www.tumgir.com Open in urlscan Pro
167.71.185.16 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Submission: On December 07 via api (December 7th 2021, 8:37:21 am UTC) from US — Scanned from DE

Summary HTTP 252 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 57 IPs in 4 countries across 39 domains to perform 252 HTTP transactions. The main IP is 167.71.185.16, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.tumgir.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 29th 2021. Valid for: 9 months.

This is the only time www.tumgir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	167.71.185.16 167.71.185.16	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
27	192.0.77.3 192.0.77.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
8	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
3	18.66.92.75 18.66.92.75	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:223... 2600:9000:223e:4e00:6:2e3c:5fc0:21	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
13	18.66.139.32 18.66.139.32	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700:303... 2606:4700:3034::ac43:8a89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:810::200d	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3030::6815:2dcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
1	44.195.137.121 44.195.137.121	14618 (AMAZON-AES) (AMAZON-AES)
7	34.193.25.178 34.193.25.178	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28a::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	3.229.193.232 3.229.193.232	14618 (AMAZON-AES) (AMAZON-AES)
1	75.101.235.47 75.101.235.47	14618 (AMAZON-AES) (AMAZON-AES)
17	2.16.186.139 2.16.186.139	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.121.38 13.32.121.38	16509 (AMAZON-02) (AMAZON-02)
1	107.22.28.167 107.22.28.167	14618 (AMAZON-AES) (AMAZON-AES)
5 5	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 6	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.117.200.100 104.117.200.100	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3	213.19.147.43 213.19.147.43	26120 (RHYTHMONE) (RHYTHMONE)
2	18.197.28.238 18.197.28.238	16509 (AMAZON-02) (AMAZON-02)
1	213.19.147.42 213.19.147.42	3356 (LEVEL3) (LEVEL3)
3 3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	209.54.180.3 209.54.180.3	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:d29... 2a05:d018:d29:3601:6630:8239:d3f4:893e	16509 (AMAZON-02) (AMAZON-02)
1	34.251.193.90 34.251.193.90	16509 (AMAZON-02) (AMAZON-02)
1 1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1	18.208.85.173 18.208.85.173	14618 (AMAZON-AES) (AMAZON-AES)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
9	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	51.89.42.86 51.89.42.86	16276 (OVH) (OVH)
16	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	64.233.167.154 64.233.167.154	15169 (GOOGLE) (GOOGLE)
2	34.194.106.25 34.194.106.25	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:4007:816::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:19::7	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	46.4.32.130 46.4.32.130	24940 (HETZNER-AS) (HETZNER-AS)
252	57

21 167.71.185.16 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

www.tumgir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

64.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.92.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-92-75.fra56.r.cloudfront.net

d18g6t7whf8ejf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223e:4e00:6:2e3c:5fc0:21 (United States)

ASN16509 (AMAZON-02, US)

dmmzkfd82wayn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.66.139.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-32.fra60.r.cloudfront.net

dgmaplain.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3034::ac43:8a89 (United States)

ASN13335 (CLOUDFLARENET, US)

uknsyenerg.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::6815:2dcf (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.132 (United States)

ASN54113 (FASTLY, US)

player.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.137.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-137-121.compute-1.amazonaws.com

mefagetobri.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.193.25.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-25-178.compute-1.amazonaws.com

prd-collector-anon.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bb91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 3.229.193.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-193-232.compute-1.amazonaws.com

atrack.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.101.235.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-235-47.compute-1.amazonaws.com

premiumsrv.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2.16.186.139 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-139.deploy.static.akamaitechnologies.com

mcd.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-38.fra60.r.cloudfront.net

undhertobec.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.28.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-28-167.compute-1.amazonaws.com

urgoldpie.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.77.40 (San Francisco, United States) 5 redirects

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

api.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.43 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.28.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-28-238.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.180.3 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:6630:8239:d3f4:893e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.193.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-193-90.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.85.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-85-173.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.42.86 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p26.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.194.106.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-106-25.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4007:816::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:19::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5ednds.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.32.130 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.130.32.4.46.clients.your-server.de

img.cdn.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	tumblr.com 5 redirects 64.media.tumblr.com api.tumblr.com	4 MB
28	doubleclick.net 5 redirects googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net bid.g.doubleclick.net googleads4.g.doubleclick.net ad.doubleclick.net	58 KB
25	ex.co player.ex.co prd-collector-anon.ex.co mcd.ex.co	1 MB
21	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	140 KB
21	tumgir.com www.tumgir.com	335 KB
15	aniview.com player.aniview.com track1.aniview.com premiumsrv.aniview.com sync.aniview.com	206 KB
13	dgmaplain.club dgmaplain.club	15 KB
10	googleapis.com fonts.googleapis.com imasdk.googleapis.com	2 MB
10	moatads.com z.moatads.com px.moatads.com	109 KB
8	uknsyenerg.co uknsyenerg.co	3 KB
8	youtube.com www.youtube.com	677 KB
7	gstatic.com fonts.gstatic.com csi.gstatic.com	106 KB
7	cloudfront.net d18g6t7whf8ejf.cloudfront.net dmmzkfd82wayn.cloudfront.net	175 KB
7	addthis.com s7.addthis.com m.addthis.com api-public.addthis.com	218 KB
6	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com prebid-server.rubiconproject.com token.rubiconproject.com	12 KB
6	casalemedia.com 2 redirects ssum.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	7 KB
6	google.com accounts.google.com adservice.google.com	915 B
5	avplayer.com player.avplayer.com atrack.avplayer.com	71 KB
3	2mdn.net 1 redirects s0.2mdn.net gcdn.2mdn.net r2---sn-4g5ednds.c.2mdn.net	2 MB
3	unrulymedia.com tag.targeting.unrulymedia.com	1 KB
3	freychang.fun freychang.fun	2 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	pubmatic.com ads.pubmatic.com image6.pubmatic.com	5 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	cdn.house img.cdn.house Failed	3 KB
1	id5-sync.com id5-sync.com	531 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	299 B
1	demdex.net dpm.demdex.net
1	yahoo.com pr-bh.ybp.yahoo.com	870 B
1	adsrvr.org match.adsrvr.org	265 B
1	1rx.io tag.1rx.io	170 B
1	lijit.com ce.lijit.com
1	addthisedge.com v1.addthisedge.com	680 B
1	urgoldpie.club urgoldpie.club	37 B
1	undhertobec.xyz undhertobec.xyz	489 B
1	mefagetobri.top mefagetobri.top	23 KB
1	facebook.com www.facebook.com
1	googletagmanager.com www.googletagmanager.com	36 KB
0	adotmob.com Failed sync.adotmob.com Failed
252	39

	Domain	Requested by
27	64.media.tumblr.com	www.tumgir.com
21	www.tumgir.com	www.tumgir.com
17	mcd.ex.co	player.avplayer.com
13	pagead2.googlesyndication.com	srcdoc tpc.googlesyndication.com
13	dgmaplain.club	d18g6t7whf8ejf.cloudfront.net dmmzkfd82wayn.cloudfront.net
11	track1.aniview.com	www.tumgir.com player.aniview.com
10	pubads.g.doubleclick.net	imasdk.googleapis.com
10	googleads.g.doubleclick.net	1 redirects www.youtube.com
9	imasdk.googleapis.com	player.aniview.com
8	px.moatads.com
8	uknsyenerg.co	www.tumgir.com d18g6t7whf8ejf.cloudfront.net
8	www.youtube.com	www.tumgir.com www.youtube.com
7	prd-collector-anon.ex.co	player.ex.co
6	ade.googlesyndication.com
5	api.tumblr.com	5 redirects
4	adservice.google.com	imasdk.googleapis.com
4	atrack.avplayer.com	www.tumgir.com
4	fonts.gstatic.com	www.youtube.com www.tumgir.com fonts.googleapis.com
4	dmmzkfd82wayn.cloudfront.net	www.tumgir.com dgmaplain.club
3	csi.gstatic.com	imasdk.googleapis.com
3	dsum-sec.casalemedia.com	1 redirects ssum.casalemedia.com
3	cm.g.doubleclick.net	3 redirects
3	api-public.addthis.com	s7.addthis.com
3	tag.targeting.unrulymedia.com	player.aniview.com
3	freychang.fun	d18g6t7whf8ejf.cloudfront.net dmmzkfd82wayn.cloudfront.net
3	d18g6t7whf8ejf.cloudfront.net	www.tumgir.com dgmaplain.club
3	s7.addthis.com	www.tumgir.com s7.addthis.com
2	ad.doubleclick.net	1 redirects
2	tpc.googlesyndication.com	imasdk.googleapis.com tpc.googlesyndication.com
2	s.amazon-adsystem.com	1 redirects ssum.casalemedia.com
2	prebid-server.rubiconproject.com	player.aniview.com
2	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com
2	ssum.casalemedia.com	1 redirects player.aniview.com
2	player.aniview.com	player.ex.co player.aniview.com
2	z.moatads.com	s7.addthis.com player.ex.co
2	accounts.google.com	www.tumgir.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	img.cdn.house	d18g6t7whf8ejf.cloudfront.net
1	googleads4.g.doubleclick.net
1	r2---sn-4g5ednds.c.2mdn.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	id5-sync.com	player.aniview.com
1	s0.2mdn.net	imasdk.googleapis.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	image6.pubmatic.com	ads.pubmatic.com
1	sync.aniview.com	ssum.casalemedia.com
1	pixel-sync.sitescout.com	1 redirects
1	dpm.demdex.net	ssum.casalemedia.com
1	pr-bh.ybp.yahoo.com	ssum.casalemedia.com
1	match.adsrvr.org	ssum.casalemedia.com
1	ssum-sec.casalemedia.com	ssum.casalemedia.com
1	tag.1rx.io	player.aniview.com
1	ce.lijit.com	player.aniview.com
1	secure-assets.rubiconproject.com	1 redirects
1	ads.pubmatic.com	player.aniview.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	urgoldpie.club	mefagetobri.top
1	undhertobec.xyz	mefagetobri.top
1	premiumsrv.aniview.com	player.aniview.com
1	player.avplayer.com	player.ex.co
1	fonts.googleapis.com	client
1	mefagetobri.top	www.tumgir.com
1	player.ex.co	www.tumgir.com
1	static.doubleclick.net	www.youtube.com
1	www.facebook.com	www.tumgir.com
1	www.googletagmanager.com	www.tumgir.com
0	sync.adotmob.com Failed	ssum.casalemedia.com
252	69

This site contains links to these domains. Also see Links.

