedia.com
7	cm.g.doubleclick.net	7 redirects
7	image2.pubmatic.com	ads.pubmatic.com
6	prd-collector-anon.ex.co	player.ex.co
6	api.tumblr.com	6 redirects
6	pagead2.googlesyndication.com	www.tumgir.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	pixel.advertising.com	5 redirects
5	track1.aniview.com	www.tumgir.com player.aniview.com
4	dsum-sec.casalemedia.com	1 redirects ssum.casalemedia.com um2.eqads.com
4	match.prod.bidr.io	4 redirects
4	c1.adform.net	3 redirects ads.pubmatic.com
4	search.spotxchange.com	player.aniview.com
3	sync-tm.everesttech.net	3 redirects
3	x.bidswitch.net	3 redirects
3	ib.adnxs.com	2 redirects ssum.casalemedia.com
3	pixel.onaudience.com	3 redirects
3	hbopenbid.pubmatic.com	player.aniview.com
3	tag.targeting.unrulymedia.com	player.aniview.com
3	sync.aniview.com	player.aniview.com ads.pubmatic.com ssum.casalemedia.com
3	ads.pubmatic.com	player.aniview.com ads.pubmatic.com
3	api-public.addthis.com	s7.addthis.com
3	freychang.fun	d18g6t7whf8ejf.cloudfront.net dmmzkfd82wayn.cloudfront.net
3	dmmzkfd82wayn.cloudfront.net	www.tumgir.com shilternimpossip.xyz
3	d18g6t7whf8ejf.cloudfront.net	www.tumgir.com shilternimpossip.xyz
3	s7.addthis.com	www.tumgir.com s7.addthis.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	um2.eqads.com	1 redirects ssum.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum.casalemedia.com
2	pixel-sync.sitescout.com	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	sync.1rx.io	2 redirects
2	d5p.de17a.com	2 redirects
2	ads.adaptv.advertising.com	player.aniview.com
2	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com
2	ssum.casalemedia.com	1 redirects player.aniview.com
2	atrack.avplayer.com	www.tumgir.com
2	player.aniview.com	player.ex.co player.aniview.com
2	microusconvilla.xyz	www.tumgir.com
2	accounts.google.com	www.tumgir.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	www.tumgir.com fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	webpick-cdn.s3.amazonaws.com	www.tumgir.com d18g6t7whf8ejf.cloudfront.net
1	simage4.pubmatic.com	ads.pubmatic.com
1	id5-sync.com	player.aniview.com
1	sync.adotmob.com	1 redirects
1	ssum-sec.casalemedia.com	ssum.casalemedia.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	rtb.gumgum.com	ads.pubmatic.com
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	ad.turn.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	event.clientgear.com	1 redirects
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	pixel.quantserve.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	tags.bluekai.com	ads.pubmatic.com
1	match.deepintent.com	ads.pubmatic.com
1	match.taboola.com	ads.pubmatic.com
1	trc.taboola.com	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	green.erne.co	1 redirects
1	ad4m.at	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	sync.targeting.unrulymedia.com	1 redirects
1	csync.loopme.me	1 redirects
1	rtb-csync.smartadserver.com	ads.pubmatic.com
1	bh.contextweb.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	tag.1rx.io	player.aniview.com
1	s2s.aniview.com	player.aniview.com
1	secure-assets.rubiconproject.com	1 redirects
1	premiumsrv.aniview.com	player.aniview.com
1	orektobedirect.xyz	mefagetobri.top
1	player.avplayer.com	player.ex.co
1	fonts.googleapis.com	client
1	tricketoffic.xyz	mefagetobri.top
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	player.ex.co	www.tumgir.com
1	www.facebook.com	www.tumgir.com
1	mefagetobri.top	www.tumgir.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	z.moatads.com	s7.addthis.com
1	www.googletagmanager.com	www.tumgir.com
1	tumgir.com	1 redirects
233	101

This site contains links to these domains. Also see Links.

Domain
www.addthis.com

Subject Issuer	Validity	Valid
tumgir.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-29` - `2022-03-18`	9 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.media.tumblr.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-10` - `2022-02-09`	2 years	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
mefagetobri.top R3	`2021-10-17` - `2022-01-15`	3 months	crt.sh
shilternimpossip.xyz Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-30` - `2021-10-28`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-16` - `2022-10-15`	a year	crt.sh
microusconvilla.xyz Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
*.ex.co Go Daddy Secure Certificate Authority - G2	`2020-12-27` - `2022-01-28`	a year	crt.sh
tricketoffic.xyz Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
outstreamedia.com R3	`2021-10-12` - `2022-01-10`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
orektobedirect.xyz R3	`2021-10-17` - `2022-01-15`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-10-18` - `2022-04-26`	6 months	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.pbp.bf2.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-18` - `2021-11-17`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
um3.eqads.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://www.tumgir.com/sarahyasemin
Frame ID: 87615021A41BE9C660B4A9187C5805C0
Requests: 162 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211018/r20190131/zrt_lookup.html
Frame ID: 8FC1040AA37D06CAE08655745553B1D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9997667645492317&output=html&adk=1812271804&adf=3025194257&lmt=1634752646&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.tumgir.com%2Fsarahyasemin&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634752645987&bpp=3&bdt=184&idt=299&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4835460548064&frm=20&pv=2&ga_vid=633938413.1634752646&ga_sid=1634752646&ga_hid=1839959405&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063174%2C31062525&oid=2&pvsid=1043719893021062&pem=463&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=317
Frame ID: 0CB58914B3DC64EBC59C2EE159922338
Requests: 1 HTTP requests in this frame

Frame: https://shilternimpossip.xyz/bFdkTjYNNQcjCQ1qBmhDHjtZawQqclYIUl1vA3hCWyAMKA4JPQJgVQA4ESpQHjgKOhgCMhBrBCo2MhleATQjFwQuIAMZYT8SJg9dXTI9CEYKBVUETC0/MSh1LwEyAnUlMSUpdwcdEwt7KxIlC34oETIYWjUcKg9vLgMxD0EuMDIAYF8aLg9eJjU9GwI/FiUlE14VMhx7CRYOD3koL1AKezljMAtgH2MmNkE2FA4lfD1nLSlvKQ0zGGA+OzUMczYUIAt+KQYqCmxdMC0McyI5MwhSLQQjGHg6Ay4KbF0wNglnBD08C3goHSwMVzowDB9vOREgH1o1ZyMMGzU0JTd/IhUmPWYlAlUbeAAZCRYGBBMxBnQNAQgpeDwFEwJ+KRkKBQYiFDIkXS4TNhhyNmYDDHA9AkF8dC5nXRhgKwIoClElHSsPBygGDQxFO2cMD2UrEQAbYwgePX9CKAYIF1svBiUccCgvKhhyNgM+Ig8lBlUMTCQBF2hcHzgKPgsmBR0ZXi4AAxdG
Frame ID: 90D5353D6DD05D039466832B5F4B3130
Requests: 2 HTTP requests in this frame

Frame: https://shilternimpossip.xyz/dHNiVGoVEQE5VRVOAHIfBh9fcVgyVlASDkVLBWIeQwQKMlIRGQR6CRgcFzAMBhwMIEQaFhZxWDISBmYwIhcPJz83JxEFPDU+Mhk/ACczODwcIQ5hODAwOw4oJRcAHhAhMS8XHRA2IBlbITdSOi0mSiMdOwMjMTgwDjQFOzA1JAoFLhwYJDUvED0kMyNHIFNtODEaNw4rMRwwHTghIyAFDUM0GmQvJTAjDDwcHCgYEkw7JSMOAyEhZSknNDQAPSEXLR0CTDUnIwEdMTdhLCIZERc+HyU1Di8uNTBkJBk9J2EsIhorMighNTE3LyEDNzg4GDcOZS4gQE8WLyMLOwMgJhwtFSs5QCoFIzAiUDcdLBgwBg9EJQYBBiYfOjMrEjYIMwsgGDc4CTEhABMdTFZQFi9ERiQCAD0nIRYdPhUkGjAmBDdtKDUiAxVZNjYuAV8iFlIOLCVCLD07ISUgAjI2NjUjOzw+GjcwPBgsOicyRicBMgA1OgIvIBIjcgAHHAwkVwYwCBMgPBUaFlwcIhA8
Frame ID: 6D853C54AD84AD79E208B1B96722B987
Requests: 2 HTTP requests in this frame

Frame: https://shilternimpossip.xyz/NHBxcjBVEhIfD1VNE1RFRhxMVwJyVUM0VFkdCxlWUEhDBVFNHl8RXFsFFRRCWx4FXF5RBFRAdlslQTwDYCUaBXx2GwMWWVcBNEFyQykpOHNSQzdDe2UhGDhJelVDMHJmJR09cnIzMwhIXzMLBVxWCRJHdQcyRBZjDCc4CwVBKiM7Wn8dRAtlZwcFP2gBNBAIAF48MwpHZCQ0GXdnMRk9Y1s/Ox8IWTkaHVd+GRoDd001HhZecQgUNVReKhokCW0jIAN3ZxscOHR2IxdBWw0+QDgVBjYUJXpOJylDQ20xNyFWBxsaOVhYRxcqakM+JhoHbQoFMFVjMkMRZRkTAj1jeQY0GF9HPSIVVXsnCRpyYTpUQHJSHkAFYWMYRisCRxM7JgARQjM+AX5VQzRzWioJIElxFz4xamcWQhkAfhggH3paABwgaAQBPgh1bTkyCgJXJDdCVVpBCyVoWEgrOmJuFUICAlclElcCdjs1J1l2IyMBaWUmMhReAUkSN3ZGIDZGFl4DHhxACQIpHltmRTsHB3w7GQ
Frame ID: F60A9D5CA5D7073FA70E26E55D5BBB32
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: EE1E0C2EFB93F55DE2D2695499B6FB38
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: E2E589E789A2F79346310E07FA7C0065
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: 845D7B5A3546D40777ADAA62F180F435
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Frame ID: 7A0B0B6A528CA5268C76C378A7CDD715
Requests: 24 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=25&key=y-3hd5S2lE2uF.rpw000dh.MQ9iqmFxtP0~A~UP301c6004-31cf-11ec-8b7b-020b1bec13a0
Frame ID: 19A9ABB206A2B71A233E3F93D00DF398
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D42%26key%3D&s=190719&C=1
Frame ID: FAF6612BE9BB13099585187893107C7D
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: 93090C5ED6EA2817BC490A265A5B6472
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CECD869C-1006-40EE-991E-3ECBBE9AEC6D
Frame ID: 8EA2CF354E21C344DC004A1DF40DFDC9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4459924645650214302
Frame ID: AFB9123271EB79842FEB492C323C4AD6
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: CFF8E79793D6E9B090B6325DAAE9D67F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7021209155932715161
Frame ID: F78E50D3B3E466BB8EB871748257EE0C
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC3K07C4LEAAC9geaPUHQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: 993B6E8F5F66982260ECB8BC114C9EE0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 0D4CEFEF57C76028904B88F3FD975627
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f27a3038-659a-463d-a039-36c23fbb7438-003
Frame ID: 3688952D55EC038DCB8089E29A74B741
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: A2A4C19962B5769465AA7CEC8981E339
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: CA8C9C291CCCAAF2DEAA0109B02B7C9C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rS6Ebo08hazP1eSxLVplXrf1
Frame ID: 2C778C18031F3C9E09199806F626833E
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 506D0B8DB14ECF1908F24A026DFD1F4F
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7316af20-5de5-4d03-af98-2b0d423896dc-tuct869de07&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: C4A41FB0856CC6CCEE5ADC35C55C1974
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: A5A9CB3015E640C02BF482DCE8E3AE68
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1634752647424-957057353743-005624-003-003616&biddername=1&key=CECD869C-1006-40EE-991E-3ECBBE9AEC6D
Frame ID: 8040A3746F8F123FDCA55929FBA6D0B6
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 2D62C96BCBE6BBC74D9202E42B06A5DE
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Frame ID: 2DFC6977C3FDA564BCC50E364076282F
Requests: 1 HTTP requests in this frame

Frame: https://webpick-cdn.s3.amazonaws.com/snapecaht.png
Frame ID: DF0EDAC727E3790904277438A78C7DE1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B7934FB57B2E0649E468127EC842A044
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1738D5EDC22BB1DAF3363749A37C3B49
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

sarahyasemin - Tumblr blog | TumgirFacebookTwitterPrintEmailAddThisFacebookTwitterPrintEmailAddThis

Page URL History Show full URLs

http://tumgir.com/sarahyasemin HTTP 301
https://www.tumgir.com/sarahyasemin Page URL

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

233
Requests

99 %
HTTPS

0 %
IPv6

68
Domains

101
Subdomains

66
IPs

10
Countries

41569 kB
Transfer

45045 kB
Size

83
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tumgir.com/sarahyasemin HTTP 301
https://www.tumgir.com/sarahyasemin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://api.tumblr.com/v2/blog/sarahyasemin.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_b3343ec610c0_128.png

Request Chain 140

https://api.tumblr.com/v2/blog/yvotoro.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/9708fe1652cdda491cafc4f6e668d5fc/25ca3e5336648d8a-c8/s128x128u_c1/b510b5af4abc419fef02a8e25efe3dbac69217ac.jpg

Request Chain 141

https://api.tumblr.com/v2/blog/pidgie-core.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/6a1cdde61f7ec9c364597675e1e1aa66/ed68f55705fdef2a-4d/s128x128u_c1/464b40bd312eeb038ce9cfcfefdfa2ea1106e004.jpg

Request Chain 142

https://api.tumblr.com/v2/blog/skimcasual.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_c53ad5c1e88a_128.png

Request Chain 143

https://api.tumblr.com/v2/blog/ek-vitki-pixels.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/2ded93eb576f3bce0ebf14292212adc3/62b0869ac073ed23-ae/s128x128u_c1/30e3be5968097f91bb4bbcab3b3ca624def746e3.png

Request Chain 144

https://api.tumblr.com/v2/blog/allaboutrings.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_4d130bd05231_128.png

Request Chain 150

https://pixel.advertising.com/ups/58195/sync?&gdpr=0&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58195/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58195/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP301c6004-31cf-11ec-8b7b-020b1bec13a0 HTTP 302
https://ups.analytics.yahoo.com/ups/58195/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP301c6004-31cf-11ec-8b7b-020b1bec13a0&verify=true HTTP 302
https://sync.aniview.com/cookiesyncendpoint?biddername=25&key=y-3hd5S2lE2uF.rpw000dh.MQ9iqmFxtP0~A~UP301c6004-31cf-11ec-8b7b-020b1bec13a0

Request Chain 151

https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D42%26key%3D HTTP 302
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D42%26key%3D&s=190719&C=1

Request Chain 152

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east

Request Chain 173

https://c1.adform.net/serving/cookie/match?party=14&cid=CECD869C-1006-40EE-991E-3ECBBE9AEC6D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CECD869C-1006-40EE-991E-3ECBBE9AEC6D

Request Chain 174

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4459924645650214302

Request Chain 176

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7021209155932715161

Request Chain 177

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDM0swN0M0TEVBQUM5Z2VhUFVIUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC3K07C4LEAAC9geaPUHQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC3K07C4LEAAC9geaPUHQ&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC3K07C4LEAAC9geaPUHQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 178

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 179

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6604464447 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6604464447 HTTP 302
https://sync.1rx.io/usersync/tradedesk/29a56fe8-28c7-4d86-85cb-0867896ffed7 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f27a3038-659a-463d-a039-36c23fbb7438-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-f27a3038-659a-463d-a039-36c23fbb7438-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f27a3038-659a-463d-a039-36c23fbb7438-003

Request Chain 182

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rS6Ebo08hazP1eSxLVplXrf1

Request Chain 183

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 184

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7316af20-5de5-4d03-af98-2b0d423896dc-tuct869de07&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 187

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zs2GnBAGQO6ZHj7LvprsbQ%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 188

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=62286170-5887-4200-8506-ecbcf1fc068d

Request Chain 189

https://pixel.onaudience.com/?partner=214&mapped=CECD869C-1006-40EE-991E-3ECBBE9AEC6D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=29a56fe8-28c7-4d86-85cb-0867896ffed7&icm HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=b3c6d7fa8ea65db5

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0VDRDg2OUMtMTAwNi00MEVFLTk5MUUtM0VDQkJFOUFFQzZE&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG5UCJ1GuQHIuFZ50uZ_vuo&google_cver=1

Request Chain 193

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:23d66170-5887-4d00-954c-2fd3c8ff6970&gdpr=0&gdpr_consent=

Request Chain 194

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5361780559653149434

Request Chain 195

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=29a56fe8-28c7-4d86-85cb-0867896ffed7

Request Chain 196

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1456369992627948945&gdpr=0&gdpr_consent=

Request Chain 197

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hxsKHIQSBRucTlsa0B0QSINOChScGAsd00xngis_

Request Chain 198

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CECD869C-1006-40EE-991E-3ECBBE9AEC6D&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O6Y.3apE2uUSpBUYuGMJroXKhEz51qQ-~A&gdpr=0&gdpr_consent=

Request Chain 200

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=86f8a319-95c0-44fb-a0cd-9620c1800187 HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk8d5c1e47-e42f-46ea-a0c0-697f2224a8c6&expires=7&user_group=5&ssp=pubmatic&bsw_param=86f8a319-95c0-44fb-a0cd-9620c1800187 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=86f8a319-95c0-44fb-a0cd-9620c1800187&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 201

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YXBYiAAAAd5FxQAR HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YXBYiAAAAd5FxQAR&gdpr=0&gdpr_consent=&_test=YXBYiAAAAd5FxQAR

Request Chain 203

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8198753215830979873&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 204

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=193478ad-f5a1-42bb-a274-d8b5b8eaab87-61705888-5553&gdpr=0&gdpr_consent=

Request Chain 205

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:46f736ee-bbf0-4937-94ed-34dc5b1e98da&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 206

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1456369992627948945

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXBYh8Vavlha0kpap8HW3wAABL4AAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECKyzNo_XY9tzM6ag1AU0MQ&google_cver=1

Request Chain 211

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXBYh8Vavlha0kpap8HW3wAABL4AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXBYh8Vavlha0kpap8HW3wAABL4AAAIB&dcc=t

Request Chain 212

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXBYh8Vavlha0kpap8HW3wAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKEmB6aOXXX9k24BqoDZ3C8&google_cver=1&gdpr=1

Request Chain 214

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

Request Chain 217

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 221

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=YXBYiAAAAd5FxQAR&_origin=0&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YXBYiAAAAd5FxQAR&_origin=0&gdpr=0&gdpr_consent=&apid=UP301c6004-31cf-11ec-8b7b-020b1bec13a0

Request Chain 222

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP301c6004-31cf-11ec-8b7b-020b1bec13a0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAzMDFjNjAwNC0zMWNmLTExZWMtOGI3Yi0wMjBiMWJlYzEzYTA%3D HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEGH_koU7mcOxfJUSdsvSN7o&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEGH_koU7mcOxfJUSdsvSN7o&google_cver=1&apid=UP301c6004-31cf-11ec-8b7b-020b1bec13a0

Request Chain 223

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=29a56fe8-28c7-4d86-85cb-0867896ffed7&_origin=1&gdpr=1&gdpr_consent=

233 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request sarahyasemin Show response
www.tumgir.com/
Redirect Chain

http://tumgir.com/sarahyasemin
https://www.tumgir.com/sarahyasemin

170 KB
22 KB

832ms
649ms

Document
text/html

167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/sarahyasemin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Next.js
Resource Hash: 7c5c102a5cb919c106c2cf80ecc94e9dec525a9d7bc786460b8bc875057e66ff

Request headers

Host: www.tumgir.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 20 Oct 2021 17:57:25 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Next.js
ETag: "2a6ee-wOuFAbLMkRysrUY6pJLApFeY7bc"
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 20 Oct 2021 17:57:24 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.tumgir.com/sarahyasemin

GET
H/1.1 200
OK 8494c3f9c3a8673b436c.css
www.tumgir.com/_next/static/css/ 13 KB
4 KB 87ms
87ms Stylesheet
text/css 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/css/8494c3f9c3a8673b436c.css
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: badb892230c83f5ef1de248a257928193994a34094a817400cbad1d5c43a9cb9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.tumgir.com/sarahyasemin
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:25 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Oct 2021 08:37:30 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"35ab-17c883fbc14"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 83ms
48ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8d3cfaa0992798cdb2bb6bf6956c1230d11874380c135efbf50fae5559a2e9ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51025
x-xss-protection: 0
server: cafe
etag: 18328773212701128995
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 17:57:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 45ms
18ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134279593-1

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

764900b22baea4fcb454b3ed983a496ebfd25491ebcb044096118f7b1358d5a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 36831
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:16:09 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Oct 2021 17:57:25 GMT

GET
H/1.1 200
OK webpack-fb76148cfcfb42ca18eb.js Show response
www.tumgir.com/_next/static/chunks/ 1 KB
1 KB 290ms
105ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/webpack-fb76148cfcfb42ca18eb.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 88b7b60abfbcd15997d22d2839830aa4593142a21fc2b7be01f6896ac3d27310

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tumgir.com/sarahyasemin
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Oct 2021 08:37:53 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"5c0-17c8840154a"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK framework-2191d16384373197bc0a.js Show response
www.tumgir.com/_next/static/chunks/ 128 KB
42 KB 380ms
194ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/framework-2191d16384373197bc0a.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 846ebae4909cae3822f281adf6a0e47b459f90e7984381fcc91e42432df4791d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tumgir.com/sarahyasemin
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 16:44:31 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1ffd7-17c944a53a5"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK main-011e14431c997dd5213e.js Show response
www.tumgir.com/_next/static/chunks/ 75 KB
23 KB 291ms
106ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/main-011e14431c997dd5213e.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8fea627f1c0e0e7cb0aa7abb42defcd30e48df6d6a09c40663f564a3614ea2cf

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tumgir.com/sarahyasemin
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Oct 2021 08:37:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"12dd7-17c883f4efd"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK _app-a778eaf450f2bced8507.js Show response
www.tumgir.com/_next/static/chunks/pages/ 41 KB
13 KB 291ms
105ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/_app-a778eaf450f2bced8507.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6a7aed2c946ae3973a107f5d66f3ff03c6613f39b3b604bacaa5c8785f681d37

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tumgir.com/sarahyasemin
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Oct 2021 08:36:57 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"a374-17c883f3a84"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK %5Bname%5D-0d641eff210e9fae6437.js Show response
www.tumgir.com/_next/static/chunks/pages/ 3 KB
2 KB 190ms
106ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/%5Bname%5D-0d641eff210e9fae6437.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 46d9ec723d6187496ee6c1383644ca02d4523210c29934027f2a2ecebf494d9e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tumgir.com/sarahyasemin
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Oct 2021 08:37:53 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"c75-17c8840154a"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK _buildManifest.js Show response
www.tumgir.com/_next/static/9f8e635ff347da35156fcbd1bf6301f30e246ea1/ 797 B
1 KB 105ms
104ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/9f8e635ff347da35156fcbd1bf6301f30e246ea1/_buildManifest.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d0ba4355917cdf934b61c34ac3ceda91c35ceb74e41fa795647fb7fe95578f44

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tumgir.com/sarahyasemin
Cookie: _ga=GA1.2.633938413.1634752646; _gid=GA1.2.2138280547.1634752646; _gat_gtag_UA_134279593_1=1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:26 GMT
Last-Modified: Sat, 16 Oct 2021 08:37:30 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"31d-17c883fbc14"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 797

GET
H/1.1 200
OK _ssgManifest.js Show response
www.tumgir.com/_next/static/9f8e635ff347da35156fcbd1bf6301f30e246ea1/ 77 B
451 B 105ms
104ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/9f8e635ff347da35156fcbd1bf6301f30e246ea1/_ssgManifest.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tumgir.com/sarahyasemin
Cookie: _ga=GA1.2.633938413.1634752646; _gid=GA1.2.2138280547.1634752646; _gat_gtag_UA_134279593_1=1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:26 GMT
Last-Modified: Sat, 16 Oct 2021 08:37:53 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"4d-17c8840154a"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77

GET
H2

200

avatar_b3343ec610c0_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/sarahyasemin.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_b3343ec610c0_128.png

34 KB
34 KB

121ms
121ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_b3343ec610c0_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

58a140675e6ec3bf9c7452090aafcb50f4f867efa32806c4ffab9cd22e71a9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: MISS hhn 2
date: Wed, 20 Oct 2021 17:57:26 GMT
last-modified: Wed, 09 Dec 2020 08:48:58 GMT
server: nginx
x-frames: 1
etag: "e97a3d61c587c250c6ec7bc2f6ac4dfa-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-disposition: inline; filename="avatar_b3343ec610c0_128.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 35028