Domain
www.addthis.com

Subject Issuer	Validity	Valid
tumgir.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-29` - `2022-03-18`	9 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.media.tumblr.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-10` - `2022-02-09`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
dgmaplain.club Amazon	`2021-12-05` - `2023-01-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-02` - `2022-12-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-15` - `2021-12-14`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.ex.co Go Daddy Secure Certificate Authority - G2	`2021-11-06` - `2022-11-06`	a year	crt.sh
mefagetobri.top R3	`2021-10-17` - `2022-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
outstreamedia.com R3	`2021-10-12` - `2022-01-10`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
undhertobec.xyz Amazon	`2021-11-29` - `2022-12-28`	a year	crt.sh
urgoldpie.club R3	`2021-12-05` - `2022-03-05`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
img.cdn.house R3	`2021-09-16` - `2021-12-15`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Frame ID: E5A3051F27337770BF1C51CAA6658B85
Requests: 152 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_bEwMNzaWVw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
Frame ID: B05B3E76ABC5066DC6FD628B810B3DAA
Requests: 12 HTTP requests in this frame

Frame: https://dgmaplain.club/OGVpSExZBwolc1lYC245SglUbX5+QFsOKAldDn44DxIBLnRdDw9mL1QKHCwqSgoHPGJWAB1tfn4iJyIkfjc/EhpuHBoiLW0vOwEUUBAoPzwABgQBHW0PMDkDfTwvDQ8MMA94KwgpAxolXT0NIgVTHQotBG4SPiQnSiwEOx1gNholLU8GDAIPfVUqPzRSKDoSFm1WDj8Dfi8NATVPUTx5NFIoLSsAbjYGbX5+NVg4GXIiKyMveVQbLBR1ICoPfEE1WCAvcw8gJAlPFVgDNXExKiYaCD8BLwVhLTAdCU8VWAUmATwtJgpfPzEZKFxWPD0NeR0aEQtpIj4cYW1UJiQCaCwqK3VgVREvKEAkLQt/chczGQ1cAVoeaQonMR4NQC4tJxh7AjMvFnk/PAQPDB8sPzwJLAMGGm0cGTsvTzQgAiUIDj4eGV88Lho7eT0nOhZQAiQrf3YMLgk0TzwuGQtrHDgiAgg3OxEEWzQoPzhBBFsdDXAPK3xqUhYGJjwFMAIKBUgUAioYeVc
Frame ID: 8F103F1F86E8091A81E355C349440DAC
Requests: 2 HTTP requests in this frame

Frame: https://dgmaplain.club/WmhDeHE7CiAVTjtVIV4EKAR+XUMcTXE+FWtQJE4FbR8rHkk/AiVWEjYHNhwXKActDF80DTddQxwtJi00bjkWKRAWBBoWFC1YLCA5IlAXMDgXCxs+FxFYMA06PQR7HBsDUAYrHW8kOjkTFw93KjgOUC0wGw9NcTo5Ah8KIgg9MQ9JSGIxKw8HDVs7SSkjKiAxQjYmGUgGIiM7MkkPAhoVNzA+FjYbLQ0KOkVqIhYpAgwSMAw3CVkZIjkDTXE+FRgyOyEkLhAGPCguLjouKRQCJxsSLQ81NTciEgAwM2o+cD0VOQ8ZGxItD3E0Iz5bBz8jaSdxKTo5PDsoFQhFBRMVMQMkKzUfBws8Kz4hOkAgFDpyAjAxEDo8Q2NbF0ogEQsUDyIRPTQLOhwQOR1DCFoQK0AIIyo+EjkfJBU4CAcyLkMyABBLNzgjFyEmFi5yExUwUXc8HGNYFUskFQxwOik+OXITFTEDOi8iOQQAARY+CzQyPDkPeg4ValEtLCktTikLHjQYfjYGIgArOR8+CjBOIT8uJQ
Frame ID: 72DD93007A0BAB7F32BC965BC19368B5
Requests: 2 HTTP requests in this frame

Frame: https://dgmaplain.club/UlduM1ozNQ1eZTNqDBUvIDtTFmgUclx1Pj86FFg8Nm9cRDsrOUBQNj0iClUoPTkaHTQ3I0sBHBsCAnkTCDw3SwoBDi9WCQtgInUud2Uoah0cbjh7b2IYKkAQGRQkRRYrYy9wGBdiOGAxFBo/QxsfPgkBPgQNCWMwHzovay5iGRdqHDdlIAMRAx4FUWgIIitZA2sYNmY8GS03SRAlHh15GR8nP3cXKDUXZhACEx0WaBAdL1cwCxU8CgkaDV1qEjoYI2cpahsvWCIbDwoFDDswA1dpIgAKARBqMit9axcfCgUMOBJZYxJnBDcBHwM1OGFoGTo8Cw5gGQlqM388OX0wZmQ+RBc5GDpAYgNkP2YAYSM8Uh0UPAxlCGAyBFg9Fz4dFmgQM11cNgtlLFoQE28afWk2YThaH2EaPX4QMGQKVD8TAht6HmI7LwEUNREmdQszECQLPBQVGWk0Km87ARQ1DgRAEhsTI1QTBxledR02YDtkMjoNKQcONyBIWSk9OR4OPRoRNHArYTg5UBg
Frame ID: 8A0CB80C497B498EB146B3FFFCE829F2
Requests: 2 HTTP requests in this frame

Frame: https://dgmaplain.club/amNXbVQLATQAawteNUshGA9qSGYsRmUrMAcOLQYyDltlGjUTDXkOOAUWMwsmBQ0jQzoPF3JfEl4xElgQPFMOAx05Uy8IACsNHV8kT1EVDgxbUA1eFgMpEyxgIScFFx8DABYuBxklEwpsOwITDiAjDTtIZig5Ax46IQo7SGYoAAQgJSY7YgANKTYmJAMaGg4HJwMCPh4mJCA4Wh8DNSUOBiwZNgNhBzkPNyclMDhYHQMQYiAcIFMzLhVZADk/ZAxQGVgwByVuLAwgUzMpPxssDy8jC1AWOw1ZOXJfFiVRERQ2PRcvNy0JUwcEbBMuBCgnISdjFA0yFBE0OjwZDiV5KAsOXg5PURUMLh0WGi4ZHAA5PBwLUBEDHwNTOyc6IFMzLj8HLRRdJjBRDQEwAwA6IAANER46IBImD1QtMysZWDcEKWMJZwYaNDogEjktODghIB4BGFglby8DIFI0XxYdOgAsLAkUcQcnBQ0nUD0aJRoIEjMqAw
Frame ID: F66F7465BDF521E8538BBBC964FA538E
Requests: 2 HTTP requests in this frame

Frame: https://dgmaplain.club/YUw4akQALlsHewBxWkwxEyAFT3YnaQosIAwhQgEiBXQKHSUYIhYJKA45XAw2DiJMRCoEOB1YAjAdVg4zMCFTAgMjeFM8LjgpfiJ9MygIOAECIAEBDDABTCg+Kwd2HTQ4D208BysddTsAFi9LJ3YwCHsDHjQvVC8nKDtbBhcNFVYoPScHaT0VKAZQPAoFJwBZAgp8TiguBilwKXAoFgg/dgV8XBMRCgZBOxA0KXADHSYCaTgSAgpTGQVQGk89HC8EYAQOLC9sPBICClNbDAl5CDITBQl1ByADL19TAwUnegQWNA1SLRAoLn4+ESwFeh0eLydAHQk0YW4SHAw0fTgpBS5bBnwDB1BaMiZ9bh0PDCh+OwdVDXM4DjcvfgEoJCR1GgYMOGs7KigHcw0RBwBPEiozGGJdHFM0cDIqOypcLwoEKFQSKjMZeRIHIh1vKy0VAVsuAicvbl83MwliAQwpdB4ANw4iSFcDKX1zWHYGJmoSMw8W
Frame ID: F96C9CB29450BD2A02C60E7EEC70DED6
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: 9DC85FC35B333727F31FCFB4D4E45AEF
Requests: 9 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 58AC9C50FB1D3C828E5F128B2DF8CA81
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 1536133F9F23DF8D0C3BCE9271F8BF42
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D1%26key%3D
Frame ID: A62FF6EC6210F9C308457D3CA24F3348
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D42%26key%3D&s=190719&C=1
Frame ID: 56157056C06CC1227CC2B6EB3E74B242
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: 0704F2D4E2B0156A1C0D060173C4FC84
Requests: 3 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=&3pid=1638866230583-954080010883-008696-015-001488&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D18%26key%3D%5BSOVRNID%5D
Frame ID: D6325486D92EE6B4876B900304350948
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: 8632ED05367F86C6FB9B522DECE37E0E
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: 384332E1F9CB034CCA2EA6A1991BDD88
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: E7662AC47AFD04C04E78D7763F7B30F8
Requests: 27 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: 4CB120DFD0A9B043291787BB46B9005A
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: 05D90C3E59FE51652EB6FE460BCE2F5E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 126976E6149B30E22CC9F5AECEC37356
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FBD811B8EFB9163007F722D39C98BD4A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 65A16993F78A08374C86621D8F4EE125
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CBAC13781B77603CEC8F7F0A8AA9750F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 18C798B9A4E26396573DC99BD0D8C1AF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: 14DD90555EF9B60658D7E80FE400BA19
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E44BA9A5D1E61CD2666F69E86DCEDEB8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: A7F85BDE66508633A47329A27B74CE0E
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: 4E5CAD4DB4B5E42A9D19AF02AD94B687
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1303C0E2B9D945B483F6D023952D940B
Requests: 1 HTTP requests in this frame

Frame: https://img.cdn.house/img.php?v=2&id=eyJpY29uIjoiNjFhZGQzMTRkZDM1Zi5wbmciLCJ1aWQiOjU0MDIsImNpZCI6NjI2MjkyLCJvcyI6MTQsImJyb3dzZXIiOjE4LCJjb3VudHJ5Ijo1Niwib3BlcmF0b3IiOjk5OTksInN1YkFjYyI6NjE4NjAwMzQsInN1YklkIjowLCJhZHZUeXBlIjowLCJ0cmFmZmljQ2hhbm5lbCI6Mn0=
Frame ID: 90A62713F2727482A92349205789D8D0
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: 2062B614A5BFBFC96439BD0185697414
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CE6BAFF5E05EFF52147D1C15432B7BD4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

#bodybuilders in street clothes | Explore Tumblr Posts and Blogs | TumgirFacebookTwitterPrintEmailAddThisFacebookTwitterPrintEmailAddThis

Page Statistics

252
Requests

94 %
HTTPS

38 %
IPv6

39
Domains

69
Subdomains

57
IPs

4
Countries

11499 kB
Transfer

20497 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 113

https://api.tumblr.com/v2/blog/tokyogems.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/e78cf7e37e31e18a594518f1564e3bd5/3cad3bbfce6bad19-b6/s128x128u_c1/74db195f579f787102f10d49b73a2668ddd23fca.jpg

Request Chain 114

https://api.tumblr.com/v2/blog/walking-geema.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_239966e78ef2_128.png

Request Chain 115

https://api.tumblr.com/v2/blog/tru-makes-quilts.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/846c9784ade78525020896a9ef9ec367/d93f7a14f2800149-17/s128x128u_c1/23449c0b6ffc1166a42187d0ea05b53f3d281f93.jpg

Request Chain 116

https://api.tumblr.com/v2/blog/curiouscatalog.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/avatar_205684dff418_128.png

Request Chain 117

https://api.tumblr.com/v2/blog/gradienty.tumblr.com/avatar/128 HTTP 302
https://64.media.tumblr.com/63968a5de9b97647f350bb4e12960f18/e557feb8eb083b27-7f/s128x128u_c1/c95f4c71d9fca59133f37d3fc118b75c45098cab.png

Request Chain 141

https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D42%26key%3D HTTP 302
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D42%26key%3D&s=190719&C=1

Request Chain 142

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ya8dNi_IK4sLNSh0ajsjpQAABJYAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Ya8dNi_IK4sLNSh0ajsjpQAABJYAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAZYy-An6iM2jxhUhmFBNcI&google_cver=1

Request Chain 158

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ya8dNi_IK4sLNSh0ajsjpQAABJYAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ya8dNi_IK4sLNSh0ajsjpQAABJYAAAAB&dcc=t

Request Chain 160

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ya8dNi-IK4sLNSh0ajsjpQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4IcSAsGzkVthqBKDIeO8U&google_cver=1&gdpr=1

Request Chain 164

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1641458231

Request Chain 204

https://gcdn.2mdn.net/videoplayback/id/d777e158b7a17cd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1670402232/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/8DCA01DAF7424A9BA558E8922AE6A9C09853FE36.4A4E62E811108BDB59B966A9D985E2993ED89841/key/ck2/file/file.mp4?cpn=-xP5r8RBHIHweki5 HTTP 302
https://r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/d777e158b7a17cd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1670402232/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/28B822FC6CAB1C5CCBBE2C13EDEC9202439E8C00.0C0AB700CA2EC90CDD0F539822D0681B4C12DDE4/key/cms1/cms_redirect/yes/mh/_b/mip/2a0f:9441:5:0:e5::1/mm/42/mn/sn-4g5ednds/ms/onc/mt/1638865142/mv/u/mvi/2/pl/48?cpn=-xP5r8RBHIHweki5&file=file.mp4

Request Chain 210

https://ad.doubleclick.net/ddm/trackimp/N947918.279382DBMFACEBOOKINC-GB/B26669393.318110559;dc_trk_aid=510889360;dc_trk_cid=160209688;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N947918.279382DBMFACEBOOKINC-GB/B26669393.318110559;dc_pre=CLiWi72k0fQCFdHouwgdPnkIYA;dc_trk_aid=510889360;dc_trk_cid=160209688;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

252 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request bodybuilders%20in%20street%20clothes Show response
www.tumgir.com/tag/ 376 KB
129 KB 837ms
651ms Document
text/html 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Next.js
Resource Hash: 66a34432227b1ff41f4b319f0b6490b1590dd51d42fdcdac4c1682bed282ef21

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 Dec 2021 08:37:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Next.js
ETag: "5e12d-bDR9XGXg1anznUsrEO9fGXuIBls"
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 43ms
20ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134279593-1

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8a19a2d30a95f39fb4a88bf48d8b9ab1e07f8488513cd3ce1ef0a0259a0c156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36177
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 08:37:08 GMT

GET
H/1.1 200
OK e3b772f2bb392641.css
www.tumgir.com/_next/static/css/ 13 KB
4 KB 322ms
118ms Stylesheet
text/css 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/css/e3b772f2bb392641.css
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 83bf5b98721ba135b243f64ed9a99f35f744a2378380b77461506cf9e755dad2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 21:53:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"35d4-17d2fe39f76"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK webpack-514908bffb652963.js Show response
www.tumgir.com/_next/static/chunks/ 1 KB
1 KB 326ms
116ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/webpack-514908bffb652963.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 88b7b60abfbcd15997d22d2839830aa4593142a21fc2b7be01f6896ac3d27310

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 21:50:59 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"5c0-17d2fe1b16c"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK framework-91d7f78b5b4003c8.js Show response
www.tumgir.com/_next/static/chunks/ 127 KB
42 KB 442ms
232ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/framework-91d7f78b5b4003c8.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 01:43:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1fc6a-17d26697e3b"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK main-6099a486a931d74e.js Show response
www.tumgir.com/_next/static/chunks/ 95 KB
28 KB 453ms
242ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 473139c85473daa13724d7c0c9a99ed3cc7ba671cb59fc71e9ad7fef8a0fb0ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 01:44:49 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"17c94-17d266b0ccf"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK _app-ec7224a5f47129d4.js Show response
www.tumgir.com/_next/static/chunks/pages/ 43 KB
12 KB 455ms
241ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/_app-ec7224a5f47129d4.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d41b4df437b5651c44f2373bcf30cb9926215a7927dfde6ff1576e8dccd9ebc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Nov 2021 21:22:44 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"abe3-17d49879e5b"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK %5Bname%5D-9bec5972e1a21e13.js Show response
www.tumgir.com/_next/static/chunks/pages/tag/ 3 KB
2 KB 378ms
123ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/tag/%5Bname%5D-9bec5972e1a21e13.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d7392e0bc0b6ceca61f2efe0cad9ec6e4f09b30901a18378a0b782c66f386ada

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 21:51:42 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"c6f-17d2fe258ee"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK _buildManifest.js Show response
www.tumgir.com/_next/static/0f4f4941fdbd91c5aa5063ee1cc651052f1cdee9/ 765 B
1 KB 149ms
149ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/0f4f4941fdbd91c5aa5063ee1cc651052f1cdee9/_buildManifest.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f6eb9373a823e0cadc07731b17f6a98f1e0320c9af119920033d705603e464d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:09 GMT
Last-Modified: Mon, 22 Nov 2021 21:23:05 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"2fd-17d4987f068"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 765

GET
H/1.1 200
OK _ssgManifest.js Show response
www.tumgir.com/_next/static/0f4f4941fdbd91c5aa5063ee1cc651052f1cdee9/ 77 B
451 B 149ms
149ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/0f4f4941fdbd91c5aa5063ee1cc651052f1cdee9/_ssgManifest.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:09 GMT
Last-Modified: Mon, 22 Nov 2021 21:23:55 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"4d-17d4988b45b"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77

GET
H/1.1 200
OK _middlewareManifest.js Show response
www.tumgir.com/_next/static/0f4f4941fdbd91c5aa5063ee1cc651052f1cdee9/ 92 B
466 B 120ms
119ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/0f4f4941fdbd91c5aa5063ee1cc651052f1cdee9/_middlewareManifest.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:09 GMT
Last-Modified: Mon, 22 Nov 2021 21:23:01 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"5c-17d4987dfda"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 92

GET
H2 200 tumblr_pfz3tyAIi91tagvggo1_r1_540.png
64.media.tumblr.com/4428b5eb7442f26404e2b8f1d9a5bbed/ 454 KB
454 KB 39ms
21ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/4428b5eb7442f26404e2b8f1d9a5bbed/tumblr_pfz3tyAIi91tagvggo1_r1_540.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

60f66ff79d0cadc4aae260df4515924c5712757b759f660de5e0598029925481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Sun, 13 Dec 2020 10:42:41 GMT
server: nginx
x-frames: 1
etag: "4428b5eb7442f26404e2b8f1d9a5bbed-1498089600-191451c"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 464771

GET
H2 200 tumblr_pfz3tyAIi91tagvggo2_r1_540.png
64.media.tumblr.com/56c8c23a703059d4107df5b6f1687e96/ 123 KB
123 KB 27ms
9ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/56c8c23a703059d4107df5b6f1687e96/tumblr_pfz3tyAIi91tagvggo2_r1_540.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

dd9a4af9b79e6a7e20fe40bdf2ebff93b829fbceba33abc76f3fcb0cbb0a9083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Sun, 13 Dec 2020 10:24:43 GMT
server: nginx
x-frames: 1
etag: "56c8c23a703059d4107df5b6f1687e96-1498089600-0b5eada"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 125891

GET
H2 200 tumblr_pfz3tyAIi91tagvggo3_r1_540.png
64.media.tumblr.com/a6e502b397bee1f2ff99c751bdd6cbe7/ 78 KB
78 KB 39ms
21ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/a6e502b397bee1f2ff99c751bdd6cbe7/tumblr_pfz3tyAIi91tagvggo3_r1_540.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

db80ed2cc8a62558bb3759cd3be2a90690d504ea9a55344c012e3041ac9b6ab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Fri, 11 Dec 2020 21:49:59 GMT
server: nginx
x-frames: 1
etag: "a6e502b397bee1f2ff99c751bdd6cbe7-1498089600-6f3a449"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 79587

GET
H2 200 tumblr_pfz3tyAIi91tagvggo4_r1_540.png
64.media.tumblr.com/5dafa119efe530d7c9c63d33b7144fe8/ 272 KB
272 KB 27ms
9ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/5dafa119efe530d7c9c63d33b7144fe8/tumblr_pfz3tyAIi91tagvggo4_r1_540.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

677bd36bb82a28d9a189c121c93dfab9f5d151d670e5695d90f96e35ed713e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Thu, 10 Dec 2020 16:55:58 GMT
server: nginx
x-frames: 1
etag: "5dafa119efe530d7c9c63d33b7144fe8-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 278256

GET
H2 200 tumblr_pfz3tyAIi91tagvggo5_r1_540.png
64.media.tumblr.com/aef055b30142985e39e033a2eb5d39dd/ 112 KB
113 KB 80ms
78ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/aef055b30142985e39e033a2eb5d39dd/tumblr_pfz3tyAIi91tagvggo5_r1_540.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

11cf4254b119227028458bf86875364956cd47ede046bce1aedf40ad57cdb9ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Fri, 11 Dec 2020 12:38:42 GMT
server: nginx
x-frames: 1
etag: "aef055b30142985e39e033a2eb5d39dd-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 115053

GET
H2 200 tumblr_pfz3tyAIi91tagvggo6_r1_540.png
64.media.tumblr.com/55d9b24871e60dee3149b0de3aa548d0/ 114 KB
114 KB 80ms
79ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/55d9b24871e60dee3149b0de3aa548d0/tumblr_pfz3tyAIi91tagvggo6_r1_540.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ca2e426d8dddb23a5a9781c40d19121c23db9de10a0f50a44fd8112f0b62ac9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Wed, 16 Dec 2020 01:15:39 GMT
server: nginx
x-frames: 1
etag: "55d9b24871e60dee3149b0de3aa548d0-1498089600-6f3a449"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 116544