Redirect headers

date: Wed, 20 Oct 2021 17:57:26 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_b3343ec610c0_128.png#_=_
x-rid: 588856724abb8078b3c9bfa4ae99edb1
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 tumblr_oy3ek76s9l1u8wonlo1_1280.jpg
64.media.tumblr.com/dda149c52f3fc6af21001d496166d6b9/ 283 KB
283 KB 27ms
6ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/dda149c52f3fc6af21001d496166d6b9/tumblr_oy3ek76s9l1u8wonlo1_1280.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

71d2131006ab89118374f5115a4fdcc1921d78b601813b4f96b2affa083d9d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 20 Oct 2021 17:57:25 GMT
last-modified: Tue, 08 Dec 2020 12:14:14 GMT
server: nginx
x-frames: 1
etag: "ff4bb01c6c46bfb7d04a12211705a4b5-1498089600-66c08dc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 289395

GET
H2 200 tumblr_ozbpq4iB2B1uj3j0po1_1280.jpg
64.media.tumblr.com/16952d0b7005fa029481d21fc2298912/ 116 KB
116 KB 9ms
5ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/16952d0b7005fa029481d21fc2298912/tumblr_ozbpq4iB2B1uj3j0po1_1280.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

911bc27133b76c4b714c5164b0117228d6999185495269ef80df2efd8f76f93f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Wed, 20 Oct 2021 17:57:25 GMT
last-modified: Sun, 12 Nov 2017 21:15:42 GMT
server: nginx
x-frames: 1
etag: "fde824e0454663f28cf78e7a2820173a-1498089600-37c5a04"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 118338

GET
H2 200 tumblr_p1d32smfUK1rzjxvno1_1280.jpg
64.media.tumblr.com/0dc7774cca59645185ad63ed9be5385b/ 344 KB
344 KB 11ms
7ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/0dc7774cca59645185ad63ed9be5385b/tumblr_p1d32smfUK1rzjxvno1_1280.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

09a578d5e3c8e6c56d7806a2bdd665399f2e21ea0fd2c9cb60c3ab817cef85c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 20 Oct 2021 17:57:25 GMT
last-modified: Tue, 15 Dec 2020 06:24:47 GMT
server: nginx
x-frames: 1
etag: "391c7670cc7f236535bce1dfe6b0747d-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 352195

GET
H2 200 tumblr_n9r12qPP0I1rzyfwvo1_640.jpg
64.media.tumblr.com/246fc7a0b022de6cd898b25a2625e639/ 128 KB
129 KB 10ms
6ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/246fc7a0b022de6cd898b25a2625e639/tumblr_n9r12qPP0I1rzyfwvo1_640.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

adca6ccd7089d9fe2d85ba526e331cd832ee70f07b455cb8124cb1de0437cc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Wed, 20 Oct 2021 17:57:25 GMT
last-modified: Thu, 22 Jun 2017 00:00:00 GMT
server: nginx
x-frames: 1
etag: "3efb3a0fb1b2ebe039a51fb3e310b84b-1498089600-37c5a04"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 131463

GET
H2 200 tumblr_p0ihakmZby1qkprgpo3_1280.gifv
64.media.tumblr.com/5e09652a3b8f1d37df38a7a40a467028/ 2 MB
2 MB 16ms
12ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/5e09652a3b8f1d37df38a7a40a467028/tumblr_p0ihakmZby1qkprgpo3_1280.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8fde82ce3fb2fa457b18ec4f3760e087af05c52f6219a73f29010d1fe853c107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:25 GMT
vary: Accept
content-disposition: inline; filename="tumblr_70dd90d2c4dc4218ea8051b63eafe327_c5c5ac2d_1280.webp"
strict-transport-security: max-age=31536000; preload
content-length: 2538594
x-nc: HIT hhn 4
last-modified: Fri, 24 Apr 2020 18:20:55 GMT
server: nginx
etag: "daf8633532466ccf2ad2478773d0fb7e-1523937600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_p0ihakmZby1qkprgpo2_1280.gifv
64.media.tumblr.com/0f6a6047e6d93bcb131f1ce299725f6e/ 2 MB
2 MB 15ms
12ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/0f6a6047e6d93bcb131f1ce299725f6e/tumblr_p0ihakmZby1qkprgpo2_1280.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

56d5cf47a3b83df3564b334d3c6fee5723b8c14d992c319b08a62830cdf8ac33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:25 GMT
vary: Accept
content-disposition: inline; filename="tumblr_5d88ff7b6667aab59a62ac65661de358_6a4ddb00_1280.webp"
strict-transport-security: max-age=31536000; preload
content-length: 2338876
x-nc: HIT hhn 3
last-modified: Fri, 24 Apr 2020 21:42:38 GMT
server: nginx
etag: "8bd0ba7c56e64fe56fba98fbbc155d5f-1523937600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_p0ihakmZby1qkprgpo1_1280.gifv
64.media.tumblr.com/0f14eb3d3de06618c5c2c93a3390803e/ 1 MB
1 MB 16ms
12ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/0f14eb3d3de06618c5c2c93a3390803e/tumblr_p0ihakmZby1qkprgpo1_1280.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

dd6dcb66938c11d5b56a5ba3749adbade8aaa7c1d8095eec092b479564135e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:25 GMT
vary: Accept
content-disposition: inline; filename="tumblr_8d8a14437203e131b431dab960805d2e_99b3133f_1280.webp"
strict-transport-security: max-age=31536000; preload
content-length: 1090984
x-nc: HIT hhn 2
last-modified: Fri, 18 Oct 2019 16:01:09 GMT
server: nginx
etag: "7969ebc2fcf1839da2431bcebeca7c79-1523937600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_ovip94QSJj1u8wonlo1_1280.jpg
64.media.tumblr.com/638d1006a7100e3fbceae6f6d9ecf72a/ 200 KB
200 KB 16ms
12ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/638d1006a7100e3fbceae6f6d9ecf72a/tumblr_ovip94QSJj1u8wonlo1_1280.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

08c0bac61b5b995276234650953736f7100e1f550a12a5b961abed23f4bcd8e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Wed, 20 Oct 2021 17:57:25 GMT
last-modified: Sat, 12 Dec 2020 01:48:52 GMT
server: nginx
x-frames: 1
etag: "f8d6c5347352c1d80f821e6890cdbd51-1498089600-66c08dc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 204711

GET
H2 200 tumblr_ouj1vaj4lC1wn7o5jo1_640.jpg
64.media.tumblr.com/bfc61e8cbf0f083efa5d4df74b1b15dd/ 49 KB
49 KB 209ms
205ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/bfc61e8cbf0f083efa5d4df74b1b15dd/tumblr_ouj1vaj4lC1wn7o5jo1_640.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9472aee002fb72fe598606479386e08307516d9f7cc880172e0d7dd222e7c513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Wed, 20 Oct 2021 17:57:26 GMT
last-modified: Mon, 07 Dec 2020 08:25:12 GMT
server: nginx
x-frames: 1
etag: "28982ec4de1c282a0f7a0408de3014c6-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 49887

GET
H2 200 tumblr_on6tv8fbxN1rtw73ao1_1280.jpg
64.media.tumblr.com/fdb4ac3de390794085a6c6173f2c8afa/ 417 KB
417 KB 15ms
12ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/fdb4ac3de390794085a6c6173f2c8afa/tumblr_on6tv8fbxN1rtw73ao1_1280.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

12328e6d4bdc14e85574f73c6cc686fd42dfc5a39369e2e093b99cdfd977ba34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 20 Oct 2021 17:57:25 GMT
last-modified: Wed, 16 Dec 2020 23:13:51 GMT
server: nginx
x-frames: 1
etag: "ca2baed04c3f3b52dbbbf75b742c6705-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 426708

GET
H2 200 tumblr_os3tigmo4e1qd9wcqo1_1280.jpg
64.media.tumblr.com/47db9b3934184d30d31207e48c0758c2/ 409 KB
410 KB 541ms
538ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/47db9b3934184d30d31207e48c0758c2/tumblr_os3tigmo4e1qd9wcqo1_1280.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2d2cf1dd7a2ba20aa095315c6c8c02f08e093a3e1cdfbfe48d6beda0b4946147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Wed, 20 Oct 2021 17:57:26 GMT
last-modified: Sun, 25 Jun 2017 13:01:30 GMT
server: nginx
x-frames: 1
etag: "dd5878100a03140a7173e48416f4fe47-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 419245

GET
H2 200 tumblr_oryra5bLhF1w520aqo1_500.jpg
64.media.tumblr.com/67b97980e1defb9de16199617ef8115a/ 58 KB
58 KB 141ms
137ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/67b97980e1defb9de16199617ef8115a/tumblr_oryra5bLhF1w520aqo1_500.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0213e73a72c1652dffd21a1cfc78209c4a9ba3e31509ab993db4baca5beae946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: MISS hhn 2
date: Wed, 20 Oct 2021 17:57:26 GMT
last-modified: Fri, 11 Dec 2020 06:55:51 GMT
server: nginx
x-frames: 1
etag: "2a857a8c7ac8aa228b8873ab3d2e40ef-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 59561

GET
H2 200 tumblr_or2q4ioEwY1qd9wcqo1_1280.jpg
64.media.tumblr.com/7eaef566581746ebad9e7ad06ab53ef9/ 669 KB
669 KB 627ms
624ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/7eaef566581746ebad9e7ad06ab53ef9/tumblr_or2q4ioEwY1qd9wcqo1_1280.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

81ba3960fc8308889cfed7a1c6ea3c41e8a7ba417b49c1c3a2302d0d4556961a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: MISS hhn 2
date: Wed, 20 Oct 2021 17:57:26 GMT
last-modified: Thu, 22 Jun 2017 00:00:00 GMT
server: nginx
x-frames: 1
etag: "b9a64fa59fefe25f37cd990497beeddb-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 684597

GET
H2 200 tumblr_oqojcn0R8K1woxlz0o1_400.gifv
64.media.tumblr.com/a2c2aae0912acd88a4a88f780a57285b/ 1 MB
1 MB 2209ms
2205ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/a2c2aae0912acd88a4a88f780a57285b/tumblr_oqojcn0R8K1woxlz0o1_400.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b742e05076e16afaaf60bc6b851b747f9c52c9f0722549e039d3f5cc9ca5ef23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:28 GMT
vary: Accept
content-disposition: inline; filename="tumblr_oqojcn0R8K1woxlz0o1_400.webp"
strict-transport-security: max-age=31536000; preload
content-length: 1558632
x-nc: MISS hhn 2
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "e46031257b9512a3150449abcc94a8c3-1523937600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_oqojcn0R8K1woxlz0o2_400.gifv
64.media.tumblr.com/b4d65b7643bd4f1837b2c0531949d3c6/ 1 MB
1 MB 2311ms
2308ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/b4d65b7643bd4f1837b2c0531949d3c6/tumblr_oqojcn0R8K1woxlz0o2_400.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a95d13eb4ca3e3bb65a323ad542dfa06c354b6aacc865757fef1c780bcab5829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:28 GMT
vary: Accept
content-disposition: inline; filename="tumblr_oqojcn0R8K1woxlz0o2_400.webp"
strict-transport-security: max-age=31536000; preload
content-length: 1348978
x-nc: MISS hhn 3
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "dc74008b57ddf0dea897c0b1579ce585-1523937600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_oqojcn0R8K1woxlz0o3_400.gifv
64.media.tumblr.com/f9aaee5cd048587c35e3c2db84da1b6a/ 1 MB
1 MB 3590ms
3586ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/f9aaee5cd048587c35e3c2db84da1b6a/tumblr_oqojcn0R8K1woxlz0o3_400.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a0f438e99d573fb2d042752af0af8c64673b378a3a91cc4cb99cc89766cc4322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:29 GMT
vary: Accept
content-disposition: inline; filename="tumblr_oqojcn0R8K1woxlz0o3_400.webp"
strict-transport-security: max-age=31536000; preload
content-length: 1537612
x-nc: MISS hhn 1
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "b10e2d175ab8c3d736f9b00dff9faa5e-1523937600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_oqojcn0R8K1woxlz0o4_400.gifv
64.media.tumblr.com/397ceb052cf894d629b3dc91872672ee/ 1 MB
1 MB 2663ms
2660ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/397ceb052cf894d629b3dc91872672ee/tumblr_oqojcn0R8K1woxlz0o4_400.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1efecda47dbd03f8fb1eb8f5779599cc4ab62ac2a68f4f55cdad9e8f46aec897

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:28 GMT
vary: Accept
content-disposition: inline; filename="tumblr_oqojcn0R8K1woxlz0o4_400.webp"
strict-transport-security: max-age=31536000; preload
content-length: 1418854
x-nc: MISS hhn 4
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "1faf91c3634d02c232b7ec4dc920d598-1523937600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_oqojcn0R8K1woxlz0o5_400.gifv
64.media.tumblr.com/26174b9918f4fe7d60fc0eff75b6bf8d/ 2 MB
2 MB 2544ms
2541ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/26174b9918f4fe7d60fc0eff75b6bf8d/tumblr_oqojcn0R8K1woxlz0o5_400.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6f542ade3d7dd91c99436806384b511eb595199471f2bb21598cfe6fd5023a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:28 GMT
vary: Accept
content-disposition: inline; filename="tumblr_oqojcn0R8K1woxlz0o5_400.webp"
strict-transport-security: max-age=31536000; preload
content-length: 1676148
x-nc: MISS hhn 4
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "18245976086b81a2d78fd47ea3163748-1523937600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_oqojcn0R8K1woxlz0o6_400.gifv
64.media.tumblr.com/fd50431c7fabbd51caed3faa546ddd8c/ 1 MB
1 MB 2320ms
2316ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/fd50431c7fabbd51caed3faa546ddd8c/tumblr_oqojcn0R8K1woxlz0o6_400.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3cf3cd0d919579b21d6f20e3f543450e960fc57d4a5d76cf74b2f8e9834ce2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:28 GMT
vary: Accept
content-disposition: inline; filename="tumblr_oqojcn0R8K1woxlz0o6_400.webp"
strict-transport-security: max-age=31536000; preload
content-length: 1567764
x-nc: MISS hhn 3
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "ab7b0a6384a30febb56d78566db1ca6c-1523937600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_oqojcn0R8K1woxlz0o7_400.gifv
64.media.tumblr.com/0468a541cb409022fb48d288562c9fb1/ 2 MB
2 MB 2474ms
2471ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/0468a541cb409022fb48d288562c9fb1/tumblr_oqojcn0R8K1woxlz0o7_400.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

39f34f271e6e25006c1beb43d975c1f63a5a45bb55c8d38524ca73589f853394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:28 GMT
vary: Accept
content-disposition: inline; filename="tumblr_oqojcn0R8K1woxlz0o7_400.webp"
strict-transport-security: max-age=31536000; preload
content-length: 1582954
x-nc: MISS hhn 4
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "55c148c4b6f6516f5e0531907c629513-1523937600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_oqojcn0R8K1woxlz0o8_400.gifv
64.media.tumblr.com/49914bd45bb232803b128a585d6c16ce/ 1 MB
1 MB 1716ms
1712ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/49914bd45bb232803b128a585d6c16ce/tumblr_oqojcn0R8K1woxlz0o8_400.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d21ebc0addb2a1699a106379d866c99e51173eb3cb9fb878952fba3dd1e6c1f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
vary: Accept
content-disposition: inline; filename="tumblr_oqojcn0R8K1woxlz0o8_400.webp"
strict-transport-security: max-age=31536000; preload
content-length: 1273908
x-nc: MISS hhn 2
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "43da417a9b052b4418b43aed05ec4450-1523937600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_nzzowgZZ9M1u5mdq1o1_1280.jpg
64.media.tumblr.com/0f790692fd22b27f8aa0623dc56ccf27/ 795 KB
796 KB 20ms
17ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/0f790692fd22b27f8aa0623dc56ccf27/tumblr_nzzowgZZ9M1u5mdq1o1_1280.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

631df087104b16c35aa0a1e5aa88842912b08ee39f2b05c440fb6358cb0542b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Wed, 20 Oct 2021 17:57:25 GMT
last-modified: Sun, 13 Dec 2020 01:39:23 GMT
server: nginx
x-frames: 1
etag: "b92c1b69b37ba821791af4cbdbded243-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 814161

GET
H2 200 tumblr_op4p7bfqev1vbeidjo1_500.gifv
64.media.tumblr.com/39c2677291a0b09e0c2222ccaaa6880b/ 1009 KB
1010 KB 24ms
20ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/39c2677291a0b09e0c2222ccaaa6880b/tumblr_op4p7bfqev1vbeidjo1_500.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

67b4ba60985b38272fc30ba5f9b7e67e4cb57ab35bced2154fc2cc88e694983b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:25 GMT
vary: Accept
content-disposition: inline; filename="tumblr_op4p7bfqev1vbeidjo1_500.webp"
strict-transport-security: max-age=31536000; preload
content-length: 1033456
x-nc: HIT hhn 2
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "291fa08dc8e90e8f2435caf05960018d-1523937600-66c08dc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_op4p7bfqev1vbeidjo2_500.gifv
64.media.tumblr.com/024fab1f2e433779b431986b86fc481e/ 1 MB
1 MB 23ms
20ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/024fab1f2e433779b431986b86fc481e/tumblr_op4p7bfqev1vbeidjo2_500.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d5b7fdc7904b100f8849696dbcb25dd1af408c80a98f5ac9b075647ae919a841

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:25 GMT
vary: Accept
content-disposition: inline; filename="tumblr_op4p7bfqev1vbeidjo2_500.webp"
strict-transport-security: max-age=31536000; preload
content-length: 1423914
x-nc: HIT hhn 3
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "809f570f13263fd0a90d057fe121c605-1523937600-66c08dc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_op4p7bfqev1vbeidjo3_500.gifv
64.media.tumblr.com/0aad12ecb61b0406ebbfb8113a3ebf49/ 2 MB
2 MB 24ms
21ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/0aad12ecb61b0406ebbfb8113a3ebf49/tumblr_op4p7bfqev1vbeidjo3_500.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

344ca5678ec596c74eb74b7cd03d9943cf446837f10739d7007bb376a701dff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:25 GMT
vary: Accept
content-disposition: inline; filename="tumblr_op4p7bfqev1vbeidjo3_500.webp"
strict-transport-security: max-age=31536000; preload
content-length: 1783906
x-nc: HIT hhn 1
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "51c72469c2e30fd82da6852e342c446a-1523937600-66c08dc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_op4p7bfqev1vbeidjo4_500.gifv
64.media.tumblr.com/b1943dff1e5a3c432159e1f035da1270/ 803 KB
804 KB 25ms
21ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/b1943dff1e5a3c432159e1f035da1270/tumblr_op4p7bfqev1vbeidjo4_500.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

76a952a7c2b8d593333e7e067363ae6b293635efbec4aeb1342389e1b942d8b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:25 GMT
vary: Accept
content-disposition: inline; filename="tumblr_op4p7bfqev1vbeidjo4_500.webp"
strict-transport-security: max-age=31536000; preload
content-length: 821832
x-nc: HIT hhn 2
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "f6838cb990be84565e9cad42d38f5a83-1523937600-66c08dc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_op4p7bfqev1vbeidjo5_500.gifv
64.media.tumblr.com/08a398923c65f499912819f3bcd14c06/ 2 MB
2 MB 24ms
20ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/08a398923c65f499912819f3bcd14c06/tumblr_op4p7bfqev1vbeidjo5_500.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0f234787edb72b28097646be8f0664222e7520b61d9e0d2923b6488fdb0dc70e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:25 GMT
vary: Accept
content-disposition: inline; filename="tumblr_op4p7bfqev1vbeidjo5_500.webp"
strict-transport-security: max-age=31536000; preload
content-length: 2253880
x-nc: HIT hhn 3
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "5b585bb32c0b9c15fed35dd01116a584-1523937600-66c08dc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_op4p7bfqev1vbeidjo6_500.gifv
64.media.tumblr.com/b4cc7530052bbfdcb29c34fb8247f712/ 642 KB
643 KB 25ms
22ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/b4cc7530052bbfdcb29c34fb8247f712/tumblr_op4p7bfqev1vbeidjo6_500.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

97ece13ffb59290394a974f7a7d81c21273d24f8b5bd8a908310823237fb6295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:25 GMT
vary: Accept
content-disposition: inline; filename="tumblr_op4p7bfqev1vbeidjo6_500.webp"
strict-transport-security: max-age=31536000; preload
content-length: 657660
x-nc: HIT hhn 3
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "ad1d1a1574cbc1169a1d6236cff25cd5-1523937600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_op4p7bfqev1vbeidjo7_500.gifv
64.media.tumblr.com/02ecbfc106b71eb4620f1f5cef2f0ff5/ 2 MB
2 MB 24ms
21ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/02ecbfc106b71eb4620f1f5cef2f0ff5/tumblr_op4p7bfqev1vbeidjo7_500.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7107337c12b383f33154686f2302e3f6d4a22b66edee8ea1bdcdab9c23710769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:25 GMT
vary: Accept
content-disposition: inline; filename="tumblr_op4p7bfqev1vbeidjo7_500.webp"
strict-transport-security: max-age=31536000; preload
content-length: 2014656
x-nc: HIT hhn 1
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "06119c4c38233940455f4893f5c629f9-1523937600-66c08dc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_op4p7bfqev1vbeidjo8_500.gifv
64.media.tumblr.com/d228cdce5ac5a848a0ef82837846369f/ 1 MB
1 MB 25ms
22ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/d228cdce5ac5a848a0ef82837846369f/tumblr_op4p7bfqev1vbeidjo8_500.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f9d05d8915382935ec809e021f5638cd77311c67c668ceec86754c78d7e26335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:25 GMT
vary: Accept
content-disposition: inline; filename="tumblr_op4p7bfqev1vbeidjo8_500.webp"
strict-transport-security: max-age=31536000; preload
content-length: 1072276
x-nc: HIT hhn 2
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "e5eb083b5ab651010a9f11f37fef3491-1523937600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_op4p7bfqev1vbeidjo9_500.gifv
64.media.tumblr.com/9db70b8aacf616215b2d44fecb7ef590/ 1 MB
1 MB 20ms
17ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/9db70b8aacf616215b2d44fecb7ef590/tumblr_op4p7bfqev1vbeidjo9_500.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2d8419b514002fd24222f6cd2219f8e42268d50ee82f62a789b293283c2d9820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:25 GMT
vary: Accept
content-disposition: inline; filename="tumblr_op4p7bfqev1vbeidjo9_500.webp"
strict-transport-security: max-age=31536000; preload
content-length: 1503710
x-nc: HIT hhn 4
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
server: nginx
etag: "59fcf40ca07b2575fdbf5f9874f7c762-1523937600-66c08dc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_oow3dr41Hm1wo7913o1_1280.jpg
64.media.tumblr.com/ab8d3f16f7d315902056c5d2d0c8f72e/ 166 KB
167 KB 262ms
259ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/ab8d3f16f7d315902056c5d2d0c8f72e/tumblr_oow3dr41Hm1wo7913o1_1280.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6cfd75c5aaaf095c42f1f3a1372bf3e291db65e4f63a8dd2414a3aaa86faa141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: MISS hhn 4
date: Wed, 20 Oct 2021 17:57:26 GMT
last-modified: Tue, 15 Dec 2020 17:37:12 GMT
server: nginx
x-frames: 1
etag: "726006202c675c71ca2007a77e235614-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 170253

GET
H2 200 tumblr_o0m996i6hg1sn4t3lo1_1280.png
64.media.tumblr.com/541fd52f5450994923f0605ebdafb4a5/ 256 KB
257 KB 24ms
21ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/541fd52f5450994923f0605ebdafb4a5/tumblr_o0m996i6hg1sn4t3lo1_1280.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cb14ba76d56314dcc93d0832aa7b6d975863724a990a28a990699db8bf273f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Wed, 20 Oct 2021 17:57:25 GMT
last-modified: Sun, 13 Dec 2020 23:39:37 GMT
server: nginx
x-frames: 1
etag: "541fd52f5450994923f0605ebdafb4a5-1498089600-66c08dc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_2ae8c75b4541b5ba86a4009fc3ce248f_83f75f66_1280.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 262373

GET
H2 200 tumblr_o0m996i6hg1sn4t3lo3_1280.png
64.media.tumblr.com/ec26d4ece177ec79289b3939f505febe/ 1 MB
1 MB 20ms
17ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/ec26d4ece177ec79289b3939f505febe/tumblr_o0m996i6hg1sn4t3lo3_1280.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0025b019c3f9c7b359da1df7201e842c8c0f0d021b163c2a2f6573f46dd5b90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Wed, 20 Oct 2021 17:57:25 GMT
last-modified: Fri, 11 Dec 2020 05:40:09 GMT
server: nginx
x-frames: 1
etag: "ec26d4ece177ec79289b3939f505febe-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 1269714

GET
H2 200 tumblr_o0m996i6hg1sn4t3lo2_1280.png
64.media.tumblr.com/b72edcc53a6a3d88b42995e045cfcce9/ 255 KB
255 KB 24ms
21ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/b72edcc53a6a3d88b42995e045cfcce9/tumblr_o0m996i6hg1sn4t3lo2_1280.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8010ca9bedb88a2ff573aa62c5276af0b408b0b99dd99b24b0b1e7866d9d2a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 20 Oct 2021 17:57:25 GMT
last-modified: Thu, 10 Dec 2020 22:34:22 GMT
server: nginx
x-frames: 1
etag: "b72edcc53a6a3d88b42995e045cfcce9-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 261164

GET
H2 200 tumblr_o0m996i6hg1sn4t3lo4_1280.png
64.media.tumblr.com/cf4a7896d41dd18e526977eb74f07c92/ 921 KB
922 KB 25ms
22ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/cf4a7896d41dd18e526977eb74f07c92/tumblr_o0m996i6hg1sn4t3lo4_1280.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1aaa4a0a88f9ab33e99329438d826f836cbbbd7face7db21c90e87174e3a243d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 20 Oct 2021 17:57:25 GMT
last-modified: Wed, 16 Dec 2020 21:53:44 GMT
server: nginx
x-frames: 1
etag: "cf4a7896d41dd18e526977eb74f07c92-1498089600-57aaf48"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 943254

GET
H2 200 tumblr_o0m996i6hg1sn4t3lo5_1280.png
64.media.tumblr.com/0f6b1f0039b275fbc93fa24debb3d03e/ 822 KB
823 KB 24ms
21ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/0f6b1f0039b275fbc93fa24debb3d03e/tumblr_o0m996i6hg1sn4t3lo5_1280.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a662e78e9e95e80ce159358e6677de2a918e5a315f10b0077cba4b76b7b9a3bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Wed, 20 Oct 2021 17:57:25 GMT
last-modified: Fri, 11 Dec 2020 06:52:04 GMT
server: nginx
x-frames: 1
etag: "0f6b1f0039b275fbc93fa24debb3d03e-1498089600-57aaf48"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 841646

GET
H2 200 tumblr_o0m996i6hg1sn4t3lo6_1280.png
64.media.tumblr.com/c344ffbfa92a97dfa71ca5406c0a91ed/ 873 KB
874 KB 25ms
22ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/c344ffbfa92a97dfa71ca5406c0a91ed/tumblr_o0m996i6hg1sn4t3lo6_1280.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

95a02446ee27371940adc44c2196eabddca5ea59b4bd5f8538155b36ae09c0a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Wed, 20 Oct 2021 17:57:25 GMT
last-modified: Mon, 14 Dec 2020 13:51:15 GMT
server: nginx
x-frames: 1
etag: "c344ffbfa92a97dfa71ca5406c0a91ed-1498089600-57aaf48"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 893685

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 99ms
22ms Script
application/javascript 104.108.144.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.144.126 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-144-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 20 Oct 2021 17:57:25 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK sw.js Show response
www.tumgir.com/ 100 KB
38 KB 356ms
272ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/sw.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8c382d76b7f3c936b789e587ff26a8383cb504a1b7c7f6183f80a45d2a464c9d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tumgir.com/sarahyasemin
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:59:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"190ed-17b08a9c319"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 / Show response
d18g6t7whf8ejf.cloudfront.net/ 243 KB
76 KB 206ms
177ms Script
text/plain 143.204.101.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.184 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-184.fra50.r.cloudfront.net
Software: /
Resource Hash: 692e8333d1bb4522a6b90dbafe382120b2a93ecada0cdcfe7553e9d8f4ed9615

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 77734
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-id: -oneLQgETuhZCjmaLg3amMleNlWSDc6FK7gFpjjkQQrgKcxgEEytPg==

GET
H2 200 / Show response
dmmzkfd82wayn.cloudfront.net/ 245 KB
81 KB 191ms
164ms Script
text/plain 143.204.101.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.193 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-193.fra50.r.cloudfront.net
Software: /
Resource Hash: 38b1292bb8e6d85cff6348054db2cbce69216ca7129f93ac9ac7d2f45ca38d99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 82132
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
x-amz-cf-id: p6ELp7x8Kn6bZ-wHikhHab3sCnoZV-lLldixovZ0Hrms6CFRd4e0rQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 85ms
31ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134279593-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 4229
date: Wed, 20 Oct 2021 16:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19887
expires: Wed, 20 Oct 2021 18:46:57 GMT

GET
H2 200 KFOmCnqEu92Fr1Me5g.woff
fonts.gstatic.com/s/roboto/v29/ 64 KB
64 KB 43ms
15ms Font
font/woff 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Me5g.woff

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

55110586d3719c3e8bdaa21f06e4cc1c0a7451abbae662344cbd4411536b585f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
Origin: https://www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 11:16:36 GMT
x-content-type-options: nosniff
age: 283249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65244
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 17 Oct 2022 11:16:36 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/ 271 KB
97 KB 255ms
255ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9997667645492317&plah=www.tumgir.com&bust=31063174

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

4a111a9457fa1840f6fe07aa190976ea50916cad4f6cb241b282d5eba91ff04e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99362
x-xss-protection: 0
server: cafe
etag: 11237849450337737701
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 17:57:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211018/r20190131/ Frame 8FC1 10 KB
5 KB 252ms
9ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211018/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211018/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 20 Oct 2021 14:30:45 GMT
expires: Wed, 03 Nov 2021 14:30:45 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 12401
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 131ms
38ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: C0B7E130097BC605
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44375
accept-ranges: bytes
content-length: 948
x-amz-id-2: WMRpIO186SrpMgXAdDxxqtwuB/nVpPpDrif5aSQ8+ORAAGwczaqMUoDLYLjYQOU+EHP09vSgz8E=

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 44ms
43ms XHR
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1839959405&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumgir.com%2Fsarahyasemin&ul=en-us&de=UTF-8&dt=sarahyasemin%20-%20Tumblr%20blog%20%7C%20Tumgir&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=385395476&gjid=1382171218&cid=633938413.1634752646&tid=UA-134279593-1&_gid=2138280547.1634752646&_r=1&gtm=2ouai0&z=759830695

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
607 B 42ms
15ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.tumgir.com&callback=_gfp_s_&client=ca-pub-9997667645492317

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9997667645492317&plah=www.tumgir.com&bust=31063174

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f4f31ba3ca5f998f376ae6ca0815ba7ffcb770b1244bb59c08e2eb6648232910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 60ms
23ms Script
application/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumgir.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 59ms
22ms Script
application/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumgir.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0CB5 603 B
68 B 69ms
47ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9997667645492317&output=html&adk=1812271804&adf=3025194257&lmt=1634752646&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.tumgir.com%2Fsarahyasemin&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634752645987&bpp=3&bdt=184&idt=299&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4835460548064&frm=20&pv=2&ga_vid=633938413.1634752646&ga_sid=1634752646&ga_hid=1839959405&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063174%2C31062525&oid=2&pvsid=1043719893021062&pem=463&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=317

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9997667645492317&output=html&adk=1812271804&adf=3025194257&lmt=1634752646&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.tumgir.com%2Fsarahyasemin&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634752645987&bpp=3&bdt=184&idt=299&shv=r20211018&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4835460548064&frm=20&pv=2&ga_vid=633938413.1634752646&ga_sid=1634752646&ga_hid=1839959405&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063174%2C31062525&oid=2&pvsid=1043719893021062&pem=463&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=317
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 20 Oct 2021 17:57:26 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 20-Oct-2021 18:12:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 20 Oct 2021 17:57:26 GMT
cache-control: private

GET
H2 200 WlpJenEheDoNLi8oJVhLeDI9DgEpYGZVBi0tZw4ENz0gCF85NSRVAi10IwlTdng6Fxd4YHhWUyk3P1hLeG5nSlN2eD0bFgUzLVhLeGJ9TEZramtWUykvKyUYPmhrQFNqYixPQmprK1dJO29xV0U%2BantXE28%2FKldHbztxT0VsPCsfEGx4NA Show response
mefagetobri.top/ 56 KB
23 KB 300ms
97ms Script
application/javascript 107.22.28.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mefagetobri.top/WlpJenEheDoNLi8oJVhLeDI9DgEpYGZVBi0tZw4ENz0gCF85NSRVAi10IwlTdng6Fxd4YHhWUyk3P1hLeG5nSlN2eD0bFgUzLVhLeGJ9TEZramtWUykvKyUYPmhrQFNqYixPQmprK1dJO29xV0U%2BantXE28%2FKldHbztxT0VsPCsfEGx4NA
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-28-167.compute-1.amazonaws.com
Software: / Express
Resource Hash: 2c91a02b2addcb241bb164ecd36e871ee2f99873f16e9c28711aca8f031efbd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"e0fd-sDufPB5nj4XlNrMXwwuMwzCSIQI"
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H2 204 utx Show response
shilternimpossip.xyz/ 0
415 B 211ms
186ms XHR
text/plain 13.224.193.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shilternimpossip.xyz/utx?cb=1ixytfuLXitf&top=www.tumgir.com&tid=852974
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-111.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:26 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: xbuvWwX3dbWEKf5-iJbqzOQTY_RQ9Fpqu5Vpdz1jXx9F1RMh6NJLGQ==

GET
H2 200 IhUmPWYlAlUbeAAZCRYGBBMxBnQNAQgpeDwFEwJ+KRkKBQYiFDIkXS4TNhhyNmYDDHA9AkF8dC5nXRhgKwIoClElHSsPBygGDQxFO2cMD2UrEQAbYwgePX9CKAYIF1svBiUccCgvKhhyNgM+Ig8lBlUMTCQBF2hcHzgKPgsmBR0ZXi4AAxdG Show response
shilternimpossip.xyz/bFdkTjYNNQcjCQ1qBmhDHjtZawQqclYIUl1vA3hCWyAMKA4JPQJgVQA4ESpQHjgKOhgCMhBrBCo2MhleATQjFwQuIAMZYT8SJg9dXTI9CEYKBVUETC0/MSh1LwEyAnUlMSUpdwcdEwt7KxIlC34oETIYWjUcKg9vLgMxD0EuMDIAYF8a... Frame 90D5 3 KB
2 KB 109ms
97ms Document
text/html 13.224.193.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shilternimpossip.xyz/bFdkTjYNNQcjCQ1qBmhDHjtZawQqclYIUl1vA3hCWyAMKA4JPQJgVQA4ESpQHjgKOhgCMhBrBCo2MhleATQjFwQuIAMZYT8SJg9dXTI9CEYKBVUETC0/MSh1LwEyAnUlMSUpdwcdEwt7KxIlC34oETIYWjUcKg9vLgMxD0EuMDIAYF8aLg9eJjU9GwI/FiUlE14VMhx7CRYOD3koL1AKezljMAtgH2MmNkE2FA4lfD1nLSlvKQ0zGGA+OzUMczYUIAt+KQYqCmxdMC0McyI5MwhSLQQjGHg6Ay4KbF0wNglnBD08C3goHSwMVzowDB9vOREgH1o1ZyMMGzU0JTd/IhUmPWYlAlUbeAAZCRYGBBMxBnQNAQgpeDwFEwJ+KRkKBQYiFDIkXS4TNhhyNmYDDHA9AkF8dC5nXRhgKwIoClElHSsPBygGDQxFO2cMD2UrEQAbYwgePX9CKAYIF1svBiUccCgvKhhyNgM+Ig8lBlUMTCQBF2hcHzgKPgsmBR0ZXi4AAxdG
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-111.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: f1ad1a3776936e09ff8e0664664164611da3c39ed3d56aafb191c2021c7ae621

Request headers

:method: GET
:authority: shilternimpossip.xyz
:scheme: https
:path: /bFdkTjYNNQcjCQ1qBmhDHjtZawQqclYIUl1vA3hCWyAMKA4JPQJgVQA4ESpQHjgKOhgCMhBrBCo2MhleATQjFwQuIAMZYT8SJg9dXTI9CEYKBVUETC0/MSh1LwEyAnUlMSUpdwcdEwt7KxIlC34oETIYWjUcKg9vLgMxD0EuMDIAYF8aLg9eJjU9GwI/FiUlE14VMhx7CRYOD3koL1AKezljMAtgH2MmNkE2FA4lfD1nLSlvKQ0zGGA+OzUMczYUIAt+KQYqCmxdMC0McyI5MwhSLQQjGHg6Ay4KbF0wNglnBD08C3goHSwMVzowDB9vOREgH1o1ZyMMGzU0JTd/IhUmPWYlAlUbeAAZCRYGBBMxBnQNAQgpeDwFEwJ+KRkKBQYiFDIkXS4TNhhyNmYDDHA9AkF8dC5nXRhgKwIoClElHSsPBygGDQxFO2cMD2UrEQAbYwgePX9CKAYIF1svBiUccCgvKhhyNgM+Ig8lBlUMTCQBF2hcHzgKPgsmBR0ZXi4AAxdG
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

content-type: text/html
content-length: 1223
date: Wed, 20 Oct 2021 17:57:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: vgYuxUY7WbcwluUIrjxFKLyoHBgaBUAFi59qs6bpCnGbT6rJAC5HQQ==

GET
H2 204 utx Show response
shilternimpossip.xyz/ 0
412 B 107ms
98ms XHR
text/plain 13.224.193.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shilternimpossip.xyz/utx?cb=V4xFQrDcCnNd&top=www.tumgir.com&tid=853405
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-111.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:26 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: now08-MeDhSm-qDhha8sCs7LF8eOhSQtOHUc82ejsWsi5pfnjzgJ3w==

GET
H2 200 ACczODwcIQ5hODAwOw4oJRcAHhAhMS8XHRA2IBlbITdSOi0mSiMdOwMjMTgwDjQFOzA1JAoFLhwYJDUvED0kMyNHIFNtODEaNw4rMRwwHTghIyAFDUM0GmQvJTAjDDwcHCgYEkw7JSMOAyEhZSknNDQAPSEXLR0CTDUnIwEdMTdhLCIZERc+HyU1Di8uNTBkJBk9J... Show response
shilternimpossip.xyz/dHNiVGoVEQE5VRVOAHIfBh9fcVgyVlASDkVLBWIeQwQKMlIRGQR6CRgcFzAMBhwMIEQaFhZxWDISBmYwIhcPJz83JxEFPDU+Mhk/ Frame 6D85 3 KB
2 KB 103ms
102ms Document
text/html 13.224.193.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shilternimpossip.xyz/dHNiVGoVEQE5VRVOAHIfBh9fcVgyVlASDkVLBWIeQwQKMlIRGQR6CRgcFzAMBhwMIEQaFhZxWDISBmYwIhcPJz83JxEFPDU+Mhk/ACczODwcIQ5hODAwOw4oJRcAHhAhMS8XHRA2IBlbITdSOi0mSiMdOwMjMTgwDjQFOzA1JAoFLhwYJDUvED0kMyNHIFNtODEaNw4rMRwwHTghIyAFDUM0GmQvJTAjDDwcHCgYEkw7JSMOAyEhZSknNDQAPSEXLR0CTDUnIwEdMTdhLCIZERc+HyU1Di8uNTBkJBk9J2EsIhorMighNTE3LyEDNzg4GDcOZS4gQE8WLyMLOwMgJhwtFSs5QCoFIzAiUDcdLBgwBg9EJQYBBiYfOjMrEjYIMwsgGDc4CTEhABMdTFZQFi9ERiQCAD0nIRYdPhUkGjAmBDdtKDUiAxVZNjYuAV8iFlIOLCVCLD07ISUgAjI2NjUjOzw+GjcwPBgsOicyRicBMgA1OgIvIBIjcgAHHAwkVwYwCBMgPBUaFlwcIhA8
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-111.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: eba9a43d926c88cef7db841999433a650cde515d2793a0014437ed10237e5205

Request headers

:method: GET
:authority: shilternimpossip.xyz
:scheme: https
:path: /dHNiVGoVEQE5VRVOAHIfBh9fcVgyVlASDkVLBWIeQwQKMlIRGQR6CRgcFzAMBhwMIEQaFhZxWDISBmYwIhcPJz83JxEFPDU+Mhk/ACczODwcIQ5hODAwOw4oJRcAHhAhMS8XHRA2IBlbITdSOi0mSiMdOwMjMTgwDjQFOzA1JAoFLhwYJDUvED0kMyNHIFNtODEaNw4rMRwwHTghIyAFDUM0GmQvJTAjDDwcHCgYEkw7JSMOAyEhZSknNDQAPSEXLR0CTDUnIwEdMTdhLCIZERc+HyU1Di8uNTBkJBk9J2EsIhorMighNTE3LyEDNzg4GDcOZS4gQE8WLyMLOwMgJhwtFSs5QCoFIzAiUDcdLBgwBg9EJQYBBiYfOjMrEjYIMwsgGDc4CTEhABMdTFZQFi9ERiQCAD0nIRYdPhUkGjAmBDdtKDUiAxVZNjYuAV8iFlIOLCVCLD07ISUgAjI2NjUjOzw+GjcwPBgsOicyRicBMgA1OgIvIBIjcgAHHAwkVwYwCBMgPBUaFlwcIhA8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

content-type: text/html
content-length: 1238
date: Wed, 20 Oct 2021 17:57:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: zOol6VMlnq9xUxX0791oRUB6Oj1B8dZyIBbbkiKDjM0whCg1Vuw_5w==

GET
H2 204 utx Show response
shilternimpossip.xyz/ 0
415 B 97ms
97ms XHR
text/plain 13.224.193.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shilternimpossip.xyz/utx?cb=JjaJKLpfc061&top=www.tumgir.com&tid=921528
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-111.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:26 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: kDQO9KM2yHPQLrRj2ZZ1p2W7tblKU4XMcHbpTwgkcvKnuzkq5Zoe_g==

GET
H2 200 Ox8IWTkaHVd+GRoDd001HhZecQgUNVReKhokCW0jIAN3ZxscOHR2IxdBWw0+QDgVBjYUJXpOJylDQ20xNyFWBxsaOVhYRxcqakM+JhoHbQoFMFVjMkMRZRkTAj1jeQY0GF9HPSIVVXsnCRpyYTpUQHJSHkAFYWMYRisCRxM7JgARQjM+AX5VQzRzWioJIElxFz4xa... Show response
shilternimpossip.xyz/NHBxcjBVEhIfD1VNE1RFRhxMVwJyVUM0VFkdCxlWUEhDBVFNHl8RXFsFFRRCWx4FXF5RBFRAdlslQTwDYCUaBXx2GwMWWVcBNEFyQykpOHNSQzdDe2UhGDhJelVDMHJmJR09cnIzMwhIXzMLBVxWCRJHdQcyRBZjDCc4CwVBKiM7Wn8d... Frame F60A 3 KB
2 KB 99ms
99ms Document
text/html 13.224.193.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shilternimpossip.xyz/NHBxcjBVEhIfD1VNE1RFRhxMVwJyVUM0VFkdCxlWUEhDBVFNHl8RXFsFFRRCWx4FXF5RBFRAdlslQTwDYCUaBXx2GwMWWVcBNEFyQykpOHNSQzdDe2UhGDhJelVDMHJmJR09cnIzMwhIXzMLBVxWCRJHdQcyRBZjDCc4CwVBKiM7Wn8dRAtlZwcFP2gBNBAIAF48MwpHZCQ0GXdnMRk9Y1s/Ox8IWTkaHVd+GRoDd001HhZecQgUNVReKhokCW0jIAN3ZxscOHR2IxdBWw0+QDgVBjYUJXpOJylDQ20xNyFWBxsaOVhYRxcqakM+JhoHbQoFMFVjMkMRZRkTAj1jeQY0GF9HPSIVVXsnCRpyYTpUQHJSHkAFYWMYRisCRxM7JgARQjM+AX5VQzRzWioJIElxFz4xamcWQhkAfhggH3paABwgaAQBPgh1bTkyCgJXJDdCVVpBCyVoWEgrOmJuFUICAlclElcCdjs1J1l2IyMBaWUmMhReAUkSN3ZGIDZGFl4DHhxACQIpHltmRTsHB3w7GQ
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-111.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: cbd445d1145f9de2edd14cdd05e563c37efdbceaed5366b258e69bd3a6d23106

Request headers

:method: GET
:authority: shilternimpossip.xyz
:scheme: https
:path: /NHBxcjBVEhIfD1VNE1RFRhxMVwJyVUM0VFkdCxlWUEhDBVFNHl8RXFsFFRRCWx4FXF5RBFRAdlslQTwDYCUaBXx2GwMWWVcBNEFyQykpOHNSQzdDe2UhGDhJelVDMHJmJR09cnIzMwhIXzMLBVxWCRJHdQcyRBZjDCc4CwVBKiM7Wn8dRAtlZwcFP2gBNBAIAF48MwpHZCQ0GXdnMRk9Y1s/Ox8IWTkaHVd+GRoDd001HhZecQgUNVReKhokCW0jIAN3ZxscOHR2IxdBWw0+QDgVBjYUJXpOJylDQ20xNyFWBxsaOVhYRxcqakM+JhoHbQoFMFVjMkMRZRkTAj1jeQY0GF9HPSIVVXsnCRpyYTpUQHJSHkAFYWMYRisCRxM7JgARQjM+AX5VQzRzWioJIElxFz4xamcWQhkAfhggH3paABwgaAQBPgh1bTkyCgJXJDdCVVpBCyVoWEgrOmJuFUICAlclElcCdjs1J1l2IyMBaWUmMhReAUkSN3ZGIDZGFl4DHhxACQIpHltmRTsHB3w7GQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

content-type: text/html
content-length: 1233
date: Wed, 20 Oct 2021 17:57:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: VT9jjGODL8YSaAMP5mlrzZPuDEnBXmKox-1hqE46bcneVPgxALL_pQ==

GET
H2 204 utx Show response
shilternimpossip.xyz/ 0
415 B 188ms
187ms XHR
text/plain 13.224.193.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shilternimpossip.xyz/utx?cb=kii5Jrea4sBE&top=www.tumgir.com&tid=853405
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-111.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:26 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 8ANQBmG8UVG_3IGQmhl6QF_rQylxQj-81KA66uOyjLL28PXvQue_Ig==

GET
H2 200 login.php
www.facebook.com/ 0
0 180ms
165ms Image
text/html 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-star-mini-shv-02-frt3.facebook.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 100ms
78ms Image
text/html 142.250.186.173
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.173 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f13.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 94ms
73ms Image
text/html 142.250.186.173
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.173 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f13.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 / Show response
dmmzkfd82wayn.cloudfront.net/ 245 KB
81 KB 11ms
11ms Script
text/plain 143.204.101.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.193 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-193.fra50.r.cloudfront.net
Software: /
Resource Hash: 38b1292bb8e6d85cff6348054db2cbce69216ca7129f93ac9ac7d2f45ca38d99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 82132
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
x-amz-cf-id: 0aPnNb5zd-GMB1JOu4yTn9sy8_kh9pzAp-UI_GUmtLbiLx7UouGaWg==

GET
H2 200 / Show response
freychang.fun/ 16 B
322 B 177ms
137ms Fetch
text/plain 104.21.45.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/?f=b0174682fa63789a3402a7f7bc361b31
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d8c71e628081f0a3daabcd4660b5239eb0e964c1853a9fb56b818362afcef7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSI0jszHCIB9zj%2FeTWBsbsob%2F9gH52e8wI9pmJ8FqlOzKz7KB6SH58uLfUtwMKzN3k4%2BR0zgyB2hdMK6cF2ydJUUGBRQ%2FyfRX60Ys%2B8m5T6iWVplj7F8f6eXdKGDPkD4"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6a1420ea1c34277c-PRG
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
freychang.fun/ 16 B
724 B 158ms
133ms Fetch
text/plain 104.21.45.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/?f=b0174682fa63789a3402a7f7bc361b31
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bf4fa8706045b11f000f3010f2ffd42211009da07aed612a893d0af3b2bf94c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhwvtpZWEF%2BAwCLmx0MmXnuZxYwb2ETdGhcIMjXsgEk%2BUi8lEmrxdeyt%2FlpTkZgSM4pfdTdWAOhFZUrMnDLKtfLTjSPABaGxndFxKMR6DG9LuU5otnIbdreXTc9fK8Sr"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6a1420ea1c36277c-PRG
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 204 QWIgWClEdXZCORgwJUJwSnRgAGsQKjZecEl0YABrD3lhH35NamICY0xiJEEsHnlhFz0NMDwMfE93ZAZ4S3JkB3pJcA
microusconvilla.xyz/UDFNeUR/Di4KeTJaJTsJY3MrHy0SZwgONyN7CxoRBkg1TAUFcyhfMDlVcEB2YQR/ 0
213 B 126ms
98ms Image
text/plain 13.225.78.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microusconvilla.xyz/UDFNeUR/Di4KeTJaJTsJY3MrHy0SZwgONyN7CxoRBkg1TAUFcyhfMDlVcEB2YQR/QWIgWClEdXZCORgwJUJwSnRgAGsQKjZecEl0YABrD3lhH35NamICY0xiJEEsHnlhFz0NMDwMfE93ZAZ4S3JkB3pJcA
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-51.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 20 Oct 2021 17:57:26 GMT
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: IYYEwXI3VBtftpgXZwx8M2E9jxWQ01ytH8I_KnWP7ChOb4tT1ThbEA==
x-cache: Miss from cloudfront