GET
H2 200 tumblr_pfz3tyAIi91tagvggo7_r1_540.png
64.media.tumblr.com/c2b348d776a6dc6de64b52f3b9741c43/ 144 KB
145 KB 109ms
108ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/c2b348d776a6dc6de64b52f3b9741c43/tumblr_pfz3tyAIi91tagvggo7_r1_540.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ee3d842cb2faf63bd4b1de8afa5db4ccf0b7398fc77b59578dde2488289b0180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Sun, 13 Dec 2020 22:58:24 GMT
server: nginx
x-frames: 1
etag: "c2b348d776a6dc6de64b52f3b9741c43-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 147943

GET
H2 200 tumblr_pfz3tyAIi91tagvggo8_r1_540.png
64.media.tumblr.com/2cdbb1d519a7f1b6f23a9ce585684c1d/ 118 KB
118 KB 80ms
79ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/2cdbb1d519a7f1b6f23a9ce585684c1d/tumblr_pfz3tyAIi91tagvggo8_r1_540.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6b200cf45f7191ebf219089ede9aae770a265617b6b5aca30e70c2173eae9718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Sun, 13 Dec 2020 10:24:43 GMT
server: nginx
x-frames: 1
etag: "2cdbb1d519a7f1b6f23a9ce585684c1d-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 121020

GET
H2 200 tumblr_pfz3tyAIi91tagvggo9_r1_540.png
64.media.tumblr.com/324f98dc775fa7ffd6770975b521b5f1/ 72 KB
72 KB 155ms
154ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/324f98dc775fa7ffd6770975b521b5f1/tumblr_pfz3tyAIi91tagvggo9_r1_540.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8235b90c6b8459347fcbcb1d5ae3044115e5c02abb2dda0b5dbe950b48d64cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Sun, 13 Dec 2020 22:58:26 GMT
server: nginx
x-frames: 1
etag: "324f98dc775fa7ffd6770975b521b5f1-1498089600-0b5eada"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 73540

GET
H2 200 tumblr_pfz3tyAIi91tagvggo10_r1_540.png
64.media.tumblr.com/b8c303b75512711b4fbf86f77ee15cbc/ 89 KB
89 KB 155ms
154ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/b8c303b75512711b4fbf86f77ee15cbc/tumblr_pfz3tyAIi91tagvggo10_r1_540.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

394ddf9d52192abd51cceb5730108e9b5dc715b8c6d08a0d8abe94762ed395aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Sat, 12 Dec 2020 19:54:39 GMT
server: nginx
x-frames: 1
etag: "b8c303b75512711b4fbf86f77ee15cbc-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 91052

GET
H2 200 dd36a4aa3794db03f9070d0690ad365f68c8e149.jpg
64.media.tumblr.com/598bb8181c7663498a45af622b1ecb91/229c1716adb103d6-86/s540x810/ 48 KB
48 KB 131ms
130ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/598bb8181c7663498a45af622b1ecb91/229c1716adb103d6-86/s540x810/dd36a4aa3794db03f9070d0690ad365f68c8e149.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b40fa874a033e49ba4cdb2698e8a0140c4f04e4993f5ff46c49835dcd8195d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Sat, 12 Dec 2020 09:26:52 GMT
server: nginx
x-frames: 1
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_598bb8181c7663498a45af622b1ecb91_dd36a4aa_540.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 49202

GET
H2 200 8cb0f2324b8cbf1b343f8a02efaddf1dd0a68d41.jpg
64.media.tumblr.com/10d68480d97a1b2be76852338a9cb473/229c1716adb103d6-d3/s540x810/ 62 KB
62 KB 83ms
82ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/10d68480d97a1b2be76852338a9cb473/229c1716adb103d6-d3/s540x810/8cb0f2324b8cbf1b343f8a02efaddf1dd0a68d41.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ca02673228be32bc38105f3255c4356477afcb7210a0c7797b790d10757a8a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Mon, 14 Dec 2020 01:34:06 GMT
server: nginx
x-frames: 1
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_10d68480d97a1b2be76852338a9cb473_8cb0f232_540.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 63054

GET
H2 200 2e8587ec2e7d94d76a784c82cb3a3545992da13e.gifv
64.media.tumblr.com/91d98ac7db46a23097e353f82bb79098/77b643118a676058-04/s400x600/ 946 KB
947 KB 142ms
142ms Image
image/webp 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/91d98ac7db46a23097e353f82bb79098/77b643118a676058-04/s400x600/2e8587ec2e7d94d76a784c82cb3a3545992da13e.gifv

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c9ab31533bc30c9fb9eb7fb85ea16b1d8ad44f758dc0aa421a4c87ddfe537984

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:08 GMT
vary: Accept
content-disposition: inline; filename="tumblr_91d98ac7db46a23097e353f82bb79098_2e8587ec_400.webp"
strict-transport-security: max-age=31536000; preload
content-length: 968500
x-nc: HIT hhn 3
last-modified: Sun, 29 Mar 2020 17:13:28 GMT
server: nginx
etag: "e2ab13737954251ee91b7bdfcb440e9b-1523937600-0b5eada"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 86ms
24ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134279593-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3726
date: Tue, 07 Dec 2021 07:35:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 09:35:03 GMT

GET
H2 200 tumblr_pig4cyNQsE1tagvggo1_540.jpg
64.media.tumblr.com/4f69b271a180137c00100f37884f83dd/ 40 KB
40 KB 351ms
351ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/4f69b271a180137c00100f37884f83dd/tumblr_pig4cyNQsE1tagvggo1_540.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6403b55fbcc31374203db19d4f0ef96b7bd90553f14598ae280d820655614db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: MISS hhn 2
date: Tue, 07 Dec 2021 08:37:09 GMT
last-modified: Tue, 15 Dec 2020 22:56:47 GMT
server: nginx
x-frames: 1
etag: "72f2797260b1c4aa644c37c9a8353953-1498089600-577bc15"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 40587

GET
H2 200 1ac98778d3cf6953c2ccad74632c5e7c57ab8422.png
64.media.tumblr.com/7d1ede74b56c6651c07930467f7c3377/0f8943c9655a8750-26/s400x600/ 196 KB
197 KB 178ms
178ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/7d1ede74b56c6651c07930467f7c3377/0f8943c9655a8750-26/s400x600/1ac98778d3cf6953c2ccad74632c5e7c57ab8422.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0c8ee899acc9664a47e59d51cfbbeabf4862f14fc77e8c3968a0357285966292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Tue, 09 Feb 2021 20:23:35 GMT
server: nginx
x-frames: 1
etag: "d534fd559be64a136bf20176780358db-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_7d1ede74b56c6651c07930467f7c3377_1ac98778_400.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 201094

GET
H2 200 a162d647ae94fa3ac50eb52688e47ef25c06ef4d.jpg
64.media.tumblr.com/39118e1082b2f75b52fc8fa967dab069/0f8943c9655a8750-73/s540x810/ 10 KB
10 KB 350ms
350ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/39118e1082b2f75b52fc8fa967dab069/0f8943c9655a8750-73/s540x810/a162d647ae94fa3ac50eb52688e47ef25c06ef4d.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b6fd174ccdb628c214c6c36c6acb44b9265303140dd1106354ab611de4b7c425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: MISS hhn 4
date: Tue, 07 Dec 2021 08:37:09 GMT
last-modified: Tue, 09 Feb 2021 20:24:48 GMT
server: nginx
x-frames: 1
etag: "f15dd4f83eba5edb46b241a65b125f07-1498089600-577bc15"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_39118e1082b2f75b52fc8fa967dab069_a162d647_540.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 10354

GET
H2 200 d88f16d226bc5ffccda8c3a82321d21da11cb768.png
64.media.tumblr.com/5d4e21e5452ce401c71e970e2a212d7a/b80850d0ac8658a9-c8/s500x750/ 337 KB
337 KB 175ms
174ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/5d4e21e5452ce401c71e970e2a212d7a/b80850d0ac8658a9-c8/s500x750/d88f16d226bc5ffccda8c3a82321d21da11cb768.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1cbd5b2d9b9ed23c65355015dba8b310e3e9139c9017f571da039252ee6f6212

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Fri, 11 Dec 2020 00:35:59 GMT
server: nginx
x-frames: 1
etag: "7835a5635bff7db052d5ce8ed098a0aa-1498089600-66c08dc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_5d4e21e5452ce401c71e970e2a212d7a_d88f16d2_500.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 344747

GET
H2 200 6cf93bc30509dd90fd04b8793d9386b2deb23ecd.png
64.media.tumblr.com/42956b474d74856bd57b8477a7364179/b80850d0ac8658a9-79/s540x810/ 350 KB
351 KB 174ms
173ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/42956b474d74856bd57b8477a7364179/b80850d0ac8658a9-79/s540x810/6cf93bc30509dd90fd04b8793d9386b2deb23ecd.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f9b2c3e3c47fbfb98f792ac26492a19242bd400756a355bc1748264604adda58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Sat, 12 Dec 2020 06:10:36 GMT
server: nginx
x-frames: 1
etag: "284df63e27eac4408e1b328735c6b0c7-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_42956b474d74856bd57b8477a7364179_6cf93bc3_540.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 358407

GET
H2 200 46eefb5f58e86e887721c6d487f57ec1ee84f8bc.jpg
64.media.tumblr.com/10563f8d1a7d1ad9321158ffdd6c19f6/f7f5cbe6f753dd83-6a/s540x810/ 23 KB
23 KB 174ms
173ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/10563f8d1a7d1ad9321158ffdd6c19f6/f7f5cbe6f753dd83-6a/s540x810/46eefb5f58e86e887721c6d487f57ec1ee84f8bc.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

898924cffa528dbc88634a2dc37fd765e6f9d968d96b3d02890f373cd742f5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Thu, 30 Sep 2021 17:18:29 GMT
server: nginx
x-frames: 1
etag: "9d5e333ad613aacb26b9d64635987078-1498089600-577bc15"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_10563f8d1a7d1ad9321158ffdd6c19f6_46eefb5f_540.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 23728

GET
H2 200 1c231dc7d8d183aa28a104ab7797c3f567207a5d.jpg
64.media.tumblr.com/95420f34f00b647f07b1f8f784d340ac/d8a0cac374d24159-d2/s540x810/ 53 KB
53 KB 174ms
174ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/95420f34f00b647f07b1f8f784d340ac/d8a0cac374d24159-d2/s540x810/1c231dc7d8d183aa28a104ab7797c3f567207a5d.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0e68201459707040dd6b3d187c2a10b2d5f0a357062f71e21998a11c84ef45dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Mon, 12 Apr 2021 07:53:59 GMT
server: nginx
x-frames: 1
etag: "9db0d417f0f08a5d7331b79043d6a78e-1498089600-577bc15"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_95420f34f00b647f07b1f8f784d340ac_1c231dc7_540.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 53850