GET
H2 204 utx Show response
shilternimpossip.xyz/ 0
415 B 97ms
97ms XHR
text/plain 13.224.193.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shilternimpossip.xyz/utx?cb=dSAhgVQwKCoP&top=www.tumgir.com&tid=921528
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-111.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:26 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 7EbM6k18wzIDpkaXmKnv-MR34DX1IBTP5k3z979NTe7jWBy_dpue5Q==

GET
H2 204 utx Show response
shilternimpossip.xyz/ 0
414 B 98ms
97ms XHR
text/plain 13.224.193.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shilternimpossip.xyz/utx?cb=SqoGxeGFkpFr&top=www.tumgir.com&tid=853405
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-111.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:26 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: s6zuL26klzG9-unCuwkbmvOXkQBjg62GPI7UoRMmx2zdqhffkakLnw==

GET
H2 200 b4763d50-e3a3-4c94-87b6-682aed526c7f Show response
player.ex.co/player/ 672 KB
199 KB 33ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a5913e07c0b369fb401e65ff51bb876ad26268510fcee58cad73fe2d0a351f03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: gzip
age: 90
x-cache: HIT, HIT
access-control-max-age: 600
content-length: 203627
x-served-by: cache-dca17766-DCA, cache-hhn4028-HHN
access-control-allow-origin: *
server: nginx
x-timer: S1634752647.740697,VS0,VE1
etag: W/"a7e23-JI6PZk5Y77COrpZcCVLh9kIflrs"
vary: Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type
x-cache-hits: 1, 1

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-6103d59079bcdcec/ 1 KB
680 B 70ms
59ms Script
application/javascript 104.108.144.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-6103d59079bcdcec/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.144.126 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e552184493eea74a53b11e52b6e6eec9c35d90cece6592d9bdf6cf1090ad8c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: gzip
etag: 706338575--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=21, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 504

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 178ms
156ms Script
application/javascript 104.108.144.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=617058866baacef8&bkl=0&bl=1&pdt=1037&sid=617058866baacef8&pub=ra-6103d59079bcdcec&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tumgir.com&fp=sarahyasemin&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1634752646744&jsl=0&uvs=6170588605a48504000&skipb=1&callback=addthis.cbs.jsonp__185946410022806760
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.144.126 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5e03617074fab34b310819a44eb9f3ebf274fbbcf982558ce1cb34b2eba6fd95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:26 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame EE1E 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame E2E5 71 KB
26 KB 22ms
22ms Document
text/html 104.108.144.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.144.126 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-144-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 20 Oct 2021 17:57:26 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK blogs Show response
www.tumgir.com/api/tumblr/trending/ 317 KB
54 KB 884ms
884ms Fetch
application/json 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/api/tumblr/trending/blogs
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/pages/_app-a778eaf450f2bced8507.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 48f770457c2729d9f9c8c82fe6673fcaa92f0707132789a81881eed1faf3df29

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.tumgir.com/sarahyasemin
Cookie: _ga=GA1.2.633938413.1634752646; _gid=GA1.2.2138280547.1634752646; _gat_gtag_UA_134279593_1=1; __gads=ID=d2ad96d4b4c9587d-2223e77ff9ca0066:T=1634752646:RT=1634752646:S=ALNI_MYOcoU56RPIY7qR7LWvXwbnH2Lnfg; __atuvc=1%7C42; __atuvs=6170588605a48504000
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/json

GET
H/1.1 200
OK blogs Show response
www.tumgir.com/api/tumblr/trending/ 317 KB
54 KB 608ms
608ms Fetch
application/json 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/api/tumblr/trending/blogs
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/pages/_app-a778eaf450f2bced8507.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6d1057b3a26c4282f803f9e5c814b7a3f8bdc18523fd0587db6d54c630bef228

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.tumgir.com/sarahyasemin
Cookie: _ga=GA1.2.633938413.1634752646; _gid=GA1.2.2138280547.1634752646; _gat_gtag_UA_134279593_1=1; __gads=ID=d2ad96d4b4c9587d-2223e77ff9ca0066:T=1634752646:RT=1634752646:S=ALNI_MYOcoU56RPIY7qR7LWvXwbnH2Lnfg; __atuvc=1%7C42; __atuvs=6170588605a48504000
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/json

GET
H2 200 aVWhmcGY2BwgWWSEBAk1eYFpfR1JzAhUfCCVVLCIfAgAkJwEMGEAEHDFVVlYKNAYBTUAwBgVNV3MJAhJbYU4SAAk+VRMeAjAODx4DMU4TEVs4BxwZCjkJQ0IgYEZWVVRlQBEZCDEHEQNDZ1gIBENnWFdASGVNVTJDZ1gRGQhjXENDJHBaVghQYUFDQlY0GB-YcAyI... Show response
d18g6t7whf8ejf.cloudfront.net/ Frame 90D5 426 B
617 B 156ms
156ms Script
text/plain 143.204.101.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/aVWhmcGY2BwgWWSEBAk1eYFpfR1JzAhUfCCVVLCIfAgAkJwEMGEAEHDFVVlYKNAYBTUAwBgVNV3MJAhJbYU4SAAk+VRMeAjAODx4DMU4TEVs4BxwZCjkJQ0IgYEZWVVRlQBEZCDEHEQNDZ1gIBENnWFdASGVNVTJDZ1gRGQhjXENDJHBaVghQYUFDQlY0GB-YcAyINBBsPIU1UNlNmX0hDUHBaVlgNPRwLHENnK0NCVjkBDRVDZ1gBFQU+B09VVGULDgIJOA1DQiBsW0hASGFdUUdIY1tDQlYmCQARFDxNVDZTZl9IQ1BzHVs
Requested by: Host: shilternimpossip.xyz
URL: https://shilternimpossip.xyz/bFdkTjYNNQcjCQ1qBmhDHjtZawQqclYIUl1vA3hCWyAMKA4JPQJgVQA4ESpQHjgKOhgCMhBrBCo2MhleATQjFwQuIAMZYT8SJg9dXTI9CEYKBVUETC0/MSh1LwEyAnUlMSUpdwcdEwt7KxIlC34oETIYWjUcKg9vLgMxD0EuMDIAYF8aLg9eJjU9GwI/FiUlE14VMhx7CRYOD3koL1AKezljMAtgH2MmNkE2FA4lfD1nLSlvKQ0zGGA+OzUMczYUIAt+KQYqCmxdMC0McyI5MwhSLQQjGHg6Ay4KbF0wNglnBD08C3goHSwMVzowDB9vOREgH1o1ZyMMGzU0JTd/IhUmPWYlAlUbeAAZCRYGBBMxBnQNAQgpeDwFEwJ+KRkKBQYiFDIkXS4TNhhyNmYDDHA9AkF8dC5nXRhgKwIoClElHSsPBygGDQxFO2cMD2UrEQAbYwgePX9CKAYIF1svBiUccCgvKhhyNgM+Ig8lBlUMTCQBF2hcHzgKPgsmBR0ZXi4AAxdG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.184 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-184.fra50.r.cloudfront.net
Software: /
Resource Hash: 755780904756deba90da98c0b394ea2aced9d0c8e5c16d217a6e829a1a427743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shilternimpossip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 340
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-id: 0LCPIn0gVfQLkiDdI-xvSi_fkzO9oJWEyzhzMi3rupl0DFRjSbaa5Q==

GET
H2 200 ad2ZVdmsUCTsQVAMPMUtTQlVhRl5RDCYZBQdbJzUBMCwdEBM1UD0nGR9AIQwPSlZzGgoZAWhQDhkFaEdNFgI3S19REiUZAEoRIRUPBQg7Gx0EQCAXVhoJLx8HGwdwRC1CSGVTWUdOIh8FEwkiBU5FVjsCTkVWZEZFR0NmNE5FViIfBUFScEUpUlRlDl1DT3-BEWxY... Show response
d18g6t7whf8ejf.cloudfront.net/ Frame 6D85 594 B
741 B 160ms
160ms Script
text/plain 143.204.101.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/ad2ZVdmsUCTsQVAMPMUtTQlVhRl5RDCYZBQdbJzUBMCwdEBM1UD0nGR9AIQwPSlZzGgoZAWhQDhkFaEdNFgI3S19REiUZAEoRIRUPBQg7Gx0EQCAXVhoJLx8HGwdwRC1CSGVTWUdOIh8FEwkiBU5FVjsCTkVWZEZFR0NmNE5FViIfBUFScEUpUlRlDl1DT3-BEWxYWJRoOAAM3HQIDQ2cwXkRRe0VdUlRlXgAfEjgaTkUlcERbGw8+E05FVjITCBwJfFNZRwU9BAQaA3BELU5Ve0ZFQ1NiQUVBVXBEWwQHMxcZHkNnMF5EUXtFXVETaA
Requested by: Host: shilternimpossip.xyz
URL: https://shilternimpossip.xyz/dHNiVGoVEQE5VRVOAHIfBh9fcVgyVlASDkVLBWIeQwQKMlIRGQR6CRgcFzAMBhwMIEQaFhZxWDISBmYwIhcPJz83JxEFPDU+Mhk/ACczODwcIQ5hODAwOw4oJRcAHhAhMS8XHRA2IBlbITdSOi0mSiMdOwMjMTgwDjQFOzA1JAoFLhwYJDUvED0kMyNHIFNtODEaNw4rMRwwHTghIyAFDUM0GmQvJTAjDDwcHCgYEkw7JSMOAyEhZSknNDQAPSEXLR0CTDUnIwEdMTdhLCIZERc+HyU1Di8uNTBkJBk9J2EsIhorMighNTE3LyEDNzg4GDcOZS4gQE8WLyMLOwMgJhwtFSs5QCoFIzAiUDcdLBgwBg9EJQYBBiYfOjMrEjYIMwsgGDc4CTEhABMdTFZQFi9ERiQCAD0nIRYdPhUkGjAmBDdtKDUiAxVZNjYuAV8iFlIOLCVCLD07ISUgAjI2NjUjOzw+GjcwPBgsOicyRicBMgA1OgIvIBIjcgAHHAwkVwYwCBMgPBUaFlwcIhA8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.184 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-184.fra50.r.cloudfront.net
Software: /
Resource Hash: 7996068577aff69aea777d079337e8d52773674413f44e24f984f25bd86551cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shilternimpossip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 464
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-id: LcrEbxdf1j3YlAI8m2XZSkW9vTAoHEZeuUPVot-w4DTeRoQKldC1qA==

GET
H2 200 CnZxRyEgOCZSf3k0JhQmJnpmRX0qOzEYICx2cTF0en1zWXl8ZHRZe3p2cUc+KDUiBSRsYQVCfn59cEFrPG4 Show response
dmmzkfd82wayn.cloudfront.net/oU0N3TUkwLBkrdicqE3BwYXJCf3F1KQQiJyN+BRUlOBFCBzxkCzwlbyc5E3B5dS8WIy5uZRIjKm5yUSwtMX5Daz0jLBxwPTEkGSAhOSoOJm8mIkogJikqGyEodnExeGdjZkV9YSQqGSkmJDBSf3k9N1J/eWJzWX1sYAFSf3k... Frame F60A 964 B
931 B 161ms
160ms Script
text/plain 143.204.101.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/oU0N3TUkwLBkrdicqE3BwYXJCf3F1KQQiJyN+BRUlOBFCBzxkCzwlbyc5E3B5dS8WIy5uZRIjKm5yUSwtMX5Daz0jLBxwPTEkGSAhOSoOJm8mIkogJikqGyEodnExeGdjZkV9YSQqGSkmJDBSf3k9N1J/eWJzWX1sYAFSf3kkKhl7fXZwNWh7YztBeWB2cU-csOSMvEjosMSgeOWxhBUJ+fn1wQWh7Y2scJT0+L1J/CnZxRyEgOCZSf3k0JhQmJnpmRX0qOzEYICx2cTF0en1zWXl8ZHRZe3p2cUc+KDUiBSRsYQVCfn59cEFrPG4
Requested by: Host: shilternimpossip.xyz
URL: https://shilternimpossip.xyz/NHBxcjBVEhIfD1VNE1RFRhxMVwJyVUM0VFkdCxlWUEhDBVFNHl8RXFsFFRRCWx4FXF5RBFRAdlslQTwDYCUaBXx2GwMWWVcBNEFyQykpOHNSQzdDe2UhGDhJelVDMHJmJR09cnIzMwhIXzMLBVxWCRJHdQcyRBZjDCc4CwVBKiM7Wn8dRAtlZwcFP2gBNBAIAF48MwpHZCQ0GXdnMRk9Y1s/Ox8IWTkaHVd+GRoDd001HhZecQgUNVReKhokCW0jIAN3ZxscOHR2IxdBWw0+QDgVBjYUJXpOJylDQ20xNyFWBxsaOVhYRxcqakM+JhoHbQoFMFVjMkMRZRkTAj1jeQY0GF9HPSIVVXsnCRpyYTpUQHJSHkAFYWMYRisCRxM7JgARQjM+AX5VQzRzWioJIElxFz4xamcWQhkAfhggH3paABwgaAQBPgh1bTkyCgJXJDdCVVpBCyVoWEgrOmJuFUICAlclElcCdjs1J1l2IyMBaWUmMhReAUkSN3ZGIDZGFl4DHhxACQIpHltmRTsHB3w7GQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.193 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-193.fra50.r.cloudfront.net
Software: /
Resource Hash: 827639e91ba043567143c8653d33853272eac6372138315e5cd9925419eb5037

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shilternimpossip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 653
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
x-amz-cf-id: nkHfe7JjtxXhIAycVdMvR7AJCaolGa_gXzBMzG7nY5IZCGKQPmeXsw==

GET
H/1.1 200
OK index-85ccfe727ca793fc1875.js
www.tumgir.com/_next/static/chunks/pages/ 0
2 KB 88ms
87ms Other
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/index-85ccfe727ca793fc1875.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/main-011e14431c997dd5213e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Purpose: prefetch
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.tumgir.com/sarahyasemin
Cookie: _ga=GA1.2.633938413.1634752646; _gid=GA1.2.2138280547.1634752646; _gat_gtag_UA_134279593_1=1; __gads=ID=d2ad96d4b4c9587d-2223e77ff9ca0066:T=1634752646:RT=1634752646:S=ALNI_MYOcoU56RPIY7qR7LWvXwbnH2Lnfg; __atuvc=1%7C42; __atuvs=6170588605a48504000
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Oct 2021 08:37:38 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"b35-17c883fd89a"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK about-2ac3b6e1088794187e68.js
www.tumgir.com/_next/static/chunks/pages/static/ 0
1 KB 87ms
87ms Other
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/static/about-2ac3b6e1088794187e68.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/main-011e14431c997dd5213e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Purpose: prefetch
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.tumgir.com/sarahyasemin
Cookie: _ga=GA1.2.633938413.1634752646; _gid=GA1.2.2138280547.1634752646; _gat_gtag_UA_134279593_1=1; __gads=ID=d2ad96d4b4c9587d-2223e77ff9ca0066:T=1634752646:RT=1634752646:S=ALNI_MYOcoU56RPIY7qR7LWvXwbnH2Lnfg; __atuvc=1%7C42; __atuvs=6170588605a48504000
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Oct 2021 08:37:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"550-17c883f4efd"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK privacy-policy-4eb38d6c997101937b17.js
www.tumgir.com/_next/static/chunks/pages/static/ 0
2 KB 88ms
87ms Other
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/static/privacy-policy-4eb38d6c997101937b17.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/main-011e14431c997dd5213e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Purpose: prefetch
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.tumgir.com/sarahyasemin
Cookie: _ga=GA1.2.633938413.1634752646; _gid=GA1.2.2138280547.1634752646; _gat_gtag_UA_134279593_1=1; __gads=ID=d2ad96d4b4c9587d-2223e77ff9ca0066:T=1634752646:RT=1634752646:S=ALNI_MYOcoU56RPIY7qR7LWvXwbnH2Lnfg; __atuvc=1%7C42; __atuvs=6170588605a48504000
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Oct 2021 08:37:38 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"13c8-17c883fd89a"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK %5Bname%5D-0d641eff210e9fae6437.js
www.tumgir.com/_next/static/chunks/pages/ 0
2 KB 88ms
87ms Other
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/%5Bname%5D-0d641eff210e9fae6437.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/main-011e14431c997dd5213e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Purpose: prefetch
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.tumgir.com/sarahyasemin
Cookie: _ga=GA1.2.633938413.1634752646; _gid=GA1.2.2138280547.1634752646; _gat_gtag_UA_134279593_1=1; __gads=ID=d2ad96d4b4c9587d-2223e77ff9ca0066:T=1634752646:RT=1634752646:S=ALNI_MYOcoU56RPIY7qR7LWvXwbnH2Lnfg; __atuvc=1%7C42; __atuvs=6170588605a48504000
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Oct 2021 08:37:53 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"c75-17c8840154a"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 204 utx Show response
tricketoffic.xyz/ 0
415 B 126ms
98ms XHR
text/plain 13.224.193.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tricketoffic.xyz/utx?tid=846710&top=www.tumgir.com&cb=iusplLufucdQ
Requested by: Host: mefagetobri.top
URL: https://mefagetobri.top/WlpJenEheDoNLi8oJVhLeDI9DgEpYGZVBi0tZw4ENz0gCF85NSRVAi10IwlTdng6Fxd4YHhWUyk3P1hLeG5nSlN2eD0bFgUzLVhLeGJ9TEZramtWUykvKyUYPmhrQFNqYixPQmprK1dJO29xV0U%2BantXE28%2FKldHbztxT0VsPCsfEGx4NA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-105.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:26 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: l0REQTy0ybWV2OPgxN3wWQSeaaDI-gFEwwIfzVZ3ZftXI4U7qDIiWw==

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
137 B 286ms
92ms XHR
text/plain 54.88.209.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-209-254.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tumgir.com
date: Wed, 20 Oct 2021 17:57:27 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 41ms
16ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 17:27:21 GMT
server: ESF
date: Wed, 20 Oct 2021 17:57:26 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 20 Oct 2021 17:57:26 GMT

GET
H2 200 hls.min.js Show response
player.avplayer.com/script/2/2.55/libs/ 247 KB
71 KB 43ms
15ms Script
application/javascript 2.16.181.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.181.64 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-181-64.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UzXaMNrb_qmTb8FvOI8rtyw5Klcl86amG3BhAgB5ru7giatCZYZIc-lLAetv3TKcTaEuAs3GCtFCgLTc4XiTKyTprFnOg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 71831
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
server: UploadServer
etag: "7888b98658e8cef4a98786556ccdab66"
vary: Accept-Encoding
x-goog-hash: crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language: en
x-goog-generation: 1610290372874389
cache-control: public, max-age=300
x-goog-stored-content-length: 71831
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 18:02:26 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 238 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 845D 361 KB
102 KB 78ms
26ms Script
application/javascript 104.107.161.131
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.107.161.131 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-131.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 4be248af2533387777c0841dbe22c2da3d19217cee48ae7c68063ba2966f1d77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsqFW9s4k7qBuabns03lMHtJtHGmBMMj4YiNF5X_hfKWJZJHk-fCaaHJ0W6e7zlzpC81qNrlv9rePdN6jDSxOk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 103423
last-modified: Wed, 13 Oct 2021 06:17:51 GMT
server: UploadServer
etag: "e88cbf5213e55dde489911c70aa5ec91"
vary: Accept-Encoding
x-goog-hash: crc32c=4L5KPg==, md5=6Iy/UhPlXd5ImRHHCqXskQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1634105871199372
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 103423
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 18:02:26 GMT

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
136 B 208ms
93ms XHR
text/plain 54.88.209.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-209-254.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tumgir.com
date: Wed, 20 Oct 2021 17:57:27 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
136 B 207ms
93ms XHR
text/plain 54.88.209.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-209-254.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tumgir.com
date: Wed, 20 Oct 2021 17:57:27 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 track
atrack.avplayer.com/ 0
71 B 337ms
105ms Image
text/plain 34.225.64.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=playerLoaded&cb=1634752646911&cid=60a0c4acce284b4c1059cbe8&VERSION=4.86.5&AV_PAGE_LOAD_UID=3c5f2b1e-f211-49c3-9cd7-83bf8720b241&AV_CDIM4=3c5f2b1e-f211-49c3-9cd7-83bf8720b241&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.64.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-64-38.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 / Show response
freychang.fun/ 16 B
647 B 161ms
140ms Fetch
text/plain 104.21.45.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/?f=b0174682fa63789a3402a7f7bc361b31
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.45.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d266a463858b3d8435608139ace33017293daee1589bc1eb6c3ca94234b78aa4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpj6gnC4rEX9T5RyxRn8kLmK7rayrxU4i9f4v0TibT%2B5QUTz%2FPzvGJvLKTaimB4cN0d4BvPfgvks0q2%2FXedUXglpfzs1U5pWbbp%2F%2FJb8tfemT5g0VJlxNJDpauT1OcdX"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6a1420eb9d02411f-PRG
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 31ms
31ms Script
application/javascript 104.108.144.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.144.126 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-144-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 20 Oct 2021 17:57:26 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

POST
H2 200 / Show response
orektobedirect.xyz/ 0
37 B 298ms
99ms XHR
text/plain 107.22.28.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://orektobedirect.xyz/
Requested by: Host: mefagetobri.top
URL: https://mefagetobri.top/WlpJenEheDoNLi8oJVhLeDI9DgEpYGZVBi0tZw4ENz0gCF85NSRVAi10IwlTdng6Fxd4YHhWUyk3P1hLeG5nSlN2eD0bFgUzLVhLeGJ9TEZramtWUykvKyUYPmhrQFNqYixPQmprK1dJO29xV0U%2BantXE28%2FKldHbztxT0VsPCsfEGx4NA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-28-167.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
content-length: 0

GET
H/1.1 200
OK landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.m3u8 Show response
mcd.ex.co/video/upload/sp_hd/v1490095101/ 1 KB
2 KB 45ms
12ms XHR
application/x-mpegurl 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: ba61adfabcf1b3b3f6e38627ced33e2105786674f401c90d405c80ee171d440e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Last-Modified: Fri, 05 Mar 2021 21:15:12 GMT
Server: cloudinary
X-Timer: S1615106627.431831,VS0,VE1
ETag: "325f79b1e7823e1ac07bb422d9aeedc9"
X-Served-By: cache-wdc5575-WDC
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=11911672
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 1127
X-Cache-Hits: 1

GET
H/1.1 200
OK about-2ac3b6e1088794187e68.js Show response
www.tumgir.com/_next/static/chunks/pages/static/ 1 KB
1 KB 87ms
87ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/static/about-2ac3b6e1088794187e68.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/main-011e14431c997dd5213e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 61328819a22c773f82795a5f3a9189215cda4bd43c84185a906b623282e1716b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tumgir.com/sarahyasemin
Cookie: _ga=GA1.2.633938413.1634752646; _gid=GA1.2.2138280547.1634752646; _gat_gtag_UA_134279593_1=1; __gads=ID=d2ad96d4b4c9587d-2223e77ff9ca0066:T=1634752646:RT=1634752646:S=ALNI_MYOcoU56RPIY7qR7LWvXwbnH2Lnfg; __atuvc=1%7C42; __atuvs=6170588605a48504000; exco-uid=75p7kjkpn9f1z9xk
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Oct 2021 08:37:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"550-17c883f4efd"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK index-85ccfe727ca793fc1875.js Show response
www.tumgir.com/_next/static/chunks/pages/ 3 KB
2 KB 87ms
87ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/index-85ccfe727ca793fc1875.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/main-011e14431c997dd5213e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89f9386ac0364b0d1e9d7f764fe25ba01c347b9a3021b7f5b50ed45a0b87b0f3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tumgir.com/sarahyasemin
Cookie: _ga=GA1.2.633938413.1634752646; _gid=GA1.2.2138280547.1634752646; _gat_gtag_UA_134279593_1=1; __gads=ID=d2ad96d4b4c9587d-2223e77ff9ca0066:T=1634752646:RT=1634752646:S=ALNI_MYOcoU56RPIY7qR7LWvXwbnH2Lnfg; __atuvc=1%7C42; __atuvs=6170588605a48504000; exco-uid=75p7kjkpn9f1z9xk
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Oct 2021 08:37:38 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"b35-17c883fd89a"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK privacy-policy-4eb38d6c997101937b17.js Show response
www.tumgir.com/_next/static/chunks/pages/static/ 5 KB
2 KB 87ms
87ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/static/privacy-policy-4eb38d6c997101937b17.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/main-011e14431c997dd5213e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4791a126f3394cb0c65f065d78b83ffb971fe226bd3b69a99ba0f2cfed2e203d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tumgir.com/sarahyasemin
Cookie: _ga=GA1.2.633938413.1634752646; _gid=GA1.2.2138280547.1634752646; _gat_gtag_UA_134279593_1=1; __gads=ID=d2ad96d4b4c9587d-2223e77ff9ca0066:T=1634752646:RT=1634752646:S=ALNI_MYOcoU56RPIY7qR7LWvXwbnH2Lnfg; __atuvc=1%7C42; __atuvs=6170588605a48504000; exco-uid=75p7kjkpn9f1z9xk
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/sarahyasemin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Oct 2021 08:37:38 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"13c8-17c883fd89a"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
263 B 238ms
231ms XHR
application/json 104.108.144.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tumgir.com%2Fsarahyasemin

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.144.126 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-144-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.tumgir.com/sarahyasemin
last-modified: Wed, 20 Oct 2021 17:00:00 GMT
server: nginx/1.15.8
date: Wed, 20 Oct 2021 17:57:27 GMT
content-type: application/json
access-control-allow-origin: https://www.tumgir.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
290 B 249ms
242ms Script
application/json 104.108.144.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tumgir.com%2Fsarahyasemin&callback=_ate.cbs.rcb_hfl70

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.144.126 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-144-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

4772fe013a4ead83ca42122622ab56caf9c81ba1757b13c39422c8a08f3db6fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.tumgir.com/sarahyasemin
last-modified: Wed, 20 Oct 2021 17:57:27 GMT
server: nginx/1.15.8
date: Wed, 20 Oct 2021 17:57:27 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
290 B 253ms
246ms Script
application/json 104.108.144.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tumgir.com%2Fsarahyasemin&callback=_ate.cbs.rcb_he3e0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.144.126 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-144-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

795dbf4123e85f3bfc099c4674085c903dc1c8dfc3a238c74417367396682f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.tumgir.com/sarahyasemin
last-modified: Wed, 20 Oct 2021 17:57:27 GMT
server: nginx/1.15.8
date: Wed, 20 Oct 2021 17:57:27 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.m3u8 Show response
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1614978879/ 1 KB
2 KB 14ms
14ms XHR
application/x-mpegurl 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: dc6aefd662bd2c686bfaca5e86483540d9b350c79b04fba7cb947c670d2c407d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Last-Modified: Fri, 05 Mar 2021 21:14:44 GMT
Server: cloudinary
X-Timer: S1615106628.636881,VS0,VE1
ETag: "0e27c755521fc5b3b43309ac2cfa1bc3"
X-Served-By: cache-wdc5527-WDC
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=11911537
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 1337
X-Cache-Hits: 1

GET
H2 200 track
track1.aniview.com/ 0
71 B 292ms
94ms Image
text/plain 52.73.58.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.tumgir.com&sn=&cd4=3c5f2b1e-f211-49c3-9cd7-83bf8720b241&cd5=default&ic=0&tgt=0&app=&wi=531&he=299&test=&d36=6.1.2.78&apppkg=&fv=1&proto=https&pid=56ea678d181f46c76f8b45fb&cid=60a0c4acce284b4c1059cbe8&stagid=&stplid=&e=inventory&vi=100&cb=1634752647109
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.58.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-58-202.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

OPTIONS
H/1.1 200
OK landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1614978879/ Frame 0
0 11ms
11ms Preflight
text/html 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
Protocol: HTTP/1.1
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.tumgir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Wed, 20 Oct 2021 17:57:27 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H/1.1 206
Partial Content landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts Show response
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1614978879/ 150 KB
150 KB 10ms
9ms XHR
video/mp2t 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 5cb51eb41be2d2db505796f59bdf57f0f26398ae49bd6a4c81f5252c0fece526

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-153219

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Content-Range: bytes 0-153219/1091716
Connection: keep-alive
Content-Length: 153220
X-Served-By: cache-wdc5575-WDC
Last-Modified: Fri, 05 Mar 2021 21:14:44 GMT
Server: cloudinary
X-Timer: S1615106628.907687,VS0,VE1
ETag: "d8a55f70f70b1a17a1570c8a4a5195d2"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=11911548
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

GET
BLOB 200
OK 8e596b10-24b9-449b-99ce-4a40683fe2f2
https://www.tumgir.com/ 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tumgir.com/8e596b10-24b9-449b-99ce-4a40683fe2f2
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H2 200 / Show response
premiumsrv.aniview.com/api/adserver/tag/ 29 KB
4 KB 508ms
279ms XHR
application/json 3.224.226.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.86.5&AV_PAGE_LOAD_UID=3c5f2b1e-f211-49c3-9cd7-83bf8720b241&AV_CDIM4=3c5f2b1e-f211-49c3-9cd7-83bf8720b241&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.tumgir.com%2Fsarahyasemin&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=60a0c4acce284b4c1059cbe8&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.tumgir.com&AV_DADPOS=1&d36=6.1.2.78&responsive=1&avtoken=647109&AV_WIDTH=531&AV_HEIGHT=299&AV_DNT=0&cb=1634752647125
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.226.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-226-7.compute-1.amazonaws.com
Software: /
Resource Hash: 885f596947dbf1379fed844ff158b47dcbd2405d7bdcbd8b5702258b1508dec0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Sat, 09 Oct 2021 04:10:47 GMT

GET
H/1.1 200
OK landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.m3u8 Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/ 1 KB
2 KB 7ms
7ms XHR
application/x-mpegurl 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: f9c8c34cc75c3e6dc84b248f7f072a45aa82feaafef2426c414302d3875ded8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Last-Modified: Fri, 05 Mar 2021 21:14:53 GMT
Server: cloudinary
X-Timer: S1615106628.283119,VS0,VE1
ETag: "59da470c79d276667643857c8eb5268f"
X-Served-By: cache-wdc5527-WDC
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=11911657
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 1343
X-Cache-Hits: 1

OPTIONS
H/1.1 200
OK landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/ Frame 0
0 6ms
6ms Preflight
text/html 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
Protocol: HTTP/1.1
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.tumgir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Wed, 20 Oct 2021 17:57:27 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H/1.1 206
Partial Content landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/ 341 KB
341 KB 13ms
12ms XHR
video/mp2t 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 4fa05ba6fadc4cf21009fabd12acb00c067006f2f9f0ec0a1b746a2285c4e68a

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-348927

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Content-Range: bytes 0-348927/2121016
Connection: keep-alive
Content-Length: 348928
X-Served-By: cache-wdc5575-WDC
Last-Modified: Fri, 05 Mar 2021 21:14:53 GMT
Server: cloudinary
X-Timer: S1615106629.553802,VS0,VE1
ETag: "865921082c9f193b86aad4efe54e53ae"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=11911547
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

GET
H2 200 popunder.gif
microusconvilla.xyz/ 35 B
366 B 188ms
187ms Image
image/gif 13.225.78.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microusconvilla.xyz/popunder.gif
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-51.fra2.r.cloudfront.net
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: public
date: Wed, 20 Oct 2021 17:57:27 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
content-length: 58
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
x-amz-cf-id: iHHqroDtk9Sr5sgUCZ7K-mDfvO49Aze9ieMTtYJscZhfseKLZiGRIw==

OPTIONS
H/1.1 200
OK landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/ Frame 0
0 9ms
9ms Preflight
text/html 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
Protocol: HTTP/1.1
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.tumgir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Wed, 20 Oct 2021 17:57:27 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H/1.1 206
Partial Content landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/ 245 KB
246 KB 9ms
8ms XHR
video/mp2t 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 8f62db7ed633b3f403e07b4e5d62cf17236edfdcc77505a2d3279d01258bd2ee

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=348928-600283

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Content-Range: bytes 348928-600283/2121016
Connection: keep-alive
Content-Length: 251356
X-Served-By: cache-wdc5575-WDC
Last-Modified: Fri, 05 Mar 2021 21:14:53 GMT
Server: cloudinary
X-Timer: S1615106629.553802,VS0,VE1
ETag: "865921082c9f193b86aad4efe54e53ae"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=11911547
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 24ms
7ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 5146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 16:31:41 GMT

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
136 B 95ms
94ms XHR
text/plain 54.88.209.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-209-254.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tumgir.com
date: Wed, 20 Oct 2021 17:57:27 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H/1.1 206
Partial Content landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/ 252 KB
252 KB 7ms
7ms XHR
video/mp2t 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 3d8d36753d9ba77a83945be3a6f1534ce9555f42ee6d6f80d05c8c82f00acc70

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=600284-858219

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Content-Range: bytes 600284-858219/2121016
Connection: keep-alive
Content-Length: 257936
X-Served-By: cache-wdc5575-WDC
Last-Modified: Fri, 05 Mar 2021 21:14:53 GMT
Server: cloudinary
X-Timer: S1615106629.553802,VS0,VE1
ETag: "865921082c9f193b86aad4efe54e53ae"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=11911547
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

OPTIONS
H/1.1 200
OK landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/ Frame 0
0 7ms
7ms Preflight
text/html 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
Protocol: HTTP/1.1
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.tumgir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Wed, 20 Oct 2021 17:57:27 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H2 200 multi Show response
shilternimpossip.xyz/ 3 KB
2 KB 106ms
106ms XHR
text/plain 13.224.193.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shilternimpossip.xyz/multi?cs=ekRFYkhLciQEKx8gIAYrHnFzB3hK&abt=0&red=1&sm=76&k=sarahyasemin%20tumblr%20blog%20tumgir&v=1.0.53.0&sts=0&prn=0&emb=0&tid=853405&u=2233875441947274&fs=1&ref=https%3A%2F%2Fwww.tumgir.com%2Fsarahyasemin&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F93.0.4577.63%20safari%2F537.36&tzd=0&uloc=&if=0&_IfTs=1634752647420&crc=1
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-111.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: b01cda1c3e317a39b2d50eadcb54b311afe9a8373b8d9a45ca13e4697686e956

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:27 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: text/plain
content-length: 1370
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
x-amz-cf-id: hr1kp5-InoltPWaVR3fAbDLa1out2NbbF4VDtG7rbOkU0jFBS2m_6A==

GET
H2 200 floater Show response
shilternimpossip.xyz/ 2 KB
1 KB 590ms
589ms XHR
text/plain 13.224.193.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shilternimpossip.xyz/floater?cs=cmk3d2FDX1YRAhcNUhMDEFFTRVFC&abt=0&red=1&sm=83&k=sarahyasemin%20tumblr%20blog%20tumgir&v=0.8.4.0&sts=0&prn=0&emb=0&tid=852974&u=2233875441947274&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww.tumgir.com%2Fsarahyasemin&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F93.0.4577.63%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td1_oi1_&_k6MA=1634752647421&crc=1
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-111.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: ec495ff7e6721b7e00a8a1bc9a5fc2eb86bf21e35d9d1188431567a60be86add

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:27 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: text/plain
content-length: 1070
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
x-amz-cf-id: GoQNoBUwarJVezffO6otjwIhWY7HFI1HJ6AzYMzT23maUpE4V_KPrw==

GET
H/1.1 206
Partial Content landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/ 222 KB
223 KB 7ms
7ms XHR
video/mp2t 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: e0d8584604fb5cc5cecf92e6153f1e98957e3eaa92f318ac36858eabb83ab8e3

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=858220-1085511

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Content-Range: bytes 858220-1085511/2121016
Connection: keep-alive
Content-Length: 227292
X-Served-By: cache-wdc5575-WDC
Last-Modified: Fri, 05 Mar 2021 21:14:53 GMT
Server: cloudinary
X-Timer: S1615106629.553802,VS0,VE1
ETag: "865921082c9f193b86aad4efe54e53ae"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=11911547
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
Protocol: HTTP/1.1
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.tumgir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Wed, 20 Oct 2021 17:57:27 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H2

200

b510b5af4abc419fef02a8e25efe3dbac69217ac.jpg
64.media.tumblr.com/9708fe1652cdda491cafc4f6e668d5fc/25ca3e5336648d8a-c8/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/yvotoro.tumblr.com/avatar/128
https://64.media.tumblr.com/9708fe1652cdda491cafc4f6e668d5fc/25ca3e5336648d8a-c8/s128x128u_c1/b510b5af4abc419fef02a8e25efe3dbac69217ac.jpg

14 KB
14 KB

6ms
6ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/9708fe1652cdda491cafc4f6e668d5fc/25ca3e5336648d8a-c8/s128x128u_c1/b510b5af4abc419fef02a8e25efe3dbac69217ac.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9e73d1df6066e3c9edb4bb84b5774cc44667673d7fd8264575f89015371cece9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 20 Oct 2021 17:57:27 GMT
last-modified: Wed, 01 Sep 2021 11:43:31 GMT
server: nginx
x-frames: 1
etag: "a469995c661da09fd3d17950d454bf59-1498089600-66c08dc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_9708fe1652cdda491cafc4f6e668d5fc_b510b5af_128.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 14079

Redirect headers

date: Wed, 20 Oct 2021 17:57:27 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/9708fe1652cdda491cafc4f6e668d5fc/25ca3e5336648d8a-c8/s128x128u_c1/b510b5af4abc419fef02a8e25efe3dbac69217ac.jpg#_=_
x-rid: c27531f53e568d7dadd9c4c1725382c2
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

464b40bd312eeb038ce9cfcfefdfa2ea1106e004.jpg
64.media.tumblr.com/6a1cdde61f7ec9c364597675e1e1aa66/ed68f55705fdef2a-4d/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/pidgie-core.tumblr.com/avatar/128
https://64.media.tumblr.com/6a1cdde61f7ec9c364597675e1e1aa66/ed68f55705fdef2a-4d/s128x128u_c1/464b40bd312eeb038ce9cfcfefdfa2ea1106e004.jpg

7 KB
8 KB

6ms
6ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/6a1cdde61f7ec9c364597675e1e1aa66/ed68f55705fdef2a-4d/s128x128u_c1/464b40bd312eeb038ce9cfcfefdfa2ea1106e004.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

51ea5038df8065b63cbd346ab7b1eccc5d47ae17b0f4bdc88104c8d4682784f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Wed, 20 Oct 2021 17:57:27 GMT
last-modified: Sun, 13 Dec 2020 17:16:05 GMT
server: nginx
x-frames: 1
etag: "39cf6ba43b07c6f5fbbd8ae13f1297b4-1498089600-66c08dc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_6a1cdde61f7ec9c364597675e1e1aa66_464b40bd_128.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 7511

Redirect headers

date: Wed, 20 Oct 2021 17:57:27 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/6a1cdde61f7ec9c364597675e1e1aa66/ed68f55705fdef2a-4d/s128x128u_c1/464b40bd312eeb038ce9cfcfefdfa2ea1106e004.jpg#_=_
x-rid: 2df65435e081052bd4bf4c6837343984
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

avatar_c53ad5c1e88a_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/skimcasual.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_c53ad5c1e88a_128.png

18 KB
18 KB

6ms
6ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_c53ad5c1e88a_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

997c7392191e81e372d509053b7396846c7c3c6be7dacc91836d0e275ce33d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Wed, 20 Oct 2021 17:57:27 GMT
last-modified: Sat, 19 May 2018 16:36:04 GMT
server: nginx
x-frames: 1
etag: "ade7f00cac266badb5d15866a381ce0e-1498089600-17e885d"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-disposition: inline; filename="avatar_c53ad5c1e88a_128.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 18580

Redirect headers

date: Wed, 20 Oct 2021 17:57:27 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_c53ad5c1e88a_128.png#_=_
x-rid: 51fb1c2adb7ef78e385e713400310da6
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

30e3be5968097f91bb4bbcab3b3ca624def746e3.png
64.media.tumblr.com/2ded93eb576f3bce0ebf14292212adc3/62b0869ac073ed23-ae/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/ek-vitki-pixels.tumblr.com/avatar/128
https://64.media.tumblr.com/2ded93eb576f3bce0ebf14292212adc3/62b0869ac073ed23-ae/s128x128u_c1/30e3be5968097f91bb4bbcab3b3ca624def746e3.png

3 KB
3 KB

6ms
6ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/2ded93eb576f3bce0ebf14292212adc3/62b0869ac073ed23-ae/s128x128u_c1/30e3be5968097f91bb4bbcab3b3ca624def746e3.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5963426a9ee59fbc1065c9fd9e4cbc588ab2a224fcaeb5bcdb9e43c4d3083958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Wed, 20 Oct 2021 17:57:27 GMT
last-modified: Sat, 12 Dec 2020 03:08:42 GMT
server: nginx
x-frames: 1
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_2ded93eb576f3bce0ebf14292212adc3_30e3be59_128.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 3238

Redirect headers

date: Wed, 20 Oct 2021 17:57:27 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/2ded93eb576f3bce0ebf14292212adc3/62b0869ac073ed23-ae/s128x128u_c1/30e3be5968097f91bb4bbcab3b3ca624def746e3.png#_=_
x-rid: ccf3d014bb528eae8c62e954f33b18b7
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

avatar_4d130bd05231_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/allaboutrings.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_4d130bd05231_128.png

25 KB
25 KB

6ms
6ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_4d130bd05231_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b486fabf4c02bc329cfea081640ce8caca43cc1ffefe723ee4d601c1a9ef4ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Wed, 20 Oct 2021 17:57:27 GMT
last-modified: Mon, 14 Dec 2020 17:44:56 GMT
server: nginx
x-frames: 1
etag: "ad3f607c94c4354f70e971e2ad3f9724-1498089600-66c08dc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-disposition: inline; filename="avatar_4d130bd05231_128.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 25550

Redirect headers

date: Wed, 20 Oct 2021 17:57:27 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_4d130bd05231_128.png#_=_
x-rid: ba6b756a0ca3446d2af2a10dbd0895ba
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H/1.1 206
Partial Content landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/ 250 KB
251 KB 7ms
6ms XHR
video/mp2t 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 0f18e309fcf92e2169e2d640fd34f6d8ee62e0d1afd2bb6f6d27df374b0b8465

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=1085512-1341755

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Content-Range: bytes 1085512-1341755/2121016
Connection: keep-alive
Content-Length: 256244
X-Served-By: cache-wdc5575-WDC
Last-Modified: Fri, 05 Mar 2021 21:14:53 GMT
Server: cloudinary
X-Timer: S1615106629.553802,VS0,VE1
ETag: "865921082c9f193b86aad4efe54e53ae"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=11911547
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

OPTIONS
H/1.1 200
OK landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/ Frame 0
0 12ms
12ms Preflight
text/html 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
Protocol: HTTP/1.1
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.tumgir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Wed, 20 Oct 2021 17:57:27 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H/1.1 206
Partial Content landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/ 272 KB
273 KB 8ms
6ms XHR
video/mp2t 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 1e34f466de5da2df1981b2483d027834afe7d9e03fa85eec9833d9dff5744c0e

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=1341756-1620371

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Content-Range: bytes 1341756-1620371/2121016
Connection: keep-alive
Content-Length: 278616
X-Served-By: cache-wdc5575-WDC
Last-Modified: Fri, 05 Mar 2021 21:14:53 GMT
Server: cloudinary
X-Timer: S1615106629.553802,VS0,VE1
ETag: "865921082c9f193b86aad4efe54e53ae"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=11911547
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

OPTIONS
H/1.1 200
OK landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/ Frame 0
0 25ms
25ms Preflight
text/html 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
Protocol: HTTP/1.1
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.tumgir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Wed, 20 Oct 2021 17:57:27 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7A0B 14 KB
5 KB 71ms
17ms Document
text/html 72.247.225.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.32 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-32.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=61256
expires: Thu, 21 Oct 2021 10:58:23 GMT
date: Wed, 20 Oct 2021 17:57:27 GMT
vary: Accept-Encoding

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 19A9
Redirect Chain

https://pixel.advertising.com/ups/58195/sync?&gdpr=0&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58195/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58195/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP301c6004-31cf-11ec-8b7b-020b1bec13a0
https://ups.analytics.yahoo.com/ups/58195/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP301c6004-31cf-11ec-8b7b-020b1bec13a0&verify=true
https://sync.aniview.com/cookiesyncendpoint?biddername=25&key=y-3hd5S2lE2uF.rpw000dh.MQ9iqmFxtP0~A~UP301c6004-31cf-11ec-8b7b-020b1bec13a0

0
301 B

344ms
110ms

Document
text/plain

3.209.156.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?biddername=25&key=y-3hd5S2lE2uF.rpw000dh.MQ9iqmFxtP0~A~UP301c6004-31cf-11ec-8b7b-020b1bec13a0
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.156.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-156-238.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?biddername=25&key=y-3hd5S2lE2uF.rpw000dh.MQ9iqmFxtP0~A~UP301c6004-31cf-11ec-8b7b-020b1bec13a0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/
accept-encoding: gzip, deflate, br
cookie: aniC=1634752647424-957057353743-005624-003-003616
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

date: Wed, 20 Oct 2021 17:57:28 GMT
content-length: 0
set-cookie: 2_C_25=y-3hd5S2lE2uF.rpw000dh.MQ9iqmFxtP0~A~UP301c6004-31cf-11ec-8b7b-020b1bec13a0; Path=/; Domain=aniview.com; Expires=Thu, 21 Oct 2021 17:57:28 GMT; Secure; SameSite=None 2_C_25=y-3hd5S2lE2uF.rpw000dh.MQ9iqmFxtP0~A~UP301c6004-31cf-11ec-8b7b-020b1bec13a0; Path=/; Expires=Thu, 21 Oct 2021 17:57:28 GMT; Secure; SameSite=None

Redirect headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Content-Length: 0
Strict-Transport-Security: max-age=31536000
Set-Cookie: IDSYNC=18wj~212h;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Fri, 21-Oct-2022 17:57:27 GMT;Secure;SameSite=None APID=UP301c6004-31cf-11ec-8b7b-020b1bec13a0;Version=1;Domain=.yahoo.com;Path=/;Max-Age=6242552;Expires=Sat, 01-Jan-2022 00:00:00 GMT;Secure;SameSite=None APIDTS=1634752647;Version=1;Domain=.yahoo.com;Path=/;Max-Age=86400;Expires=Thu, 21-Oct-2021 17:57:27 GMT;Secure;SameSite=None A3=d=AQABBIdYcGECEMC7iYPVd3ekrpVeWl6F79MFEgEBAQGqcWF6YQAAAAAA_eMAAA&S=AQAAAtOTMwQlQPT6phi8jYg9Rtc; Expires=Thu, 20 Oct 2022 23:57:27 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=d7rs5bpgn0m47&b=3&s=tf; Expires=Thu, 20 Oct 2022 23:57:27 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.aniview.com/cookiesyncendpoint?biddername=25&key=y-3hd5S2lE2uF.rpw000dh.MQ9iqmFxtP0~A~UP301c6004-31cf-11ec-8b7b-020b1bec13a0
Age: 0
Connection: keep-alive
Server: ATS/7.1.2.138

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum.casalemedia.com/ Frame FAF6
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D42%26key%3D
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D42%26key%3D&s=190719&C=1

2 KB
3 KB

81ms
79ms

Document
text/html

72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D42%26key%3D&s=190719&C=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: de3df8b2ac8d2bd42fa59a1efbdd7ba55ec5e9d8f0bf84ecab30ca8ddab5650d

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tumgir.com/
Accept-Encoding: gzip, deflate, br
Cookie: CMID=YXBYh8Vavlha0kpap8HW3wAA; CMPS=5230
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|230|241|45|206|13|190|40
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1888
Expires: Wed, 20 Oct 2021 17:57:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 20 Oct 2021 17:57:27 GMT
Connection: keep-alive
Set-Cookie: CMID=YXBYh8Vavlha0kpap8HW3wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 20 Oct 2022 17:57:27 GMT CMPS=5230;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 18 Jan 2022 17:57:27 GMT CMPRO=1214;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 18 Jan 2022 17:57:27 GMT CMRUM3=be6170588705a0&e6617058872760&286170588705a00&0d6170588705a0&27617058870b40&ce6170588705a0&2d6170588705a0&f16170588705a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 20 Oct 2022 17:57:27 GMT CMST=YXBYh2FwWIcA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 21 Oct 2021 17:57:27 GMT