GET
H2 200 88b60eec7da1f4bf6a00ca18b19ed3c4cc35cc40.jpg
64.media.tumblr.com/beba910297818c8d3ccc912aa1a8bbc9/0e7f7727b5c1b8cd-52/s540x810/ 118 KB
118 KB 174ms
174ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/beba910297818c8d3ccc912aa1a8bbc9/0e7f7727b5c1b8cd-52/s540x810/88b60eec7da1f4bf6a00ca18b19ed3c4cc35cc40.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6c78d4d42163da7aef3fce3d00f133df3af4107d9f7dc3f85dc7b8afa35a7e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Tue, 07 Dec 2021 08:37:08 GMT
last-modified: Thu, 18 Nov 2021 05:36:30 GMT
server: nginx
x-frames: 1
etag: "e0a8206784a27c82a89e810257b730df-1498089600-6f3a449"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_beba910297818c8d3ccc912aa1a8bbc9_88b60eec_540.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 120735

GET
H2 200 _bEwMNzaWVw Show response
www.youtube.com/embed/ Frame B05B 53 KB
24 KB 147ms
84ms Document
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/_bEwMNzaWVw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0332c86b12e10d7fd7c4647bcef028086fe2cfe8e29ca9c9c31b241b1fa745d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 Dec 2021 08:37:09 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 82871a833132f2bff5008f51b1232b771559db1f.jpg
64.media.tumblr.com/317a46551d871f47e010691161132127/0e7f7727b5c1b8cd-9b/s540x810/ 169 KB
170 KB 190ms
189ms Image
image/jpeg 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/317a46551d871f47e010691161132127/0e7f7727b5c1b8cd-9b/s540x810/82871a833132f2bff5008f51b1232b771559db1f.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

347c90607e898c1ff584b19fd53e7355661d378019a6c42cb56e49555a8a4c04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Tue, 07 Dec 2021 08:37:09 GMT
last-modified: Wed, 16 Dec 2020 07:45:48 GMT
server: nginx
x-frames: 1
etag: "2b752127dda9bcb2c5cbebf8f61c9fb3-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_317a46551d871f47e010691161132127_82871a83_540.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 173293

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 232ms
39ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Tue, 07 Dec 2021 08:37:09 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK sw.js Show response
www.tumgir.com/ 100 KB
38 KB 124ms
123ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/sw.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8c382d76b7f3c936b789e587ff26a8383cb504a1b7c7f6183f80a45d2a464c9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:59:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"190ed-17b08a9c319"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 / Show response
d18g6t7whf8ejf.cloudfront.net/ 248 KB
77 KB 119ms
36ms Script
text/plain 18.66.92.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-75.fra56.r.cloudfront.net
Software: /
Resource Hash: cf7d423030590331283f7500f04e2ff867a536e491ad94bd84517998d5ce8adc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 07:40:21 GMT
content-encoding: gzip
age: 3408
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop: FRA56-P2
content-length: 78608
via: 1.1 3f52d342c56014599dee37446f6c9f2f.cloudfront.net (CloudFront)
x-amz-cf-id: uvKriHns_5rbQo-DggKOWZ0cVwsuEOmko-RkESoPonpy6EuQDOVrww==

GET
H2 200 / Show response
dmmzkfd82wayn.cloudfront.net/ 286 KB
95 KB 120ms
35ms Script
text/plain 2600:9000:223e:4e00:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:4e00:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0c97b928a706496e912e3a9063270187ec27433e0e986a2ec9e055c8f21bed79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:33:11 GMT
content-encoding: gzip
age: 238
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop: FRA56-P4
content-length: 96529
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
x-amz-cf-id: dNc-V_y2IF8Xh8Qyqjz8lsJ4QRlTKGYEEqWMqqTqdMrWbxzHozhwVw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 38ms
38ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=574841065&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&ul=en-us&de=UTF-8&dt=%23bodybuilders%20in%20street%20clothes%20%7C%20Explore%20Tumblr%20Posts%20and%20Blogs%20%7C%20Tumgir&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=690436603&gjid=1026606444&cid=680246704.1638866229&tid=UA-134279593-1&_gid=2116556345.1638866229&_r=1&gtm=2ouc10&z=1705850432

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/0c96dfd3/ Frame B05B 336 KB
46 KB 32ms
32ms Stylesheet
text/css 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c96dfd3/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_bEwMNzaWVw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6ec215ae1f79058f76e3ac67a8637b37baadf10dabcd5450b0cc8d0fa97934a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_bEwMNzaWVw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 15:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60729
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47257
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 01:13:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Dec 2022 15:45:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B05B 15 KB
16 KB 110ms
35ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_bEwMNzaWVw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 574228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 17:06:41 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/0c96dfd3/www-embed-player.vflset/ Frame B05B 219 KB
72 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c96dfd3/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_bEwMNzaWVw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5498bc67ac496a3fc5af517d67021c41a5c96115e91bf953fc4d3e754b41ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_bEwMNzaWVw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 15:44:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60771
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73167
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 01:13:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Dec 2022 15:44:18 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/0c96dfd3/player_ias.vflset/de_DE/ Frame B05B 2 MB
524 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c96dfd3/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_bEwMNzaWVw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

701197b0b745d493f2433cb70b0aba2915fb9b7232131f47b5aa32dda4feb554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_bEwMNzaWVw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 15:44:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 536672
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 01:13:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Dec 2022 15:44:59 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/0c96dfd3/fetch-polyfill.vflset/ Frame B05B 8 KB
3 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c96dfd3/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_bEwMNzaWVw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_bEwMNzaWVw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 15:44:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 01:13:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Dec 2022 15:44:18 GMT

GET
H2 204 utx Show response
dgmaplain.club/ 0
490 B 244ms
119ms XHR
text/plain 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgmaplain.club/utx?cb=UNCBY7NV1bDA&top=www.tumgir.com&tid=852974
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:09 GMT
via: 1.1 da392114e7046bd9720a70f40c796f63.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: rjLopqC72T_lmVXVLgqDjT5JawmMckzl1dR4MY7folxh3ZhkyunijQ==

GET
H2 200 PAQPDB8sPzwJLAMGGm0cGTsvTzQgAiUIDj4eGV88Lho7eT0nOhZQAiQrf3YMLgk0TzwuGQtrHDgiAgg3OxEEWzQoPzhBBFsdDXAPK3xqUhYGJjwFMAIKBUgUAioYeVc Show response
dgmaplain.club/OGVpSExZBwolc1lYC245SglUbX5+QFsOKAldDn44DxIBLnRdDw9mL1QKHCwqSgoHPGJWAB1tfn4iJyIkfjc/EhpuHBoiLW0vOwEUUBAoPzwABgQBHW0PMDkDfTwvDQ8MMA94KwgpAxolXT0NIgVTHQotBG4SPiQnSiwEOx1gNholLU8GDAIPfV... Frame 8F10 3 KB
2 KB 226ms
117ms Document
text/html 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgmaplain.club/OGVpSExZBwolc1lYC245SglUbX5+QFsOKAldDn44DxIBLnRdDw9mL1QKHCwqSgoHPGJWAB1tfn4iJyIkfjc/EhpuHBoiLW0vOwEUUBAoPzwABgQBHW0PMDkDfTwvDQ8MMA94KwgpAxolXT0NIgVTHQotBG4SPiQnSiwEOx1gNholLU8GDAIPfVUqPzRSKDoSFm1WDj8Dfi8NATVPUTx5NFIoLSsAbjYGbX5+NVg4GXIiKyMveVQbLBR1ICoPfEE1WCAvcw8gJAlPFVgDNXExKiYaCD8BLwVhLTAdCU8VWAUmATwtJgpfPzEZKFxWPD0NeR0aEQtpIj4cYW1UJiQCaCwqK3VgVREvKEAkLQt/chczGQ1cAVoeaQonMR4NQC4tJxh7AjMvFnk/PAQPDB8sPzwJLAMGGm0cGTsvTzQgAiUIDj4eGV88Lho7eT0nOhZQAiQrf3YMLgk0TzwuGQtrHDgiAgg3OxEEWzQoPzhBBFsdDXAPK3xqUhYGJjwFMAIKBUgUAioYeVc
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 3d4e27c191d9de1ccec1510dc06f5f736daa5578117f1a863bad688c6f88a332

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

content-type: text/html
content-length: 1230
date: Tue, 07 Dec 2021 08:37:09 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 da392114e7046bd9720a70f40c796f63.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: qRbYPrc33gJ0Vn4eC574E9l-PybrmiLaMjUKSngxpeeN3IRKEncu2g==

GET
H2 204 utx Show response
dgmaplain.club/ 0
490 B 223ms
118ms XHR
text/plain 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgmaplain.club/utx?cb=pKyRwzZCiUJ6&top=www.tumgir.com&tid=853405
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:09 GMT
via: 1.1 da392114e7046bd9720a70f40c796f63.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: I3o1LWcV2qMixra4z72yIvQ2Pot9VhKIwdDb-ZA1ENSP9AqTNOEuDw==

GET
H2 200 AiVWEjYHNhwXKActDF80DTddQxwtJi00bjkWKRAWBBoWFC1YLCA5IlAXMDgXCxs+FxFYMA06PQR7HBsDUAYrHW8kOjkTFw93KjgOUC0wGw9NcTo5Ah8KIgg9MQ9JSGIxKw8HDVs7SSkjKiAxQjYmGUgGIiM7MkkPAhoVNzA+FjYbLQ0KOkVqIhYpAgwSMAw3CVkZI... Show response
dgmaplain.club/WmhDeHE7CiAVTjtVIV4EKAR+XUMcTXE+FWtQJE4FbR8rHkk/ Frame 72DD 3 KB
2 KB 215ms
118ms Document
text/html 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgmaplain.club/WmhDeHE7CiAVTjtVIV4EKAR+XUMcTXE+FWtQJE4FbR8rHkk/AiVWEjYHNhwXKActDF80DTddQxwtJi00bjkWKRAWBBoWFC1YLCA5IlAXMDgXCxs+FxFYMA06PQR7HBsDUAYrHW8kOjkTFw93KjgOUC0wGw9NcTo5Ah8KIgg9MQ9JSGIxKw8HDVs7SSkjKiAxQjYmGUgGIiM7MkkPAhoVNzA+FjYbLQ0KOkVqIhYpAgwSMAw3CVkZIjkDTXE+FRgyOyEkLhAGPCguLjouKRQCJxsSLQ81NTciEgAwM2o+cD0VOQ8ZGxItD3E0Iz5bBz8jaSdxKTo5PDsoFQhFBRMVMQMkKzUfBws8Kz4hOkAgFDpyAjAxEDo8Q2NbF0ogEQsUDyIRPTQLOhwQOR1DCFoQK0AIIyo+EjkfJBU4CAcyLkMyABBLNzgjFyEmFi5yExUwUXc8HGNYFUskFQxwOik+OXITFTEDOi8iOQQAARY+CzQyPDkPeg4ValEtLCktTikLHjQYfjYGIgArOR8+CjBOIT8uJQ
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: b93b39fd383144ab623ad11cc218b165dc254b3df285252cf87a52e7faff05b3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

content-type: text/html
content-length: 1239
date: Tue, 07 Dec 2021 08:37:09 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 da392114e7046bd9720a70f40c796f63.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: MTOySO3Efb3TGLt4PvDh1CzId4Zzy_-k0X2F3XisLI6YATZG2gCODQ==