Redirect headers

Server: Apache
Content-Length: 379
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D42%26key%3D&s=190719&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 20 Oct 2021 17:57:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 20 Oct 2021 17:57:27 GMT
Connection: keep-alive
Set-Cookie: CMID=YXBYh8Vavlha0kpap8HW3wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 20 Oct 2022 17:57:27 GMT CMPS=5230;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 18 Jan 2022 17:57:27 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 9309
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east

281 B
554 B

56ms
15ms

Document
text/html

23.202.133.15
CW Vodafone Group...

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.133.15 , Netherlands, ASN1273 (CW Vodafone Group PLC, EU),
Reverse DNS: a23-202-133-15.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tumgir.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
ETag: "403b8-119-5cd3a8e7e6a80"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Oct 2021 17:57:27 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Date: Wed, 20 Oct 2021 17:57:27 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
136 B 94ms
93ms XHR
text/plain 54.88.209.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-209-254.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tumgir.com
date: Wed, 20 Oct 2021 17:57:27 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame 845D 303 KB
95 KB 20ms
19ms Script
application/javascript 104.107.161.131
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.107.161.131 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-161-131.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: ac7b9f46edcec0a88c11c18bf0a08879953bfd042486c0a2a7c58426df25088c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvRcM3FT27v9w2wkQdUwpKGi5oJkptFCtE9WJActJF85hpKlYsEZyiKmfzUDzmUb2eITCP_8FlhhW_Db6einFw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 96232
last-modified: Wed, 13 Oct 2021 06:16:58 GMT
server: UploadServer
etag: "ad7ef38cf13e26516d10222fcdb4ead3"
vary: Accept-Encoding
x-goog-hash: crc32c=vtLYAw==, md5=rX7zjPE+JlFtECIvzbTq0w==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1634105818129804
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 96232
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Oct 2021 18:02:27 GMT

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/216843/0/ 168 B
378 B 75ms
24ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/216843/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fwww.tumgir.com%2Fsarahyasemin&w=531&h=299&cbb=4752647648
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:27 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://www.tumgir.com
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/236690/0/ 168 B
378 B 66ms
15ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/236690/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fwww.tumgir.com%2Fsarahyasemin&w=531&h=299&cbb=4752647652
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:27 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://www.tumgir.com
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H2 200 track
track1.aniview.com/ 0
70 B 94ms
94ms Image
text/plain 52.73.58.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=17424&t=1634752647&cip=216.131.114.78&sn=&tgt=0&osv=10&bv=93.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1634752647424-957057353743-005624-003-003616&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.78&cb=15848933133&cd4=3c5f2b1e-f211-49c3-9cd7-83bf8720b241&cd5=default&cd1=4.86.5&d9=0000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&nid=56ea678d181f46c76f8b45fb&ncid=60a0c4acce284b4c1059cbe8&e=request&cb=1634752647653&asid=5fa2a98bba80693a416064d7%2C5fcdefa2d427f057da5608a9%2C5ee3dc1a4ee7aa5daa237473%2C5fc8b1c9ba2b560f616098b8%2C5f105ed09463693c846d8195%2C5ee3d57071193a26344a4076%2C60ebfe94ebe867570438e997%2C5f8c4fcaf3eefc7b4d24fc09%2C5fbe1a1fd09dbe29472667bb%2C61472c92b1b3883110127b4a%2C6074427669b79365fb434204%2C5ff1826de52e2f2dd148e0f4%2C5f914c8144ecc572d3625cbc%2C5fa2711a54dbb238c9289f7d%2C60ebfe86a4a7792110515aa4%2C5f105caeb43a424add3607a7&ofpr=%2C%2C%2C3%2C3%2C%2C%2C%2C4%2C3%2C%2C3.5%2C%2C2%2C%2C5&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.58.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-58-202.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/216513/0/ 168 B
378 B 72ms
22ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fwww.tumgir.com%2Fsarahyasemin&w=531&h=299&cbb=4752647653
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:27 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://www.tumgir.com
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

POST
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
233 B 902ms
687ms XHR
text/plain 18.215.74.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=06081231d8ce4890a2dc53087b870369_1723161206&wpm=&ssrtb=&pbjs=&tms=450&AV_C_USER_ID=1634752647424-957057353743-005624-003-003616&VERSION=4.86.5&AV_PAGE_LOAD_UID=3c5f2b1e-f211-49c3-9cd7-83bf8720b241&AV_CDIM4=3c5f2b1e-f211-49c3-9cd7-83bf8720b241&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.tumgir.com%2Fsarahyasemin&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=60a0c4acce284b4c1059cbe8&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.tumgir.com&AV_DADPOS=1&d36=6.1.2.78&responsive=1&avtoken=647109&AV_WIDTH=531&AV_HEIGHT=299&AV_DNT=0&cb=4752647653&tgt=0&&AV_VI=100&AV_VID=0
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.215.74.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-215-74-57.compute-1.amazonaws.com
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:28 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Sat, 09 Oct 2021 04:10:48 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 93ms
93ms Image
text/plain 52.73.58.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=17424&t=1634752647&cip=216.131.114.78&sn=&tgt=0&osv=10&bv=93.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1634752647424-957057353743-005624-003-003616&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.78&cb=15848933133&cd4=3c5f2b1e-f211-49c3-9cd7-83bf8720b241&cd5=default&cd1=4.86.5&d9=0000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&nid=56ea678d181f46c76f8b45fb&ncid=60a0c4acce284b4c1059cbe8&e=request&cb=1634752647654&asid=5eb93f6a62a3b73cda792534%2C5f295a4c20397419bb33f503%2C5fbe5add3443ef680f0480d7%2C613f09913b523b0e5f72ea5a&ofpr=2%2C3%2C%2C3&fpo=%2C%2C%2C
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.58.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-58-202.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content 309538 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 95ms
34ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/309538?src_sys=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
X-SpotX-Timing-Transform: 0.001283
X-SpotX-Timing-SpotMarket: 0.009605
X-SpotX-Timing-Page-Mux: 0.001416
X-SpotX-Timing-Page-Require: 0.000524
X-fe: 071
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000035
X-SpotX-Timing-Page: 0.017272
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000389
Last-Modified: Wed, 20 Oct 2021 17:57:27 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.009605
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumgir.com
X-SpotX-Timing-Page-Misc: 0.004004
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000015
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 287223 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 87ms
26ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/287223?src_sys=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
X-SpotX-Timing-Transform: 0.000376
X-SpotX-Timing-SpotMarket: 0.006465
X-SpotX-Timing-Page-Mux: 0.000883
X-SpotX-Timing-Page-Require: 0.000349
X-fe: 087
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000021
X-SpotX-Timing-Page: 0.010987
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000296
Last-Modified: Wed, 20 Oct 2021 17:57:27 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.006465
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumgir.com
X-SpotX-Timing-Page-Misc: 0.002585
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 101ms
57ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumgir.com
date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content 295187 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 90ms
35ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/295187?src_sys=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
X-SpotX-Timing-Transform: 0.000683
X-SpotX-Timing-SpotMarket: 0.012869
X-SpotX-Timing-Page-Mux: 0.000947
X-SpotX-Timing-Page-Require: 0.000398
X-fe: 091
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000049
X-SpotX-Timing-Page: 0.018674
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000328
Last-Modified: Wed, 20 Oct 2021 17:57:27 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.012869
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumgir.com
X-SpotX-Timing-Page-Misc: 0.003387
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
215 B 285ms
245ms XHR
application/json 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PlaybuzzHB
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.16.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-16-69.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
215 B 291ms
251ms XHR
application/json 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PlaybuzzHB
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.16.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-16-69.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumgir.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 204 mvo Show response
tag.1rx.io/rmp/217532/0/ 0
170 B 47ms
18ms XHR
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/217532/0/mvo?z=1r&hbv=5.16,2.1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumgir.com
pragma: no-cache
date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 97ms
56ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumgir.com
date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content 295188 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 83ms
31ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/295188?src_sys=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
X-SpotX-Timing-Transform: 0.000336
X-SpotX-Timing-SpotMarket: 0.009519
X-SpotX-Timing-Page-Mux: 0.001153
X-SpotX-Timing-Page-Require: 0.000783
X-fe: 079
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000036
X-SpotX-Timing-Page: 0.015559
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000776
Last-Modified: Wed, 20 Oct 2021 17:57:27 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.009519
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumgir.com
X-SpotX-Timing-Page-Misc: 0.002939
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000017
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 134ms
95ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumgir.com
date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7A0B 5 KB
6 KB 40ms
13ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85519009&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 4d3c44af1fc3f44b032d4db692e82bf7c89525fee886b116c55ecc1d2cae8cac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9309 31 KB
9 KB 18ms
18ms Script
text/html 23.202.133.15
CW Vodafone Group...

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.133.15 , Netherlands, ASN1273 (CW Vodafone Group PLC, EU),
Reverse DNS: a23-202-133-15.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:24:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=10012
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9275
Expires: Wed, 20 Oct 2021 20:44:19 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 8EA2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=CECD869C-1006-40EE-991E-3ECBBE9AEC6D
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CECD869C-1006-40EE-991E-3ECBBE9AEC6D

35 B
467 B

19ms
18ms

Document
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CECD869C-1006-40EE-991E-3ECBBE9AEC6D

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=CECD869C-1006-40EE-991E-3ECBBE9AEC6D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 20 Oct 2021 17:57:27 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=887302167743229180; expires=Sun, 19 Dec 2021 17:57:27 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Wed, 20 Oct 2021 17:57:27 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CECD869C-1006-40EE-991E-3ECBBE9AEC6D
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Sat, 20 Nov 2021 17:57:27 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame AFB9
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4459924645650214302

42 B
210 B

13ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4459924645650214302
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4459924645650214302
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: KADUSERCOOKIE=CECD869C-1006-40EE-991E-3ECBBE9AEC6D; chkChromeAb67Sec=1; DPSync3=1635897600%3A201_197_219%7C1634774400%3A174; SyncRTB3=1635897600%3A222_231_166_220_21_13_55_81_176_56_54_8_71_99_3_165_189_204_88_161_7_234_22_230%7C1635292800%3A223_15_2%7C1635552000%3A63%7C1635984000%3A35%7C1637280000%3A203; KRTBCOOKIE_1101=23040-7021209155932715161; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:23d66170-5887-4d00-954c-2fd3c8ff6970&KRTB&16736-uid:23d66170-5887-4d00-954c-2fd3c8ff6970&KRTB&23019-uid:23d66170-5887-4d00-954c-2fd3c8ff6970&KRTB&23114-uid:23d66170-5887-4d00-954c-2fd3c8ff6970; KRTBCOOKIE_80=22987-CAESEG5UCJ1GuQHIuFZ50uZ_vuo&KRTB&16514-CAESEG5UCJ1GuQHIuFZ50uZ_vuo&KRTB&23025-CAESEG5UCJ1GuQHIuFZ50uZ_vuo; KRTBCOOKIE_409=22966-rS6Ebo08hazP1eSxLVplXrf1; KRTBCOOKIE_391=22924-5361780559653149434&KRTB&23263-5361780559653149434; PugT=1634752647; KRTBCOOKIE_57=22776-1456369992627948945
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 20 Oct 2021 17:57:27 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-4459924645650214302; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 19-Nov-2021 17:57:27 GMT; path=/ PugT=1634752647; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 19-Nov-2021 17:57:27 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 18-Jan-2022 17:57:27 GMT; path=/
x-lat: amspug016:0:444
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4459924645650214302
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame CFF8 43 B
334 B 49ms
15ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Wed, 20 Oct 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 289477

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F78E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7021209155932715161

42 B
385 B

43ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7021209155932715161
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7021209155932715161
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: KADUSERCOOKIE=CECD869C-1006-40EE-991E-3ECBBE9AEC6D; chkChromeAb67Sec=1; DPSync3=1635897600%3A201_197_219%7C1634774400%3A174; SyncRTB3=1635897600%3A222_231_166_220_21_13_55_81_176_56_54_8_71_99_3_165_189_204_88_161_7_234_22_230%7C1635292800%3A223_15_2%7C1635552000%3A63%7C1635984000%3A35%7C1637280000%3A203
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 20 Oct 2021 17:57:27 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-7021209155932715161; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 19-Nov-2021 17:57:27 GMT; path=/ PugT=1634752647; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 19-Nov-2021 17:57:27 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 18-Jan-2022 17:57:27 GMT; path=/
x-lat: amspug004:0:792
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Wed, 20 Oct 2021 17:57:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=7021209155932715161; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7021209155932715161

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 993B
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDM0swN0M0TEVBQUM5Z2VhUFVIUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC3K07C4LEAAC9geaPUHQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC3K07C4LEAAC9geaPUHQ&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC3K07C4LEAAC9geaPUHQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...

43 B
163 B

474ms
164ms

Document
image/gif

199.187.193.185
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC3K07C4LEAAC9geaPUHQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.185 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host: rtb-csync.smartadserver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 20 Oct 2021 17:57:28 GMT
content-type: image/gif
transfer-encoding: chunked

Redirect headers

Date: Wed, 20 Oct 2021 17:57:28 GMT
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC3K07C4LEAAC9geaPUHQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0D4C
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
243 B

21ms
13ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: KADUSERCOOKIE=CECD869C-1006-40EE-991E-3ECBBE9AEC6D; chkChromeAb67Sec=1; DPSync3=1635897600%3A201_197_219%7C1634774400%3A174; SyncRTB3=1635897600%3A222_231_166_220_21_13_55_81_176_56_54_8_71_99_3_165_189_204_88_161_7_234_22_230%7C1635292800%3A223_15_2%7C1635552000%3A63%7C1635984000%3A35%7C1637280000%3A203
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 20 Oct 2021 17:57:27 GMT
content-type: text/html; charset=utf-8
x-lat: amspug003:2:240
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

set-cookie: viewer_token=a18e84de-6722-4548-b0ab-0475b076a076; path=/; domain=csync.loopme.me; Expires=Sat, 20-Nov-2021 17:57:27 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length: 0
date: Wed, 20 Oct 2021 17:57:27 GMT
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3688
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6604464447
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6604464447
https://sync.1rx.io/usersync/tradedesk/29a56fe8-28c7-4d86-85cb-0867896ffed7
https://sync.targeting.unrulymedia.com/csync/RX-f27a3038-659a-463d-a039-36c23fbb7438-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f27a3038-659a-463d-a039-36c23fbb7438-003

42 B
228 B

15ms
12ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f27a3038-659a-463d-a039-36c23fbb7438-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f27a3038-659a-463d-a039-36c23fbb7438-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: KADUSERCOOKIE=CECD869C-1006-40EE-991E-3ECBBE9AEC6D; chkChromeAb67Sec=1; DPSync3=1635897600%3A201_197_219%7C1634774400%3A174; SyncRTB3=1635897600%3A222_231_166_220_21_13_55_81_176_56_54_8_71_99_3_165_189_204_88_161_7_234_22_230%7C1635292800%3A223_15_2%7C1635552000%3A63%7C1635984000%3A35%7C1637280000%3A203; KRTBCOOKIE_1101=23040-7021209155932715161; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:23d66170-5887-4d00-954c-2fd3c8ff6970&KRTB&16736-uid:23d66170-5887-4d00-954c-2fd3c8ff6970&KRTB&23019-uid:23d66170-5887-4d00-954c-2fd3c8ff6970&KRTB&23114-uid:23d66170-5887-4d00-954c-2fd3c8ff6970; KRTBCOOKIE_80=22987-CAESEG5UCJ1GuQHIuFZ50uZ_vuo&KRTB&16514-CAESEG5UCJ1GuQHIuFZ50uZ_vuo&KRTB&23025-CAESEG5UCJ1GuQHIuFZ50uZ_vuo; KRTBCOOKIE_409=22966-rS6Ebo08hazP1eSxLVplXrf1; KRTBCOOKIE_391=22924-5361780559653149434&KRTB&23263-5361780559653149434; KRTBCOOKIE_57=22776-1456369992627948945; SPugT=1634752646; KRTBCOOKIE_336=5844-4459924645650214302; KRTBCOOKIE_153=19420-hxsKHIQSBRucTlsa0B0QSINOChScGAsd00xngis_&KRTB&22979-hxsKHIQSBRucTlsa0B0QSINOChScGAsd00xngis_; PugT=1634752646; KRTBCOOKIE_377=6810-29a56fe8-28c7-4d86-85cb-0867896ffed7&KRTB&22918-29a56fe8-28c7-4d86-85cb-0867896ffed7&KRTB&23031-29a56fe8-28c7-4d86-85cb-0867896ffed7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 20 Oct 2021 17:57:26 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_594=17107-RX-f27a3038-659a-463d-a039-36c23fbb7438-003; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 19-Nov-2021 17:57:26 GMT; path=/ PugT=1634752646; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 19-Nov-2021 17:57:26 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 18-Jan-2022 17:57:26 GMT; path=/
x-lat: amspug019:0:421
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Wed, 20 Oct 2021 17:57:28 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-f27a3038-659a-463d-a039-36c23fbb7438-003%22%7D; path=/; expires=Thu, 20 Oct 2022 17:57:28 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f27a3038-659a-463d-a039-36c23fbb7438-003
etag: RXf27a3038659a463da03936c23fbb7438003

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame A2A4 43 B
408 B 72ms
13ms Document
image/gif 72.251.241.196
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-5
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2 404 dpe Show response
ad4m.at/ad/ Frame CA8C 15 B
915 B 102ms
54ms Document
text/plain 104.21.192.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.192.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
content-type: text/plain; charset=utf-8
content-length: 15
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a1420f12bccf9ce-PRG

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 2C77
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rS6Ebo08hazP1eSxLVplXrf1

42 B
295 B

38ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rS6Ebo08hazP1eSxLVplXrf1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rS6Ebo08hazP1eSxLVplXrf1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: KADUSERCOOKIE=CECD869C-1006-40EE-991E-3ECBBE9AEC6D; chkChromeAb67Sec=1; DPSync3=1635897600%3A201_197_219%7C1634774400%3A174; SyncRTB3=1635897600%3A222_231_166_220_21_13_55_81_176_56_54_8_71_99_3_165_189_204_88_161_7_234_22_230%7C1635292800%3A223_15_2%7C1635552000%3A63%7C1635984000%3A35%7C1637280000%3A203
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 20 Oct 2021 17:57:27 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_409=22966-rS6Ebo08hazP1eSxLVplXrf1; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 19-Nov-2021 17:57:26 GMT; path=/ PugT=1634752646; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 19-Nov-2021 17:57:26 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 18-Jan-2022 17:57:26 GMT; path=/
x-lat: amspug016:0:476
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Wed, 20 Oct 2021 17:57:27 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=rS6Ebo08hazP1eSxLVplXrf1; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rS6Ebo08hazP1eSxLVplXrf1
strict-transport-security: max-age=0; includeSubDomains;

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 506D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
425 B

194ms
185ms

Document
image/gif

104.18.12.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: ANON_ID=axnoeUsKBRwFmDqS86jyDGtarYMTBfXD1UaccZd0G
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 20 Oct 2021 17:57:28 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=a7nsIHwyEojpuMNpbIFuZdjBov7SqjgHauC2WryrUmTyrZbIV6Zb12d1KgHkDtQ2sGIuwh75K29bnB0MZa5E3xZbYVEsJ; path=/; domain=.tribalfusion.com; expires=Tue, 18-Jan-2022 17:57:28 GMT; SameSite=None; Secure; ANON_ID_old=a7nsIHwyEojpuMNpbIFuZdjBov7SqjgHauC2WryrUmTyrZbIV6Zb12d1KgHkDtQ2sGIuwh75K29bnB0MZa5E3xZbYVEsJ; path=/; domain=.tribalfusion.com; expires=Tue, 18-Jan-2022 17:57:28 GMT;
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a1420f26e304120-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Wed, 20 Oct 2021 17:57:28 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 616
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=axnoeUsKBRwFmDqS86jyDGtarYMTBfXD1UaccZd0G; path=/; domain=.tribalfusion.com; expires=Tue, 18-Jan-2022 17:57:27 GMT; SameSite=None; Secure; ANON_ID_old=axnoeUsKBRwFmDqS86jyDGtarYMTBfXD1UaccZd0G; path=/; domain=.tribalfusion.com; expires=Tue, 18-Jan-2022 17:57:27 GMT;
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a1420f12aa84120-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame C4A4
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7316af20-5de5-4d03-af98-2b0d423896dc-tuct869de07&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
53 B

23ms
14ms

Document
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7316af20-5de5-4d03-af98-2b0d423896dc-tuct869de07&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7316af20-5de5-4d03-af98-2b0d423896dc-tuct869de07&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: t_gid=7316af20-5de5-4d03-af98-2b0d423896dc-tuct869de07
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Wed, 20 Oct 2021 17:57:27 GMT
via: 1.1 varnish
x-served-by: cache-hhn4028-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1634752648.861502,VS0,VE8
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=7316af20-5de5-4d03-af98-2b0d423896dc-tuct869de07;Version=1;Path=/;Domain=.taboola.com;Expires=Thu, 20-Oct-2022 17:57:27 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7316af20-5de5-4d03-af98-2b0d423896dc-tuct869de07&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Wed, 20 Oct 2021 17:57:27 GMT
via: 1.1 varnish
x-served-by: cache-hhn4028-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1634752648.833782,VS0,VE9
x-vcl-time-ms: 9
content-length: 0

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame A5A9 0
44 B 301ms
97ms Document
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 Albuquerque, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Wed, 20 Oct 2021 17:57:27 GMT
server: b

GET
H2 200 cookiesyncendpoint Show response
sync.aniview.com/ Frame 8040 0
244 B 280ms
109ms Document
text/plain 3.209.156.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1634752647424-957057353743-005624-003-003616&biddername=1&key=CECD869C-1006-40EE-991E-3ECBBE9AEC6D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.156.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-156-238.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1634752647424-957057353743-005624-003-003616&biddername=1&key=CECD869C-1006-40EE-991E-3ECBBE9AEC6D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: aniC=1634752647424-957057353743-005624-003-003616
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 20 Oct 2021 17:57:28 GMT
content-length: 0
set-cookie: 2_C_1=CECD869C-1006-40EE-991E-3ECBBE9AEC6D; Path=/; Domain=aniview.com; Expires=Thu, 21 Oct 2021 17:57:28 GMT; Secure; SameSite=None 2_C_1=CECD869C-1006-40EE-991E-3ECBBE9AEC6D; Path=/; Expires=Thu, 21 Oct 2021 17:57:28 GMT; Secure; SameSite=None

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7A0B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zs2GnBAGQO6ZHj7LvprsbQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

22ms
17ms

Image
text/html

72.247.225.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.32 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-32.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=61256
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Thu, 21 Oct 2021 10:58:23 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 7A0B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=62286170-5887-4200-8506-ecbcf1fc068d

0
260 B

70ms
18ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=62286170-5887-4200-8506-ecbcf1fc068d
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x5 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=62286170-5887-4200-8506-ecbcf1fc068d
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 20 Oct 2021 17:57:26 GMT

GET
H/1.1

200
OK

33141
tags.bluekai.com/site/ Frame 7A0B
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=CECD869C-1006-40EE-991E-3ECBBE9AEC6D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=29a56fe8-28c7-4d86-85cb-0867896ffed7&icm
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=b3c6d7fa8ea65db5

62 B
304 B

476ms
406ms

Image
image/gif

104.108.144.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=b3c6d7fa8ea65db5
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.144.235 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-235.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:28 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=b3c6d7fa8ea65db5
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7A0B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0VDRDg2OUMtMTAwNi00MEVFLTk5MUUtM0VDQkJFOUFFQzZE&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
341 B

33ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
cache-control: no-store, no-cache, private
x-lat: amspug018:0:431
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7A0B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG5UCJ1GuQHIuFZ50uZ_vuo&google_cver=1

42 B
440 B

41ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG5UCJ1GuQHIuFZ50uZ_vuo&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: no-store, no-cache, private
x-lat: amspug020:0:698
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG5UCJ1GuQHIuFZ50uZ_vuo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 7A0B 43 B
611 B 84ms
18ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 19 Oct 2021 17:57:27 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7A0B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:23d66170-5887-4d00-954c-2fd3c8ff6970&gdpr=0&gdpr_consent=

42 B
342 B

13ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:23d66170-5887-4d00-954c-2fd3c8ff6970&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:417
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Server: MT3 4033 f73cd20 master cdg-pixel-x28 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:23d66170-5887-4d00-954c-2fd3c8ff6970&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 20 Oct 2021 17:57:26 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7A0B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5361780559653149434