GET
H2 204 WU9Aano
uknsyenerg.co/a3ZxU01ESRIgcD8dHQUCPyRGNX8qPDULJVIvICAKDS4zOw46L1cnJA9LSWZ/UkFFdT0CEkxgf00FBTI5HgVMYmsCGBc8cE0ATGNjU1hHfX1NA0xiax8GEDRwWlABJzkHS0BlflNOR2V/ 0
254 B 216ms
132ms Image
text/plain 2606:4700:3034::ac43:8a89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uknsyenerg.co/a3ZxU01ESRIgcD8dHQUCPyRGNX8qPDULJVIvICAKDS4zOw46L1cnJA9LSWZ/UkFFdT0CEkxgf00FBTI5HgVMYmsCGBc8cE0ATGNjU1hHfX1NA0xiax8GEDRwWlABJzkHS0BlflNOR2V/WU9Aano
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8a89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqKkkbejFmNeHH2PUZ7TwL6jtj74%2FCB1CLNIErMzDrzbg8ZV1BmFvdtWs0fK2rk%2BbGBrB27mL2yVl4quL7Kl31xeJLB5YREaglgxfQ02BDwCFZknejz95Y%2Fz1Cd7mvhTIIe4tA4362z4NnBs"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6b9c6e2d2e574a9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 204 RXBMTXNqTy8+ThM3FiwhKT4kGDR8Qi0gORYSIh8bH0F1OBcoNWo5GiFNdHhBfEd4awMsFHF+QWMDOCwHMANxf0N1R2okHSMfcX9VM018Y0trRmJ9VTBNfWsHNRErcEJjADg5H3hBen5LfUZ6f0F8QXV0
uknsyenerg.co/ 0
526 B 215ms
132ms Image
text/plain 2606:4700:3034::ac43:8a89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uknsyenerg.co/RXBMTXNqTy8+ThM3FiwhKT4kGDR8Qi0gORYSIh8bH0F1OBcoNWo5GiFNdHhBfEd4awMsFHF+QWMDOCwHMANxf0N1R2okHSMfcX9VM018Y0trRmJ9VTBNfWsHNRErcEJjADg5H3hBen5LfUZ6f0F8QXV0
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8a89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3%2B%2FmUH0FpcBG7SxkL%2BmI0NxslEH6Gr2xukltD6bhdQDIgkYOvXrsJYp9mHK34DvlVIyNktQlEvLZqH6NubbnIsoAhf7KVVe2wLaU2VEnvnHSwbW64qD1v0F5C5C6eeBSMcfINcPg09nWfd7"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6b9c6e2d3e584a9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 204 Q2FxZXBsXhIWTQwnIBwhFyQ9PAcZVDMSSS0gOSA3B1MkJxMSNFcRGSdcSVBDd1FEQwAqBUxXSWUSBQQENhJMVFYqDxcKTWUXTFRec09EUF5zRwRYQWUVAQQXflBXFQQ3DUxURnBZSVNGcVNIV0F0
uknsyenerg.co/ 0
261 B 216ms
133ms Image
text/plain 2606:4700:3034::ac43:8a89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uknsyenerg.co/Q2FxZXBsXhIWTQwnIBwhFyQ9PAcZVDMSSS0gOSA3B1MkJxMSNFcRGSdcSVBDd1FEQwAqBUxXSWUSBQQENhJMVFYqDxcKTWUXTFRec09EUF5zRwRYQWUVAQQXflBXFQQ3DUxURnBZSVNGcVNIV0F0
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8a89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4AeP3b4x48domNXy3mg7b2RSAMSLoaTqmQpFsS60JAxH2pRJ%2F1t%2BwJfzYA8jFd79gV%2BOxwz3rPpQY3V%2BNsX%2FZtz3SuRRUYjek5WIqrTYTButDKOSxr0YvlITcD%2BEYVRp6hKbjWhysSLH%2Fpz"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6b9c6e2d3e594a9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 KFOmCnqEu92Fr1Me5g.woff
fonts.gstatic.com/s/roboto/v29/ 64 KB
64 KB 52ms
51ms Font
font/woff 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Me5g.woff

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55110586d3719c3e8bdaa21f06e4cc1c0a7451abbae662344cbd4411536b585f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
Origin: https://www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 03:07:32 GMT
x-content-type-options: nosniff
age: 538177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65244
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 03:07:32 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v29/ 11 KB
11 KB 105ms
33ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a986c26c40febdfac5074b57a925fe2d7b901e75b7bcad4a19a5cbe3987b51bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumgir.com/
Origin: https://www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 09:36:36 GMT
x-content-type-options: nosniff
age: 514833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11032
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 09:36:36 GMT

GET
H2 204 utx Show response
dgmaplain.club/ 0
490 B 190ms
187ms XHR
text/plain 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgmaplain.club/utx?cb=dTr4I7HPh39A&top=www.tumgir.com&tid=921528
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:09 GMT
via: 1.1 da392114e7046bd9720a70f40c796f63.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: whsfuQcExgrJ-zENBSo0OCW3MGiYpfJQw8-pPz13eTYrJKZhalT5mg==

GET
H2 200 QxsfPgkBPgQNCWMwHzovay5iGRdqHDdlIAMRAx4FUWgIIitZA2sYNmY8GS03SRAlHh15GR8nP3cXKDUXZhACEx0WaBAdL1cwCxU8CgkaDV1qEjoYI2cpahsvWCIbDwoFDDswA1dpIgAKARBqMit9axcfCgUMOBJZYxJnBDcBHwM1OGFoGTo8Cw5gGQlqM388OX0wZ... Show response
dgmaplain.club/UlduM1ozNQ1eZTNqDBUvIDtTFmgUclx1Pj86FFg8Nm9cRDsrOUBQNj0iClUoPTkaHTQ3I0sBHBsCAnkTCDw3SwoBDi9WCQtgInUud2Uoah0cbjh7b2IYKkAQGRQkRRYrYy9wGBdiOGAxFBo/ Frame 8A0C 3 KB
2 KB 185ms
185ms Document
text/html 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgmaplain.club/UlduM1ozNQ1eZTNqDBUvIDtTFmgUclx1Pj86FFg8Nm9cRDsrOUBQNj0iClUoPTkaHTQ3I0sBHBsCAnkTCDw3SwoBDi9WCQtgInUud2Uoah0cbjh7b2IYKkAQGRQkRRYrYy9wGBdiOGAxFBo/QxsfPgkBPgQNCWMwHzovay5iGRdqHDdlIAMRAx4FUWgIIitZA2sYNmY8GS03SRAlHh15GR8nP3cXKDUXZhACEx0WaBAdL1cwCxU8CgkaDV1qEjoYI2cpahsvWCIbDwoFDDswA1dpIgAKARBqMit9axcfCgUMOBJZYxJnBDcBHwM1OGFoGTo8Cw5gGQlqM388OX0wZmQ+RBc5GDpAYgNkP2YAYSM8Uh0UPAxlCGAyBFg9Fz4dFmgQM11cNgtlLFoQE28afWk2YThaH2EaPX4QMGQKVD8TAht6HmI7LwEUNREmdQszECQLPBQVGWk0Km87ARQ1DgRAEhsTI1QTBxledR02YDtkMjoNKQcONyBIWSk9OR4OPRoRNHArYTg5UBg
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 3b8b30f4fd41a227f288e6d1c33eb5b16353901a8172964021666f547eaa134c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

content-type: text/html
content-length: 1232
date: Tue, 07 Dec 2021 08:37:09 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 da392114e7046bd9720a70f40c796f63.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: uwZAnaw6-_ukN7Xj5WHd2l3zLMdqapnoaMP1rfqZxFJ6iNb2Soo7HA==

GET
H2 200 ZAxQGVgwByVuLAwgUzMpPxssDy8jC1AWOw1ZOXJfFiVRERQ2PRcvNy0JUwcEbBMuBCgnISdjFA0yFBE0OjwZDiV5KAsOXg5PURUMLh0WGi4ZHAA5PBwLUBEDHwNTOyc6IFMzLj8HLRRdJjBRDQEwAwA6IAANER46IBImD1QtMysZWDcEKWMJZwYaNDogEjktODghI... Show response
dgmaplain.club/amNXbVQLATQAawteNUshGA9qSGYsRmUrMAcOLQYyDltlGjUTDXkOOAUWMwsmBQ0jQzoPF3JfEl4xElgQPFMOAx05Uy8IACsNHV8kT1EVDgxbUA1eFgMpEyxgIScFFx8DABYuBxklEwpsOwITDiAjDTtIZig5Ax46IQo7SGYoAAQgJSY7YgANKT... Frame F66F 3 KB
2 KB 186ms
185ms Document
text/html 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgmaplain.club/amNXbVQLATQAawteNUshGA9qSGYsRmUrMAcOLQYyDltlGjUTDXkOOAUWMwsmBQ0jQzoPF3JfEl4xElgQPFMOAx05Uy8IACsNHV8kT1EVDgxbUA1eFgMpEyxgIScFFx8DABYuBxklEwpsOwITDiAjDTtIZig5Ax46IQo7SGYoAAQgJSY7YgANKTYmJAMaGg4HJwMCPh4mJCA4Wh8DNSUOBiwZNgNhBzkPNyclMDhYHQMQYiAcIFMzLhVZADk/ZAxQGVgwByVuLAwgUzMpPxssDy8jC1AWOw1ZOXJfFiVRERQ2PRcvNy0JUwcEbBMuBCgnISdjFA0yFBE0OjwZDiV5KAsOXg5PURUMLh0WGi4ZHAA5PBwLUBEDHwNTOyc6IFMzLj8HLRRdJjBRDQEwAwA6IAANER46IBImD1QtMysZWDcEKWMJZwYaNDogEjktODghIB4BGFglby8DIFI0XxYdOgAsLAkUcQcnBQ0nUD0aJRoIEjMqAw
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 3e992d0bb8452871862bfca8a1c01993e6e73225c873025294af9b57ad2ccf7c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

content-type: text/html
content-length: 1207
date: Tue, 07 Dec 2021 08:37:09 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 da392114e7046bd9720a70f40c796f63.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: AkbcT7SgBbZq2NFu06rWfGJEixAubIZUfe5gd7nop3fPUQou6ekALQ==

GET
H2 204 utx Show response
dgmaplain.club/ 0
490 B 191ms
190ms XHR
text/plain 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgmaplain.club/utx?cb=0G6nAuxsWDf3&top=www.tumgir.com&tid=853405
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:09 GMT
via: 1.1 da392114e7046bd9720a70f40c796f63.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: U4iH-4xLpON6r7EOFOhgERL1j-rs6JyCP1UpaMVgKS_An41voox_VQ==

GET
H2 204 alAzNVBFb1BGbSUGQ3k0WTtyV2MkEWB0IBs2ZlEcKwcGEGIsAlh0dh45VwhpWGEGB2hMIFpRbVt2QEExHiVACGFMOV1TP1d2RQhhRGMHG2JefgMTJVdhFUEgCzcOBHYaJEdZbVtmAA1oXGYBB2lZYgI
uknsyenerg.co/ 0
260 B 113ms
112ms Image
text/plain 2606:4700:3034::ac43:8a89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uknsyenerg.co/alAzNVBFb1BGbSUGQ3k0WTtyV2MkEWB0IBs2ZlEcKwcGEGIsAlh0dh45VwhpWGEGB2hMIFpRbVt2QEExHiVACGFMOV1TP1d2RQhhRGMHG2JefgMTJVdhFUEgCzcOBHYaJEdZbVtmAA1oXGYBB2lZYgI
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8a89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BmMsLWGc7rbWmNlgIIY%2FGD8TeYgTLRy%2BKdzmEJ4T%2BHvfEKPfoIJHd%2BGUSNk8ZeMemMu5ihp%2BQZhdqi6I01q2L66IY2sHq43zp3bvW6H%2BZRSTqp8Dn6bF8PpSd9T7W1SegV414oClbzaRrFe"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6b9c6e2d7ecb4a9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 161ms
89ms Image
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 156ms
75ms Image
text/html 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 130ms
62ms Image
text/html 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 204 utx Show response
dgmaplain.club/ 0
491 B 207ms
206ms XHR
text/plain 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgmaplain.club/utx?cb=tYy25gKVcnrd&top=www.tumgir.com&tid=921528
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:09 GMT
via: 1.1 da392114e7046bd9720a70f40c796f63.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: aaSQHWFOoY7yAFkDX5knApjhpMXRynSIlYYC8FrLp4-344nbYpYB8w==

GET
H2 200 dgV8XBMRCgZBOxA0KXADHSYCaTgSAgpTGQVQGk89HC8EYAQOLC9sPBICClNbDAl5CDITBQl1ByADL19TAwUnegQWNA1SLRAoLn4+ESwFeh0eLydAHQk0YW4SHAw0fTgpBS5bBnwDB1BaMiZ9bh0PDCh+OwdVDXM4DjcvfgEoJCR1GgYMOGs7KigHcw0RBwBPEiozG... Show response
dgmaplain.club/YUw4akQALlsHewBxWkwxEyAFT3YnaQosIAwhQgEiBXQKHSUYIhYJKA45XAw2DiJMRCoEOB1YAjAdVg4zMCFTAgMjeFM8LjgpfiJ9MygIOAECIAEBDDABTCg+Kwd2HTQ4D208BysddTsAFi9LJ3YwCHsDHjQvVC8nKDtbBhcNFVYoPScHaT0VKA... Frame F96C 3 KB
2 KB 203ms
203ms Document
text/html 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgmaplain.club/YUw4akQALlsHewBxWkwxEyAFT3YnaQosIAwhQgEiBXQKHSUYIhYJKA45XAw2DiJMRCoEOB1YAjAdVg4zMCFTAgMjeFM8LjgpfiJ9MygIOAECIAEBDDABTCg+Kwd2HTQ4D208BysddTsAFi9LJ3YwCHsDHjQvVC8nKDtbBhcNFVYoPScHaT0VKAZQPAoFJwBZAgp8TiguBilwKXAoFgg/dgV8XBMRCgZBOxA0KXADHSYCaTgSAgpTGQVQGk89HC8EYAQOLC9sPBICClNbDAl5CDITBQl1ByADL19TAwUnegQWNA1SLRAoLn4+ESwFeh0eLydAHQk0YW4SHAw0fTgpBS5bBnwDB1BaMiZ9bh0PDCh+OwdVDXM4DjcvfgEoJCR1GgYMOGs7KigHcw0RBwBPEiozGGJdHFM0cDIqOypcLwoEKFQSKjMZeRIHIh1vKy0VAVsuAicvbl83MwliAQwpdB4ANw4iSFcDKX1zWHYGJmoSMw8W
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: f1b6ee93d65d7b713cf0cf6eaa1c5f02e8fbfac6814ca35678efdc6c87d31116

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

content-type: text/html
content-length: 1215
date: Tue, 07 Dec 2021 08:37:09 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 da392114e7046bd9720a70f40c796f63.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: kaFdB5BSbTbX5xUDFEj7duCeTVD9QF8LQXDddOh0YJCwL8L396QUnA==

GET
H2 204 utx Show response
dgmaplain.club/ 0
489 B 201ms
200ms XHR
text/plain 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgmaplain.club/utx?cb=hcItzlfmFbuj&top=www.tumgir.com&tid=853405
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:09 GMT
via: 1.1 da392114e7046bd9720a70f40c796f63.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: HuKMQ3wtw9jegr2t8kL2Z9F5HsrERv0FRoglFdEim2V6dLrzl8_PRg==

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame B05B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

29ms
14ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_bEwMNzaWVw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ff34b121d6c1fa4b24f29946b90c06b78c3caaa4651aec7a4d881c3cf0c6f87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 07 Dec 2021 08:37:09 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame B05B 29 B
588 B 27ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c96dfd3/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:27:28 GMT
x-content-type-options: nosniff
age: 581
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Dec 2021 08:42:28 GMT

GET
H2 200 / Show response
freychang.fun/ 15 B
718 B 122ms
106ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/?f=42a5f2350406b5b34afe49ff517ecb3b
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0998d576612a64fe9a9fdcc255988c0793221ef6b54254a8ce46275bcad889a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9kqAwOfPJMwWGKe4gLSPNtQMSSrwX0Z9VsFjg9txsg7CEKmbF2mEalI27WRSGUsXzV2s8vInurobD0FmPHV9JTidDO0YIJk8dwglEsEeygNAi8E1hCpwzKaZieBKFDhUh9HgJoVMaWchCtc"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6b9c6e2ffdf64eaa-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 38ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:09 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=6745
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 / Show response
freychang.fun/ 16 B
329 B 122ms
121ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/?f=42a5f2350406b5b34afe49ff517ecb3b
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 095cee6dc55f1d1833be98903191ee38cc34be3df1c45fb859fba0018479125a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntzBYCeozf6j0WjeviiRq0OzPnpe3bdmJTRfuIfibylK%2B1Oah%2FOrWl%2FN4AOcH1Guq4aSMoH6hxo4tv8tEgAX3v53wzRETCKLQ3TiF8z9rCeV0iz%2BeZrsRcVeMIic5jIj5l0g3epddNinNeBk"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6b9c6e305e854eaa-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame B05B 0
19 B 15ms
14ms Ping
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=8xRS0YBky3qH0ArE&el=embedded&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24078603%2C24080738%2C24082662%2C24115508%2C24129402%2C24129451%2C24141079%2C24143292&cl=414315313&seq=1&event=streamingstats&docid=_bEwMNzaWVw&cbr=Chrome&cbrver=96.0.4664.45&c=WEB_EMBEDDED_PLAYER&cver=1.20211205.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth:0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c96dfd3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_bEwMNzaWVw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:09 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/0c96dfd3/player_ias.vflset/de_DE/ Frame B05B 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c96dfd3/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c96dfd3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45243edf740eae18b5ca88e044e3d257835e15ccb13bc428828b4e764d5b365b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_bEwMNzaWVw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 15:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7356
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 01:13:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Dec 2022 15:45:19 GMT

GET
H3 204 aWZYQ2hGWTswVT4LIAU8BwoyFDBYUwsEBAoFa3YkMAowOw5ZJ343AQ1bYXFZXFRgZRgAAmVyThoSOTcdGltrc1hYQDEtDgZbaHNYWEAufllHVWxtWl1IaGUdVFd+NxgIAWVyThkSLC9VWFBre1BfUGpxUVFQbg
uknsyenerg.co/ 0
540 B 121ms
110ms Image
text/plain 2606:4700:3034::ac43:8a89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uknsyenerg.co/aWZYQ2hGWTswVT4LIAU8BwoyFDBYUwsEBAoFa3YkMAowOw5ZJ343AQ1bYXFZXFRgZRgAAmVyThoSOTcdGltrc1hYQDEtDgZbaHNYWEAufllHVWxtWl1IaGUdVFd+NxgIAWVyThkSLC9VWFBre1BfUGpxUVFQbg
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8a89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bx7JWv76FmvGPmQLKu8f1bsfG%2F8R8%2BSgZ5mDRaarqEIWCNkicAFU6OfcplBJHpVQDQcK7S43REs3zooomPFnfnn6q8Ux3McYpoAXfNdSvTGbBejnizwbRMdk5mFJwIndIpMGn0ghxlEkZq0i"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6b9c6e30bde7693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 / Show response
freychang.fun/ 15 B
663 B 128ms
117ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/?f=42a5f2350406b5b34afe49ff517ecb3b
Requested by: Host: dmmzkfd82wayn.cloudfront.net
URL: https://dmmzkfd82wayn.cloudfront.net/?kzmmd=921528
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a0e81f077cebea6036a4172cf892fb80802ab6e8025832564a8e70c70e45103

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.tumgir.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5F8vXum%2FZv4tR%2B8jUseCsWWI%2FXOJ%2B1o98kpa5FC8HlFdtBTZgoKj6VHofCtYbnj0%2Fc8rHnOfFtB50b%2BApX7EsVNL5rvb3VWGAK0fmggYPWAyChaKkcxUWkgrV0%2Bu6CQOLgFtiXgIrxJlDflx"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6b9c6e30cf4f4eaa-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame B05B 238 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b38011ebc9fe67ad5e75cdee894685da770185926991603cad35cf043771dbff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 b4763d50-e3a3-4c94-87b6-682aed526c7f Show response
player.ex.co/player/ 711 KB
209 KB 35ms
8ms Script
application/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/pages/_app-ec7224a5f47129d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 30c142202faacc5bc92ccb49615dfb3028f4e38d8056e51f2e18cf8456f478cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:09 GMT
content-encoding: gzip
age: 53068
x-cache: HIT, HIT
access-control-max-age: 600
content-length: 213068
x-served-by: cache-dca17776-DCA, cache-hhn4026-HHN
access-control-allow-origin: *
server: nginx
x-timer: S1638866230.921743,VS0,VE1
etag: W/"b1cb0-FLCyNuIYgdYahRwuEeRmMOAYjy8"
vary: Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type
x-cache-hits: 1, 1