42 B
234 B

13ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5361780559653149434
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: no-store, no-cache, private
x-lat: amspug016:0:520
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:27 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5361780559653149434
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7A0B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=29a56fe8-28c7-4d86-85cb-0867896ffed7

42 B
451 B

15ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=29a56fe8-28c7-4d86-85cb-0867896ffed7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
cache-control: no-store, no-cache, private
x-lat: amspug019:0:420
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:27 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=29a56fe8-28c7-4d86-85cb-0867896ffed7
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7A0B
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1456369992627948945&gdpr=0&gdpr_consent=

42 B
210 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1456369992627948945&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:485
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 17:57:27 GMT
X-Proxy-Origin: 216.131.114.78; 216.131.114.78; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b88dc610-9afc-46b7-a241-558db590dcba
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1456369992627948945&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7A0B
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hxsKHIQSBRucTlsa0B0QSINOChScGAsd00xngis_

42 B
269 B

14ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hxsKHIQSBRucTlsa0B0QSINOChScGAsd00xngis_
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
cache-control: no-store, no-cache, private
x-lat: amspug007:0:544
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hxsKHIQSBRucTlsa0B0QSINOChScGAsd00xngis_
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 7A0B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CECD869C-1006-40EE-991E-3ECBBE9AEC6D&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O6Y.3apE2uUSpBUYuGMJroXKhEz51qQ-~A&gdpr=0&gdpr_consent=

0
128 B

14ms
14ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O6Y.3apE2uUSpBUYuGMJroXKhEz51qQ-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O6Y.3apE2uUSpBUYuGMJroXKhEz51qQ-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2 200 CECD869C-1006-40EE-991E-3ECBBE9AEC6D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7A0B 43 B
920 B 116ms
36ms Image
image/gif 212.82.100.176
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/CECD869C-1006-40EE-991E-3ECBBE9AEC6D?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.176 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

pr-bh-ing.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 1
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7A0B
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=86f8a319-95c0-44fb-a0cd-9620c1800187
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk8d5c1e47-e42f-46ea-a0c0-697f2224a8c6&expires=7&user_group=5&ssp=pubmatic&bsw_param=86f8a319-95c0-44fb-a0cd-9620c1800187
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=86f8a319-95c0-44fb-a0cd-9620c1800187&gdpr=&gdpr_consent=&gdpr_pd=

1 B
180 B

13ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=86f8a319-95c0-44fb-a0cd-9620c1800187&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: no-store, no-cache, private
x-lat: amspug007:0:458
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=86f8a319-95c0-44fb-a0cd-9620c1800187&gdpr=&gdpr_consent=&gdpr_pd=
Date: Wed, 20 Oct 2021 17:57:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7A0B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YXBYiAAAAd5FxQAR&gdpr=0&gdpr_consent=&_test=YXBYiAAAAd5FxQAR

1 B
236 B

14ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YXBYiAAAAd5FxQAR&gdpr=0&gdpr_consent=&_test=YXBYiAAAAd5FxQAR
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:442
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:28 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1634752648.064535,VS0,VE0
x-served-by: cache-hhn4044-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YXBYiAAAAd5FxQAR&gdpr=0&gdpr_consent=&_test=YXBYiAAAAd5FxQAR
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 7A0B 0
104 B 74ms
28ms Image
text/plain 63.215.202.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CECD869C-1006-40EE-991E-3ECBBE9AEC6D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams01-login.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7A0B
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8198753215830979873&gdpr=0&gdpr_consent=&us_privacy=

1 B
168 B

13ms
12ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8198753215830979873&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: no-store, no-cache, private
x-lat: amspug010:0:410
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8198753215830979873&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7A0B
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=193478ad-f5a1-42bb-a274-d8b5b8eaab87-61705888-5553&gdpr=0&gdpr_consent=

42 B
232 B

13ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=193478ad-f5a1-42bb-a274-d8b5b8eaab87-61705888-5553&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:26 GMT
cache-control: no-store, no-cache, private
x-lat: amspug013:0:402
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:27 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=193478ad-f5a1-42bb-a274-d8b5b8eaab87-61705888-5553&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7A0B
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:46f736ee-bbf0-4937-94ed-34dc5b1e98da&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

13ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:46f736ee-bbf0-4937-94ed-34dc5b1e98da&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: no-store, no-cache, private
x-lat: amspug014:0:336
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:46f736ee-bbf0-4937-94ed-34dc5b1e98da&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Wed, 20 Oct 2021 17:57:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7A0B
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1456369992627948945

42 B
110 B

14ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1456369992627948945
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:27 GMT
cache-control: no-store, no-cache, private
x-lat: amspug001:0:272
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 17:57:28 GMT
X-Proxy-Origin: 216.131.114.78; 216.131.114.78; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c853e2ab-cb61-4abd-9104-693cd84d0877
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1456369992627948945
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 d1ba4609
rtb.gumgum.com/getuid/ Frame 7A0B 35 B
238 B 107ms
32ms Image
image/gif 52.208.41.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-41-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:28 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 9309 284 B
536 B 263ms
12ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame FAF6 70 B
264 B 44ms
43ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame FAF6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXBYh8Vavlha0kpap8HW3wAABL4AAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECKyzNo_XY9tzM6ag1AU0MQ&google_cver=1

43 B
315 B

192ms
59ms

Image
image/gif

72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECKyzNo_XY9tzM6ag1AU0MQ&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 17:57:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 20 Oct 2021 17:57:28 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECKyzNo_XY9tzM6ag1AU0MQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame FAF6
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXBYh8Vavlha0kpap8HW3wAABL4AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXBYh8Vavlha0kpap8HW3wAABL4AAAIB&dcc=t

43 B
645 B

101ms
101ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXBYh8Vavlha0kpap8HW3wAABL4AAAIB&dcc=t

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D42%26key%3D&s=190719&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 17:57:28 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NCJ5596EZ8ZAS5CSJRAR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 17:57:28 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: SF4KDZ9ZHRJPJTVXHNY9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXBYh8Vavlha0kpap8HW3wAABL4AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FAF6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXBYh8Vavlha0kpap8HW3wAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKEmB6aOXXX9k24BqoDZ3C8&google_cver=1&gdpr=1

43 B
1000 B

32ms
32ms

Image
image/gif

72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKEmB6aOXXX9k24BqoDZ3C8&google_cver=1&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 17:57:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 17:57:28 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKEmB6aOXXX9k24BqoDZ3C8&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame FAF6 0
234 B 12ms
11ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YXBYh8Vavlha0kpap8HW3wAABL4AAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:27 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FAF6
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

43 B
1 KB

50ms
50ms

Image
image/gif

72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 17:57:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 17:57:30 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Date: Wed, 20 Oct 2021 17:57:29 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin
Keep-Alive: timeout=5

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame FAF6 0
0 17ms
16ms Image
text/html 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.242 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 cookiesyncendpoint
sync.aniview.com/ Frame FAF6 0
232 B 125ms
110ms Image
text/plain 3.209.156.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1634752647424-957057353743-005624-003-003616&biddername=42&key=YXBYh8Vavlha0kpap8HW3wAA%261214
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.156.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-156-238.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:28 GMT
content-length: 0

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 2D62
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

97ms
97ms

Document
text/html

18.213.10.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.10.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-10-151.compute-1.amazonaws.com
Software: /
Resource Hash: e120f16c33d44cf306add0761100e100841a2aacc26a997a23f9a81324122758

Request headers

:method: GET
:authority: um2.eqads.com
:scheme: https
:path: /um/cs&eq_cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssum.casalemedia.com/
accept-encoding: gzip, deflate, br
cookie: EQUser=UID=b169eef4-62a5-4143-961c-d89cbaa239db
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/

Response headers

date: Wed, 20 Oct 2021 17:57:28 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Wed, 20 Oct 2021 17:57:28 GMT
pragma: no-cache

Redirect headers

date: Wed, 20 Oct 2021 17:57:28 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1
set-cookie: EQUser=UID=b169eef4-62a5-4143-961c-d89cbaa239db; Path=/; Domain=eqads.com; Expires=Thu, 20 Jan 2022 17:57:28 GMT; Secure; SameSite=None

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame 2D62 43 B
1 KB 32ms
32ms Image
image/gif 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=b169eef4-62a5-4143-961c-d89cbaa239db&expiration=1642701448
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 17:57:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 17:57:28 GMT

POST
H/1.1 200 371.json Show response
id5-sync.com/g/v2/ 212 B
531 B 36ms
8ms XHR
application/json 51.89.21.31
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/371.json

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.31 , Germany, ASN16276 (OVH, FR),

Reverse DNS

p22.id5-sync.com

Software

Resource Hash

9b45dba9231da55f54a26f60a8ca50d8ed6e652e9de39c8789e9a2426a99cfb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumgir.com
Date: Wed, 20 Oct 2021 17:57:28 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2DFC 14 KB
5 KB 20ms
19ms Document
text/html 72.247.225.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.32 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-32.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?kdntuid=1&p=158901
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/
accept-encoding: gzip, deflate, br
cookie: KCCH=YES; KADUSERCOOKIE=CECD869C-1006-40EE-991E-3ECBBE9AEC6D; chkChromeAb67Sec=1; DPSync3=1635897600%3A201_197_219%7C1634774400%3A174; SyncRTB3=1635897600%3A222_231_166_220_21_13_55_81_176_56_54_8_71_99_3_165_189_204_88_161_7_234_22_230%7C1635292800%3A223_15_2%7C1635552000%3A63%7C1635984000%3A35%7C1637280000%3A203; KRTBCOOKIE_1101=23040-7021209155932715161; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:23d66170-5887-4d00-954c-2fd3c8ff6970&KRTB&16736-uid:23d66170-5887-4d00-954c-2fd3c8ff6970&KRTB&23019-uid:23d66170-5887-4d00-954c-2fd3c8ff6970&KRTB&23114-uid:23d66170-5887-4d00-954c-2fd3c8ff6970; KRTBCOOKIE_80=22987-CAESEG5UCJ1GuQHIuFZ50uZ_vuo&KRTB&16514-CAESEG5UCJ1GuQHIuFZ50uZ_vuo&KRTB&23025-CAESEG5UCJ1GuQHIuFZ50uZ_vuo; KRTBCOOKIE_409=22966-rS6Ebo08hazP1eSxLVplXrf1; KRTBCOOKIE_391=22924-5361780559653149434&KRTB&23263-5361780559653149434; KRTBCOOKIE_57=22776-1456369992627948945; SPugT=1634752646; KRTBCOOKIE_336=5844-4459924645650214302; KRTBCOOKIE_153=19420-hxsKHIQSBRucTlsa0B0QSINOChScGAsd00xngis_&KRTB&22979-hxsKHIQSBRucTlsa0B0QSINOChScGAsd00xngis_; KRTBCOOKIE_377=6810-29a56fe8-28c7-4d86-85cb-0867896ffed7&KRTB&22918-29a56fe8-28c7-4d86-85cb-0867896ffed7&KRTB&23031-29a56fe8-28c7-4d86-85cb-0867896ffed7; KRTBCOOKIE_22=14911-8198753215830979873; KRTBCOOKIE_594=17107-RX-f27a3038-659a-463d-a039-36c23fbb7438-003; KRTBCOOKIE_188=3189-193478ad-f5a1-42bb-a274-d8b5b8eaab87-61705888-5553; KRTBCOOKIE_218=4056-YXBYiAAAAd5FxQAR&KRTB&22978-YXBYiAAAAd5FxQAR&KRTB&23194-YXBYiAAAAd5FxQAR&KRTB&23209-YXBYiAAAAd5FxQAR; PugT=1634752647; KRTBCOOKIE_466=16530-86f8a319-95c0-44fb-a0cd-9620c1800187
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=61255
expires: Thu, 21 Oct 2021 10:58:23 GMT
date: Wed, 20 Oct 2021 17:57:28 GMT
vary: Accept-Encoding

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
https://pixel.advertising.com/ups/55986/sync?uid=YXBYiAAAAd5FxQAR&_origin=0&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YXBYiAAAAd5FxQAR&_origin=0&gdpr=0&gdpr_consent=&apid=UP301c6004-31cf-11ec-8b7b-020b1bec13a0

0
1 KB

15ms
10ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55986/sync?uid=YXBYiAAAAd5FxQAR&_origin=0&gdpr=0&gdpr_consent=&apid=UP301c6004-31cf-11ec-8b7b-020b1bec13a0

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:28 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55986/sync?uid=YXBYiAAAAd5FxQAR&_origin=0&gdpr=0&gdpr_consent=&apid=UP301c6004-31cf-11ec-8b7b-020b1bec13a0
date: Wed, 20 Oct 2021 17:57:28 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP301c6004-31cf-11ec-8b7b-020b1bec13a0
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAzMDFjNjAwNC0zMWNmLTExZWMtOGI3Yi0wMjBiMWJlYzEzYTA%3D
https://pixel.advertising.com/ups/57304/sync?uid=CAESEGH_koU7mcOxfJUSdsvSN7o&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEGH_koU7mcOxfJUSdsvSN7o&google_cver=1&apid=UP301c6004-31cf-11ec-8b7b-020b1bec13a0

0
1 KB

10ms
9ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEGH_koU7mcOxfJUSdsvSN7o&google_cver=1&apid=UP301c6004-31cf-11ec-8b7b-020b1bec13a0

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:28 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEGH_koU7mcOxfJUSdsvSN7o&google_cver=1&apid=UP301c6004-31cf-11ec-8b7b-020b1bec13a0
date: Wed, 20 Oct 2021 17:57:28 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=29a56fe8-28c7-4d86-85cb-0867896ffed7&_origin=1&gdpr=1&gdpr_consent=

0
234 B

10ms
10ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=29a56fe8-28c7-4d86-85cb-0867896ffed7&_origin=1&gdpr=1&gdpr_consent=

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:28 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=29a56fe8-28c7-4d86-85cb-0867896ffed7&_origin=1&gdpr=1&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H2 200 track
track1.aniview.com/ 0
70 B 94ms
93ms Image
text/plain 52.73.58.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=17424&t=1634752647&cip=216.131.114.78&sn=&tgt=0&osv=10&bv=93.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1634752647424-957057353743-005624-003-003616&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.78&cb=15848933133&cd4=3c5f2b1e-f211-49c3-9cd7-83bf8720b241&cd5=default&cd1=4.86.5&d9=0000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&nid=56ea678d181f46c76f8b45fb&ncid=60a0c4acce284b4c1059cbe8&e=bid&cb=1634752648564&asid=5fa2a98bba80693a416064d7%2C5ee3dc1a4ee7aa5daa237473%2C5ee3d57071193a26344a4076%2C60ebfe94ebe867570438e997%2C5f8c4fcaf3eefc7b4d24fc09%2C5f914c8144ecc572d3625cbc%2C60ebfe86a4a7792110515aa4&ofpr=%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.58.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-58-202.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:28 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
136 B 94ms
92ms XHR
text/plain 54.88.209.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-209-254.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tumgir.com
date: Wed, 20 Oct 2021 17:57:29 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 track
atrack.avplayer.com/ 0
70 B 110ms
110ms Image
text/plain 34.225.64.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M20&cb=1634752648965&cid=60a0c4acce284b4c1059cbe8&VERSION=4.86.5&AV_PAGE_LOAD_UID=3c5f2b1e-f211-49c3-9cd7-83bf8720b241&AV_CDIM4=3c5f2b1e-f211-49c3-9cd7-83bf8720b241&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sarahyasemin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.64.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-64-38.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:29 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 7A0B 0
128 B 20ms
14ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158554&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1634752647424-957057353743-005624-003-003616%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:29 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET snapecaht.png
webpick-cdn.s3.amazonaws.com/ 0
0

GET
H/1.1 200
OK snapecaht.png
webpick-cdn.s3.amazonaws.com/ Frame DF0E 3 KB
3 KB 606ms
179ms Image
image/png 52.218.204.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webpick-cdn.s3.amazonaws.com/snapecaht.png
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.204.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5af1e32d6499ad2c5e9249164daa9a39860fb4e6f64b223b04fe0afa0c0b6ee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 17:57:31 GMT
Last-Modified: Tue, 25 Dec 2018 13:48:43 GMT
Server: AmazonS3
x-amz-request-id: B7TTXY91YY5HQ11M
ETag: "84cde431b32705bc6e18c3d7ccc2dd29"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2888
x-amz-id-2: 0hQ9FkB4FXv+0FYhbUV6nsaFI9hxCEWOXmY8MpErzDKnVmUcz0q6jizDtNFg0My0aGeKpLZWrj8=
x-amz-meta-s3b-last-modified: 20181225T134720Z

GET
DATA 200
OK truncated
/ Frame DF0E 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 47ms
26ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211018&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

599805106ca64a3032b17f7516e2fba3f09274699dd3918da49e3bff17efbf1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 17:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8530
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 72ms
32ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 20 Oct 2021 17:57:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B793 12 KB
5 KB 22ms
7ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 20 Oct 2021 17:49:04 GMT
expires: Thu, 20 Oct 2022 17:49:04 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1738 783 B
1 KB 67ms
27ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

b1a474a516aa303f9413b9f3f86b864c87de1576d4fe17af14b0b319e4f97142

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aEwJ+HYpHovNCkQApmNv8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tumgir.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 20 Oct 2021 17:57:30 GMT
date: Wed, 20 Oct 2021 17:57:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-aEwJ+HYpHovNCkQApmNv8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame B793 35 KB
13 KB 14ms
13ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 12:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 20 Oct 2022 12:04:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1738 0
0 66ms
66ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211018&jk=1043719893021062&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 48ms
48ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211018&jk=1043719893021062&bg=!mpmlmd3NAAao6lBpqOo7ACkAdvg8Wt7tlimEDUt-gSDmWD6LAkcGIXVXKN4-qwB_JEL6_p0omzmExQIAAABvUgAAAAhoAQcKAG4O_cVx_J3YRN3sb3_DcAxE_Le0wG9UQuB9bdahYn_r9GlAWF9DhNeh9hBa61bDRqbXnlsSk2KO6_i5bSmDOdto6fz7hjdlvMlnRniHlZ2o5FqxER0BFqObQfhojP34p8hjwyvqgqnUnVicKszPPZkCqqiIVV6V-8q8ivs-Jtwia_EobbRH5tG6qpFfei9IfC-BRbH0zpvFh3a9O35N0BOrzeiwlhNRSz2BtIKwy6ygvc6KlFtXD12HhtnxbXssr3rgjOXEqiBAfz8hoVd0MJmOA__8_aaegpDsHKVSo1M-mlJh_xENwNZKTarkB9hcwb6bdrjGvVTQE7hg_xizyXx-Z5Rt-BtFgABv3yiMpmXzaYzk64nkj7O84Xmd82Tz12sv15WbcBtulPuanfewBrMkxWFblOrZwa4USeFXrbNaYmSNtcbwkEsC7JvFg0rkWLSgOpE6Z1uC8kXxxi7053eyZmtrSdiY-sRxTqr8UksLtLGty-J7niYfHInwwxsK5K4Gn9sJ_RRaNuH7xoJqSbq_Vh1u8K9xGnSdxkBECYy9WYVah1eQSKHjWuBaadWwPCazQ99Uta6zdpIpk49HW2QIso2u3EaPQLph-bOmXVH6RfcArZWS3ZJ_qQ-sUBhJLERXIk4kw2BBwKUwazr42OR0u_18CsgrWVhoxaHmMUQ7MCyK1EYf2JV98Fj7UsY5QxvfBF3PkHIz5vfDIVgvjvpIzj20tw9n0nwcSs7Oqv6_TGhaHsa92QhejLNh-NHmOMH1go8VX-q9S_bw1U9VG0HNbAW8YZGDOIldFrhfNnWVRg1PcuqiXJMN-EPerbyRbVkOIK2NbS6oMBTX9LvRE80pH8p9iTKHkv3-g0cLavjKNc9OwB9DYGFPp_r5NyjvR5I3wqxV07dWSvFcflP0IMTJZVJ_Mk-ahZr9dBzvRhNprVGb2-237U9nn_AUa_iLa4p1RyyeNHv5MXibeuhVRDM8odU6KNlvMWo4uBo75MVwjOhqyPcJY9eSP-tuvamBW3x9mNcjxx1GW0c3nAVO7H_zfXTmRPtUOxSXMaw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 17:57:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/ 260 KB
261 KB 7ms
6ms XHR
video/mp2t 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 626547158f5e747e7ae1cd706b2dfbd555dc0b29d932b8dc316b05c918a03f8c

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=1620372-1886955

Response headers

Date: Wed, 20 Oct 2021 17:57:31 GMT
Content-Range: bytes 1620372-1886955/2121016
Connection: keep-alive
Content-Length: 266584
X-Served-By: cache-wdc5575-WDC
Last-Modified: Fri, 05 Mar 2021 21:14:53 GMT
Server: cloudinary
X-Timer: S1615106629.553802,VS0,VE1
ETag: "865921082c9f193b86aad4efe54e53ae"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=11911543
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

OPTIONS
H/1.1 200
OK landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/ Frame 0
0 9ms
9ms Preflight
text/html 23.14.94.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1614978879/landscapef31f40be-734c-4c17-9653-83027399adfc_1614978768556.ts
Protocol: HTTP/1.1
Server: 23.14.94.38 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-14-94-38.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.tumgir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Wed, 20 Oct 2021 17:57:31 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 284ms
98ms XHR
text/plain 52.73.58.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?r=www.tumgir.com&sn=&cd4=3c5f2b1e-f211-49c3-9cd7-83bf8720b241&cd5=default&ic=0&tgt=0&app=&wi=531&he=299&test=&d36=6.1.2.78&apppkg=&fv=1&proto=https
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.58.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-58-202.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 20 Oct 2021 17:57:32 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: webpick-cdn.s3.amazonaws.com
URL: https://webpick-cdn.s3.amazonaws.com/snapecaht.png

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

83 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tumgir.com/	1970-01-20 15:37:04	Name: _ga Value: GA1.2.633938413.1634752646
.tumgir.com/	1970-01-19 22:07:19	Name: _gid Value: GA1.2.2138280547.1634752646
.tumgir.com/	1970-01-19 22:05:52	Name: _gat_gtag_UA_134279593_1 Value: 1
.tumgir.com/	1970-01-20 07:27:28	Name: __gads Value: ID=d2ad96d4b4c9587d-2223e77ff9ca0066:T=1634752646:RT=1634752646:S=ALNI_MYOcoU56RPIY7qR7LWvXwbnH2Lnfg
www.tumgir.com/	1970-01-20 07:36:07	Name: __atuvc Value: 1%7C42
www.tumgir.com/	1970-01-19 22:05:54	Name: __atuvs Value: 6170588605a48504000
.addthis.com/	1970-01-20 07:36:07	Name: uvc Value: 1%7C42
www.tumgir.com/	1970-01-19 22:49:04	Name: exco-uid Value: 75p7kjkpn9f1z9xk
.addthis.com/	1970-01-20 07:36:07	Name: loc Value: MDAwMDBFVURFQlkyMjg2MTkwNDAwNTAwMDBDSA==
.aniview.com/	1970-01-19 22:20:16	Name: aniC Value: 1634752647424-957057353743-005624-003-003616
.advertising.com/	1970-01-20 06:52:55	Name: APID Value: UP301c6004-31cf-11ec-8b7b-020b1bec13a0
www.tumgir.com/	1970-01-19 22:49:04	Name: _pbjs_userid_consent_data Value: 3524755945110770
.yahoo.com/	1970-01-20 06:51:50	Name: A3 Value: d=AQABBIdYcGECEMC7iYPVd3ekrpVeWl6F79MFEgEBAQGqcWF6YQAAAAAA_eMAAA&S=AQAAAtOTMwQlQPT6phi8jYg9Rtc
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP301c6004-31cf-11ec-8b7b-020b1bec13a0
.pubmatic.com/	1970-01-20 00:15:28	Name: KADUSERCOOKIE Value: CECD869C-1006-40EE-991E-3ECBBE9AEC6D
.pubmatic.com/	1970-01-20 00:15:28	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 00:15:28	Name: DPSync3 Value: 1635897600%3A201_197_219%7C1634774400%3A174
.pubmatic.com/	1970-01-20 00:15:28	Name: SyncRTB3 Value: 1635897600%3A222_231_166_220_21_13_55_81_176_56_54_8_71_99_3_165_189_204_88_161_7_234_22_230%7C1635292800%3A223_15_2%7C1635552000%3A63%7C1635984000%3A35%7C1637280000%3A203
.spotxchange.com/	1970-01-20 06:51:28	Name: audience Value: 302e78d7-31cf-11ec-8f4c-155da6fd0006
.adfarm1.adition.com/	1970-01-20 00:15:28	Name: UserID1 Value: 7021209155932715161
.taboola.com/	1970-01-20 06:51:28	Name: t_gid Value: 7316af20-5de5-4d03-af98-2b0d423896dc-tuct869de07
.casalemedia.com/	1970-01-20 06:51:28	Name: CMID Value: YXBYh8Vavlha0kpap8HW3wAA
.casalemedia.com/	1970-01-20 00:15:28	Name: CMPS Value: 5230
.doubleclick.net/	1970-01-20 07:27:28	Name: IDE Value: AHWqTUnLHWZuTN3B8Cmwmq-UGzlzVyBRE2h9N5rVYZPLWHRy2koouCjM80-OV0bcOk4
.erne.co/	1970-01-20 06:51:28	Name: u Value: rS6Ebo08hazP1eSxLVplXrf1
.adform.net/	1970-01-19 22:50:31	Name: C Value: 1
.adnxs.com/	1970-01-20 00:15:28	Name: uuid2 Value: 1456369992627948945
.mathtag.com/	1970-01-20 07:31:47	Name: uuid Value: 23d66170-5887-4d00-954c-2fd3c8ff6970
.pubmatic.com/	1970-01-19 22:49:04	Name: KRTBCOOKIE_1101 Value: 23040-7021209155932715161
.pubmatic.com/	1970-01-20 00:15:28	Name: PUBMDCID Value: 3
.adform.net/	1970-01-19 23:32:16	Name: uid Value: 887302167743229180
.pubmatic.com/	1970-01-19 22:49:04	Name: KRTBCOOKIE_27 Value: 16735-uid:23d66170-5887-4d00-954c-2fd3c8ff6970&KRTB&16736-uid:23d66170-5887-4d00-954c-2fd3c8ff6970&KRTB&23019-uid:23d66170-5887-4d00-954c-2fd3c8ff6970&KRTB&23114-uid:23d66170-5887-4d00-954c-2fd3c8ff6970
.de17a.com/	1970-01-20 06:44:16	Name: guid2 Value: 1.4459924645650214302
.simpli.fi/	1970-01-20 06:52:55	Name: suid Value: BBA0102485BB4FDEB4FC13370E0C5B86
.pubmatic.com/	1970-01-19 22:49:04	Name: KRTBCOOKIE_80 Value: 22987-CAESEG5UCJ1GuQHIuFZ50uZ_vuo&KRTB&16514-CAESEG5UCJ1GuQHIuFZ50uZ_vuo&KRTB&23025-CAESEG5UCJ1GuQHIuFZ50uZ_vuo
.pubmatic.com/	1970-01-19 22:49:04	Name: KRTBCOOKIE_409 Value: 22966-rS6Ebo08hazP1eSxLVplXrf1
.pubmatic.com/	1970-01-19 22:49:04	Name: KRTBCOOKIE_391 Value: 22924-5361780559653149434&KRTB&23263-5361780559653149434
.pubmatic.com/	1970-01-19 22:49:04	Name: KRTBCOOKIE_57 Value: 22776-1456369992627948945
.adsrvr.org/	1970-01-20 06:51:28	Name: TDID Value: 29a56fe8-28c7-4d86-85cb-0867896ffed7
.quantserve.com/	1970-01-20 00:15:28	Name: d Value: EKcBCwHDJPijAA
.quantserve.com/	1970-01-20 07:36:07	Name: mc Value: 61705887-df6a7-d2d78-261bf
.casalemedia.com/	1970-01-20 00:15:28	Name: CMPRO Value: 1214
.pubmatic.com/	1970-01-19 22:49:04	Name: KRTBCOOKIE_336 Value: 5844-4459924645650214302
.pubmatic.com/	1970-01-19 22:49:04	Name: KRTBCOOKIE_153 Value: 19420-hxsKHIQSBRucTlsa0B0QSINOChScGAsd00xngis_&KRTB&22979-hxsKHIQSBRucTlsa0B0QSINOChScGAsd00xngis_
.bidswitch.net/	1970-01-20 06:51:28	Name: tuuid Value: 86f8a319-95c0-44fb-a0cd-9620c1800187
.bidswitch.net/	1970-01-20 06:51:28	Name: c Value: 1634752647
.bidswitch.net/	1970-01-20 06:51:28	Name: tuuid_lu Value: 1634752647
.1rx.io/	1970-01-20 06:51:28	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f27a3038-659a-463d-a039-36c23fbb7438-003%22%7D
.bidr.io/	1970-01-20 07:34:26	Name: bito Value: AAC3K07C4LEAAC9geaPUHQ
.bidr.io/	1970-01-20 07:34:26	Name: bitoIsSecure Value: ok
.pubmatic.com/	1970-01-19 22:49:04	Name: KRTBCOOKIE_377 Value: 6810-29a56fe8-28c7-4d86-85cb-0867896ffed7&KRTB&22918-29a56fe8-28c7-4d86-85cb-0867896ffed7&KRTB&23031-29a56fe8-28c7-4d86-85cb-0867896ffed7
.adsby.bidtheatre.com/	1970-01-19 22:15:57	Name: __kuid Value: 46f736ee-bbf0-4937-94ed-34dc5b1e98da.403966647
.turn.com/	1970-01-20 02:25:04	Name: uid Value: 8198753215830979873
.targeting.unrulymedia.com/	1970-01-20 06:51:28	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f27a3038-659a-463d-a039-36c23fbb7438-003%22%7D
ads.playground.xyz/	1970-01-19 22:15:49	Name: connect.sid Value: s%3AEonGZEqI50saZT-qaT4Ks-TvL03OiwRJ.%2B5LzOCUvSuohUt8N36F5jdDRMSwvXmxbC1U9cv34Euo
.pubmatic.com/	1970-01-19 22:49:04	Name: KRTBCOOKIE_22 Value: 14911-8198753215830979873
.sitescout.com/	1970-01-20 06:51:28	Name: ssi Value: 193478ad-f5a1-42bb-a274-d8b5b8eaab87#1634752648001
.pubmatic.com/	1970-01-19 22:49:04	Name: KRTBCOOKIE_594 Value: 17107-RX-f27a3038-659a-463d-a039-36c23fbb7438-003
.sitescout.com/	1970-01-19 22:49:04	Name: _ssuma Value: eyI0NSI6MTYzNDc1MjY0ODAyOX0
.pubmatic.com/	1970-01-19 22:49:04	Name: KRTBCOOKIE_188 Value: 3189-193478ad-f5a1-42bb-a274-d8b5b8eaab87-61705888-5553
.everesttech.net/	1970-01-20 06:51:28	Name: everest_g_v2 Value: g_surferid~YXBYiAAAAd5FxQAR
.pubmatic.com/	1970-01-19 22:49:04	Name: KRTBCOOKIE_218 Value: 4056-YXBYiAAAAd5FxQAR&KRTB&22978-YXBYiAAAAd5FxQAR&KRTB&23194-YXBYiAAAAd5FxQAR&KRTB&23209-YXBYiAAAAd5FxQAR
.pubmatic.com/	1970-01-19 22:49:04	Name: PugT Value: 1634752647
.onaudience.com/	1970-01-20 06:51:28	Name: cookie Value: 7247e039f52b07c9
.onaudience.com/	1970-01-19 22:07:19	Name: done_redirects147 Value: 1
.aniview.com/	1970-01-19 22:07:19	Name: 2_C_1 Value: CECD869C-1006-40EE-991E-3ECBBE9AEC6D
sync.aniview.com/	1970-01-19 22:07:19	Name: 2_C_1 Value: CECD869C-1006-40EE-991E-3ECBBE9AEC6D
.aniview.com/	1970-01-19 22:07:19	Name: 2_C_25 Value: y-3hd5S2lE2uF.rpw000dh.MQ9iqmFxtP0~A~UP301c6004-31cf-11ec-8b7b-020b1bec13a0
sync.aniview.com/	1970-01-19 22:07:19	Name: 2_C_25 Value: y-3hd5S2lE2uF.rpw000dh.MQ9iqmFxtP0~A~UP301c6004-31cf-11ec-8b7b-020b1bec13a0
.aniview.com/	1970-01-19 22:07:19	Name: 2_C_42 Value: YXBYh8Vavlha0kpap8HW3wAA&1214
sync.aniview.com/	1970-01-19 22:07:19	Name: 2_C_42 Value: YXBYh8Vavlha0kpap8HW3wAA&1214
.onaudience.com/	1970-01-19 22:07:19	Name: done_redirects109 Value: 1
.tribalfusion.com/	1970-01-20 00:15:28	Name: ANON_ID Value: a7nsIHwyEojpuMNpbIFuZdjBov7SqjgHauC2WryrUmTyrZbIV6Zb12d1KgHkDtQ2sGIuwh75K29bnB0MZa5E3xZbYVEsJ
.eqads.com/	1970-01-20 00:18:21	Name: EQUser Value: UID=b169eef4-62a5-4143-961c-d89cbaa239db
event.clientgear.com/	1970-01-20 02:25:04	Name: mkuuid Value: mk8d5c1e47-e42f-46ea-a0c0-697f2224a8c6
.pubmatic.com/	1970-01-19 22:49:04	Name: KRTBCOOKIE_466 Value: 16530-86f8a319-95c0-44fb-a0cd-9620c1800187
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 296a01fafce1b711
.yahoo.com/	1970-01-19 22:07:19	Name: APIDTS Value: 1634752648
.adsrvr.org/	1970-01-20 06:51:28	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiI_5TMo_-JOhAFGAEgASgCMgsIuNfp_rn_iToQBTgBWgZhZGFwdHZgAg..
.analytics.yahoo.com/	1970-01-20 06:52:55	Name: IDSYNC Value: "18wj~212h:18z8~212h:1776~212h:187s~212h"
.pubmatic.com/	1970-01-19 22:49:04	Name: SPugT Value: 1634752649
.casalemedia.com/	1970-01-19 22:07:19	Name: CMST Value: YXBYh2FwWIoA
.casalemedia.com/	1970-01-20 06:51:28	Name: CMRUM3 Value: 0d6170588a2760%7Bamob_user_id%7D&ce6170588705a0&27617058870b40&2d617058882760CAESEKEmB6aOXXX9k24BqoDZ3C8&f16170588705a0&be6170588705a0&e6617058872760&28617058882760b169eef4-62a5-4143-961c-d89cbaa239db

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64.media.tumblr.com
a.tribalfusion.com
accounts.google.com
ad.turn.com
ad4m.at
ads.adaptv.advertising.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
api-public.addthis.com
api.tumblr.com
atrack.avplayer.com
bh.contextweb.com
c1.adform.net
cm.adgrx.com
cm.g.doubleclick.net
csync.loopme.me
d18g6t7whf8ejf.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmmzkfd82wayn.cloudfront.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
googleads.g.doubleclick.net
green.erne.co
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
m.addthis.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mcd.ex.co
mefagetobri.top
microusconvilla.xyz
orektobedirect.xyz
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
player.aniview.com
player.avplayer.com
player.ex.co
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
premiumsrv.aniview.com
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
rtb.gumgum.com
s.amazon-adsystem.com
s.tribalfusion.com
s2s.aniview.com
s7.addthis.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
shilternimpossip.xyz
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.mathtag.com
sync.targeting.unrulymedia.com
tag.1rx.io
tag.targeting.unrulymedia.com
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
tricketoffic.xyz
tumgir.com
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
v1.addthisedge.com
webpick-cdn.s3.amazonaws.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.tumgir.com
x.bidswitch.net
z.moatads.com
s7.addthis.com
webpick-cdn.s3.amazonaws.com
104.107.161.131
104.108.144.126
104.108.144.235
104.18.12.5
104.21.192.126
104.21.45.207
104.68.78.171
107.22.28.167
13.224.193.105
13.224.193.111
13.225.78.51
142.250.181.225
142.250.184.196
142.250.185.104
142.250.185.142
142.250.185.226
142.250.185.66
142.250.185.98
142.250.186.130
142.250.186.163
142.250.186.173
142.250.186.42
142.250.186.66
142.250.186.98
143.204.101.184
143.204.101.193
151.101.1.44
151.101.2.49
151.101.66.137
157.240.20.35
159.253.128.183
159.65.197.210
162.55.6.211
167.71.185.16
169.197.150.8
178.250.0.163
18.159.140.98
18.159.16.69
18.195.106.43
18.213.10.151
18.215.74.57
185.183.112.148
185.29.134.248
185.33.220.242
185.33.221.91
185.64.189.110
185.64.189.112
185.94.180.123
192.0.77.3
192.0.77.40
198.148.27.140
198.47.127.19
198.47.127.20
199.187.193.185
2.16.181.64
212.82.100.176
213.155.156.181
213.19.147.43
213.19.147.45
23.14.94.38
23.202.133.15
3.126.56.137
3.209.156.238
3.224.226.7
34.225.64.38
34.98.107.212
37.157.3.30
46.228.164.11
47.252.78.131
51.222.80.231
51.89.21.31
52.208.41.69
52.212.206.16
52.218.204.90
52.46.130.91
52.73.58.202
54.88.209.254
63.215.202.140
66.155.71.25
69.173.144.138
72.247.225.32
72.247.225.98
72.247.226.64
72.251.241.196
76.223.111.131
85.114.159.93
91.228.74.189
94.23.73.243
0025b019c3f9c7b359da1df7201e842c8c0f0d021b163c2a2f6573f46dd5b90e
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0213e73a72c1652dffd21a1cfc78209c4a9ba3e31509ab993db4baca5beae946
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
08c0bac61b5b995276234650953736f7100e1f550a12a5b961abed23f4bcd8e3
09a578d5e3c8e6c56d7806a2bdd665399f2e21ea0fd2c9cb60c3ab817cef85c5
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0bf4fa8706045b11f000f3010f2ffd42211009da07aed612a893d0af3b2bf94c
0f18e309fcf92e2169e2d640fd34f6d8ee62e0d1afd2bb6f6d27df374b0b8465
0f234787edb72b28097646be8f0664222e7520b61d9e0d2923b6488fdb0dc70e
12328e6d4bdc14e85574f73c6cc686fd42dfc5a39369e2e093b99cdfd977ba34
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1aaa4a0a88f9ab33e99329438d826f836cbbbd7face7db21c90e87174e3a243d
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1e34f466de5da2df1981b2483d027834afe7d9e03fa85eec9833d9dff5744c0e
1e552184493eea74a53b11e52b6e6eec9c35d90cece6592d9bdf6cf1090ad8c0
1efecda47dbd03f8fb1eb8f5779599cc4ab62ac2a68f4f55cdad9e8f46aec897
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2c91a02b2addcb241bb164ecd36e871ee2f99873f16e9c28711aca8f031efbd9
2d2cf1dd7a2ba20aa095315c6c8c02f08e093a3e1cdfbfe48d6beda0b4946147
2d8419b514002fd24222f6cd2219f8e42268d50ee82f62a789b293283c2d9820
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
344ca5678ec596c74eb74b7cd03d9943cf446837f10739d7007bb376a701dff4
38b1292bb8e6d85cff6348054db2cbce69216ca7129f93ac9ac7d2f45ca38d99
39f34f271e6e25006c1beb43d975c1f63a5a45bb55c8d38524ca73589f853394
3cf3cd0d919579b21d6f20e3f543450e960fc57d4a5d76cf74b2f8e9834ce2f2
3d8c71e628081f0a3daabcd4660b5239eb0e964c1853a9fb56b818362afcef7f
3d8d36753d9ba77a83945be3a6f1534ce9555f42ee6d6f80d05c8c82f00acc70
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46d9ec723d6187496ee6c1383644ca02d4523210c29934027f2a2ecebf494d9e
4772fe013a4ead83ca42122622ab56caf9c81ba1757b13c39422c8a08f3db6fe
4791a126f3394cb0c65f065d78b83ffb971fe226bd3b69a99ba0f2cfed2e203d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f770457c2729d9f9c8c82fe6673fcaa92f0707132789a81881eed1faf3df29
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a111a9457fa1840f6fe07aa190976ea50916cad4f6cb241b282d5eba91ff04e
4be248af2533387777c0841dbe22c2da3d19217cee48ae7c68063ba2966f1d77
4d3c44af1fc3f44b032d4db692e82bf7c89525fee886b116c55ecc1d2cae8cac
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fa05ba6fadc4cf21009fabd12acb00c067006f2f9f0ec0a1b746a2285c4e68a
51ea5038df8065b63cbd346ab7b1eccc5d47ae17b0f4bdc88104c8d4682784f9
55110586d3719c3e8bdaa21f06e4cc1c0a7451abbae662344cbd4411536b585f
56d5cf47a3b83df3564b334d3c6fee5723b8c14d992c319b08a62830cdf8ac33
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
58a140675e6ec3bf9c7452090aafcb50f4f867efa32806c4ffab9cd22e71a9d0
5963426a9ee59fbc1065c9fd9e4cbc588ab2a224fcaeb5bcdb9e43c4d3083958
599805106ca64a3032b17f7516e2fba3f09274699dd3918da49e3bff17efbf1f
5af1e32d6499ad2c5e9249164daa9a39860fb4e6f64b223b04fe0afa0c0b6ee2
5cb51eb41be2d2db505796f59bdf57f0f26398ae49bd6a4c81f5252c0fece526
5e03617074fab34b310819a44eb9f3ebf274fbbcf982558ce1cb34b2eba6fd95
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61328819a22c773f82795a5f3a9189215cda4bd43c84185a906b623282e1716b
626547158f5e747e7ae1cd706b2dfbd555dc0b29d932b8dc316b05c918a03f8c
631df087104b16c35aa0a1e5aa88842912b08ee39f2b05c440fb6358cb0542b5
63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0
67b4ba60985b38272fc30ba5f9b7e67e4cb57ab35bced2154fc2cc88e694983b
692e8333d1bb4522a6b90dbafe382120b2a93ecada0cdcfe7553e9d8f4ed9615
6a7aed2c946ae3973a107f5d66f3ff03c6613f39b3b604bacaa5c8785f681d37
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cfd75c5aaaf095c42f1f3a1372bf3e291db65e4f63a8dd2414a3aaa86faa141
6d1057b3a26c4282f803f9e5c814b7a3f8bdc18523fd0587db6d54c630bef228
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122
6f542ade3d7dd91c99436806384b511eb595199471f2bb21598cfe6fd5023a4c
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7107337c12b383f33154686f2302e3f6d4a22b66edee8ea1bdcdab9c23710769
71d2131006ab89118374f5115a4fdcc1921d78b601813b4f96b2affa083d9d22
755780904756deba90da98c0b394ea2aced9d0c8e5c16d217a6e829a1a427743
764900b22baea4fcb454b3ed983a496ebfd25491ebcb044096118f7b1358d5a0
76a952a7c2b8d593333e7e067363ae6b293635efbec4aeb1342389e1b942d8b3
795dbf4123e85f3bfc099c4674085c903dc1c8dfc3a238c74417367396682f0a
7996068577aff69aea777d079337e8d52773674413f44e24f984f25bd86551cf
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c5c102a5cb919c106c2cf80ecc94e9dec525a9d7bc786460b8bc875057e66ff
8010ca9bedb88a2ff573aa62c5276af0b408b0b99dd99b24b0b1e7866d9d2a7c
81ba3960fc8308889cfed7a1c6ea3c41e8a7ba417b49c1c3a2302d0d4556961a
827639e91ba043567143c8653d33853272eac6372138315e5cd9925419eb5037
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846ebae4909cae3822f281adf6a0e47b459f90e7984381fcc91e42432df4791d
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
885f596947dbf1379fed844ff158b47dcbd2405d7bdcbd8b5702258b1508dec0
88b7b60abfbcd15997d22d2839830aa4593142a21fc2b7be01f6896ac3d27310
89f9386ac0364b0d1e9d7f764fe25ba01c347b9a3021b7f5b50ed45a0b87b0f3
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c382d76b7f3c936b789e587ff26a8383cb504a1b7c7f6183f80a45d2a464c9d
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8d3cfaa0992798cdb2bb6bf6956c1230d11874380c135efbf50fae5559a2e9ce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f62db7ed633b3f403e07b4e5d62cf17236edfdcc77505a2d3279d01258bd2ee
8fde82ce3fb2fa457b18ec4f3760e087af05c52f6219a73f29010d1fe853c107
8fea627f1c0e0e7cb0aa7abb42defcd30e48df6d6a09c40663f564a3614ea2cf
911bc27133b76c4b714c5164b0117228d6999185495269ef80df2efd8f76f93f
9472aee002fb72fe598606479386e08307516d9f7cc880172e0d7dd222e7c513
95a02446ee27371940adc44c2196eabddca5ea59b4bd5f8538155b36ae09c0a4
97ece13ffb59290394a974f7a7d81c21273d24f8b5bd8a908310823237fb6295
997c7392191e81e372d509053b7396846c7c3c6be7dacc91836d0e275ce33d1f
9b45dba9231da55f54a26f60a8ca50d8ed6e652e9de39c8789e9a2426a99cfb1
9e73d1df6066e3c9edb4bb84b5774cc44667673d7fd8264575f89015371cece9
a0f438e99d573fb2d042752af0af8c64673b378a3a91cc4cb99cc89766cc4322
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5913e07c0b369fb401e65ff51bb876ad26268510fcee58cad73fe2d0a351f03
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a662e78e9e95e80ce159358e6677de2a918e5a315f10b0077cba4b76b7b9a3bf
a95d13eb4ca3e3bb65a323ad542dfa06c354b6aacc865757fef1c780bcab5829
ac7b9f46edcec0a88c11c18bf0a08879953bfd042486c0a2a7c58426df25088c
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
adca6ccd7089d9fe2d85ba526e331cd832ee70f07b455cb8124cb1de0437cc15
b01cda1c3e317a39b2d50eadcb54b311afe9a8373b8d9a45ca13e4697686e956
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a474a516aa303f9413b9f3f86b864c87de1576d4fe17af14b0b319e4f97142
b486fabf4c02bc329cfea081640ce8caca43cc1ffefe723ee4d601c1a9ef4ff4
b742e05076e16afaaf60bc6b851b747f9c52c9f0722549e039d3f5cc9ca5ef23
ba61adfabcf1b3b3f6e38627ced33e2105786674f401c90d405c80ee171d440e
badb892230c83f5ef1de248a257928193994a34094a817400cbad1d5c43a9cb9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
cb14ba76d56314dcc93d0832aa7b6d975863724a990a28a990699db8bf273f55
cbd445d1145f9de2edd14cdd05e563c37efdbceaed5366b258e69bd3a6d23106
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0ba4355917cdf934b61c34ac3ceda91c35ceb74e41fa795647fb7fe95578f44
d21ebc0addb2a1699a106379d866c99e51173eb3cb9fb878952fba3dd1e6c1f0
d266a463858b3d8435608139ace33017293daee1589bc1eb6c3ca94234b78aa4
d5b7fdc7904b100f8849696dbcb25dd1af408c80a98f5ac9b075647ae919a841
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
dc6aefd662bd2c686bfaca5e86483540d9b350c79b04fba7cb947c670d2c407d
dd6dcb66938c11d5b56a5ba3749adbade8aaa7c1d8095eec092b479564135e7d
de3df8b2ac8d2bd42fa59a1efbdd7ba55ec5e9d8f0bf84ecab30ca8ddab5650d
e0d8584604fb5cc5cecf92e6153f1e98957e3eaa92f318ac36858eabb83ab8e3
e120f16c33d44cf306add0761100e100841a2aacc26a997a23f9a81324122758
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eba9a43d926c88cef7db841999433a650cde515d2793a0014437ed10237e5205
ec495ff7e6721b7e00a8a1bc9a5fc2eb86bf21e35d9d1188431567a60be86add
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ad1a3776936e09ff8e0664664164611da3c39ed3d56aafb191c2021c7ae621
f4f31ba3ca5f998f376ae6ca0815ba7ffcb770b1244bb59c08e2eb6648232910
f9c8c34cc75c3e6dc84b248f7f072a45aa82feaafef2426c414302d3875ded8f
f9d05d8915382935ec809e021f5638cd77311c67c668ceec86754c78d7e26335
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

www.tumgir.com Open in urlscan Pro 167.71.185.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

233 Requests

99 %HTTPS

0 %IPv6

68 Domains

101 Subdomains

66 IPs

10 Countries

41569 kBTransfer

45045 kBSize

83 Cookies

1 Outgoing links

Page URL History

Redirected requests

233 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tumgir.com Open in urlscan Pro
167.71.185.16 Public Scan

Screenshot
Live screenshot

Full Image

233
Requests

99 %
HTTPS

0 %
IPv6

68
Domains

101
Subdomains

66
IPs

10
Countries

41569 kB
Transfer

45045 kB
Size

83
Cookies

233 HTTP transactions
9 data transactions