GET
H/1.1 200
OK blogs Show response
www.tumgir.com/api/tumblr/trending/ 215 KB
32 KB 372ms
372ms Fetch
application/json 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/api/tumblr/trending/blogs
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/pages/_app-ec7224a5f47129d4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6fb1718798cb8d8ebfcb32870f06abc447bd8534b73d6e8554e87379f3bb4026

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
ETag: "35b35-LQdLkRsaacKUuRo5F4cLhbQQAm4"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK blogs Show response
www.tumgir.com/api/tumblr/trending/ 215 KB
32 KB 475ms
475ms Fetch
application/json 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/api/tumblr/trending/blogs
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/pages/_app-ec7224a5f47129d4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8fce760f6cad4883e5c9c37604f05589d5aab70f9368cba2915f0c92923abd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
ETag: "35b35-wOSuYJdXTCSptUNZQOHP2yURTto"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK index-fafc30d93898c907.js
www.tumgir.com/_next/static/chunks/pages/ 0
2 KB 93ms
93ms Other
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/index-fafc30d93898c907.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 16:55:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"bf0-17d2ed30b57"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK about-3501640c6fc85760.js
www.tumgir.com/_next/static/chunks/pages/static/ 0
1 KB 95ms
95ms Other
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/static/about-3501640c6fc85760.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Nov 2021 22:34:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"550-17d11230342"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK privacy-policy-1a7b93fcb52325c1.js
www.tumgir.com/_next/static/chunks/pages/static/ 0
2 KB 94ms
94ms Other
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/static/privacy-policy-1a7b93fcb52325c1.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Nov 2021 22:31:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"13c8-17d1120c5f8"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 S1NDY3gwcTAUJz4hL0FCaTs3Fwg4aWxMDzwkbRcNJjQqEVYoPC5MCzx9KRBaZ3EwDh5paXJPWjg%2BNUFCaWdtU1pncTcCHxQ6J0FCaWt3VU96Y2FPWjgmITwRL2FhWVp7ayZWS3tiIU5AKmZ7TkwvY3FOGn42IE5OfjJ7Vkx9NSEGGX1xPg Show response
mefagetobri.top/ 56 KB
23 KB 295ms
109ms Script
application/javascript 44.195.137.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mefagetobri.top/S1NDY3gwcTAUJz4hL0FCaTs3Fwg4aWxMDzwkbRcNJjQqEVYoPC5MCzx9KRBaZ3EwDh5paXJPWjg%2BNUFCaWdtU1pncTcCHxQ6J0FCaWt3VU96Y2FPWjgmITwRL2FhWVp7ayZWS3tiIU5AKmZ7TkwvY3FOGn42IE5OfjJ7Vkx9NSEGGX1xPg
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-137-121.compute-1.amazonaws.com
Software: / Express
Resource Hash: 91ee1ba799a4df7c9c24b4fc4b264ef35fb7fb62f72516f1330e5424bdab53ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"e0f1-xaxkwyfl9Du4cIOwfet/8QClBRs"
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H/1.1 200
OK %5Bname%5D-49c31a9cecc012b6.js
www.tumgir.com/_next/static/chunks/pages/ 0
2 KB 96ms
96ms Other
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/%5Bname%5D-49c31a9cecc012b6.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 16:56:37 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"d93-17d2ed4300a"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 P1pUJGBkcA1rdXMECG0yP1hcKjIlEwp1KyITCnV0ZhgIYHYUEwp1Mj9YDnFgZXQdd3UuAAxsYGQGWT-U1OlNPICc9X0xgdxADC3JrZQAdd3V+XVAxKDoTCgZgZAZULC4zEwp1IjNVUypscwQIJi0kWVUgYGRwAXNrZhgMc3NiGAxwYGQGSyQjN0RRYHcQAwtya2UA... Show response
d18g6t7whf8ejf.cloudfront.net/GNjhFRVZVVysjaUJRIXhuAwp8cmIQUjYqOEYFEC4Uf0g0LjRieXdjIkxceHVwWlkrImsQXSsmawceJCE0CwxjMSZZU3gwOFJdIyw4U1xjMDcLVSo/ Frame 8F10 411 B
607 B 159ms
159ms Script
text/plain 18.66.92.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/GNjhFRVZVVysjaUJRIXhuAwp8cmIQUjYqOEYFEC4Uf0g0LjRieXdjIkxceHVwWlkrImsQXSsmawceJCE0CwxjMSZZU3gwOFJdIyw4U1xjMDcLVSo/P1pUJGBkcA1rdXMECG0yP1hcKjIlEwp1KyITCnV0ZhgIYHYUEwp1Mj9YDnFgZXQdd3UuAAxsYGQGWT-U1OlNPICc9X0xgdxADC3JrZQAdd3V+XVAxKDoTCgZgZAZULC4zEwp1IjNVUypscwQIJi0kWVUgYGRwAXNrZhgMc3NiGAxwYGQGSyQjN0RRYHcQAwtya2UAHjB4
Requested by: Host: dgmaplain.club
URL: https://dgmaplain.club/OGVpSExZBwolc1lYC245SglUbX5+QFsOKAldDn44DxIBLnRdDw9mL1QKHCwqSgoHPGJWAB1tfn4iJyIkfjc/EhpuHBoiLW0vOwEUUBAoPzwABgQBHW0PMDkDfTwvDQ8MMA94KwgpAxolXT0NIgVTHQotBG4SPiQnSiwEOx1gNholLU8GDAIPfVUqPzRSKDoSFm1WDj8Dfi8NATVPUTx5NFIoLSsAbjYGbX5+NVg4GXIiKyMveVQbLBR1ICoPfEE1WCAvcw8gJAlPFVgDNXExKiYaCD8BLwVhLTAdCU8VWAUmATwtJgpfPzEZKFxWPD0NeR0aEQtpIj4cYW1UJiQCaCwqK3VgVREvKEAkLQt/chczGQ1cAVoeaQonMR4NQC4tJxh7AjMvFnk/PAQPDB8sPzwJLAMGGm0cGTsvTzQgAiUIDj4eGV88Lho7eT0nOhZQAiQrf3YMLgk0TzwuGQtrHDgiAgg3OxEEWzQoPzhBBFsdDXAPK3xqUhYGJjwFMAIKBUgUAioYeVc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-75.fra56.r.cloudfront.net
Software: /
Resource Hash: 4bb77ef61f9d7c29cfa1535ecdc73c2f6ede6f8d8f8873060348d85da4844de3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dgmaplain.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:10 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 329
via: 1.1 3f52d342c56014599dee37446f6c9f2f.cloudfront.net (CloudFront)
x-amz-cf-id: wxydoGuSPQmO0ZvFXeGo-SrIfZV0qTZJ2cGoHN2buLFG7X1m8nPWxg==

GET
H2 200 dBZxYUtxEDYtFyVXNjdccwgvMFxzCHB0V3EdcgZccwg2LRd3DGR3O2QKcTxPdR-FkdkkgSDEoHDZdIy8QNR1zAkxyD293T2QKcWwSKUwsKFxze2R2SS1RKiFccwgmIRoqV2hhS3FbKTYWLF1kdj94Dm90V3UOd3BXdQ1kdkkyWSclCygdcwJMcg9vd09nTXw Show response
d18g6t7whf8ejf.cloudfront.net/EeUE4QUQaLlYnew0oXHx8THIMcXFfK0suKgl8djY8ESl5LyAbMg4RIT8nHjU+HXwIZygYL198YhwvW3x1XyBcI3lNZ0wxKxJ8UjYmFjVUNjweIB40JUQsVzstFS1ZZHY/ Frame 72DD 571 B
709 B 159ms
158ms Script
text/plain 18.66.92.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18g6t7whf8ejf.cloudfront.net/EeUE4QUQaLlYnew0oXHx8THIMcXFfK0suKgl8djY8ESl5LyAbMg4RIT8nHjU+HXwIZygYL198YhwvW3x1XyBcI3lNZ0wxKxJ8UjYmFjVUNjweIB40JUQsVzstFS1ZZHY/dBZxYUtxEDYtFyVXNjdccwgvMFxzCHB0V3EdcgZccwg2LRd3DGR3O2QKcTxPdR-FkdkkgSDEoHDZdIy8QNR1zAkxyD293T2QKcWwSKUwsKFxze2R2SS1RKiFccwgmIRoqV2hhS3FbKTYWLF1kdj94Dm90V3UOd3BXdQ1kdkkyWSclCygdcwJMcg9vd09nTXw
Requested by: Host: dgmaplain.club
URL: https://dgmaplain.club/WmhDeHE7CiAVTjtVIV4EKAR+XUMcTXE+FWtQJE4FbR8rHkk/AiVWEjYHNhwXKActDF80DTddQxwtJi00bjkWKRAWBBoWFC1YLCA5IlAXMDgXCxs+FxFYMA06PQR7HBsDUAYrHW8kOjkTFw93KjgOUC0wGw9NcTo5Ah8KIgg9MQ9JSGIxKw8HDVs7SSkjKiAxQjYmGUgGIiM7MkkPAhoVNzA+FjYbLQ0KOkVqIhYpAgwSMAw3CVkZIjkDTXE+FRgyOyEkLhAGPCguLjouKRQCJxsSLQ81NTciEgAwM2o+cD0VOQ8ZGxItD3E0Iz5bBz8jaSdxKTo5PDsoFQhFBRMVMQMkKzUfBws8Kz4hOkAgFDpyAjAxEDo8Q2NbF0ogEQsUDyIRPTQLOhwQOR1DCFoQK0AIIyo+EjkfJBU4CAcyLkMyABBLNzgjFyEmFi5yExUwUXc8HGNYFUskFQxwOik+OXITFTEDOi8iOQQAARY+CzQyPDkPeg4ValEtLCktTikLHjQYfjYGIgArOR8+CjBOIT8uJQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-75.fra56.r.cloudfront.net
Software: /
Resource Hash: e776c2db1c187e1cf52b26ca3576751b9b0a3fd685b9c83c6e7625f966e3b5dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dgmaplain.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:10 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 433
via: 1.1 3f52d342c56014599dee37446f6c9f2f.cloudfront.net (CloudFront)
x-amz-cf-id: jY0JqiodOThDg74v8TlQ9GrFBp3aW3To3NpMzr2oYBL2u2Y8F-4pLg==

GET
H2 200 YGN9VH50ODsJKCJvLy4ACBE5VSkFMQpAMig2dVZgPjMmAXt0NyYFe2N0KQIkb2ZuEjY9OXUfKzYzJwIsJCMpQDMzbyUJPDs+JAdjYBR9SHZ3YHhOMTs8LAkxIXd6Vigmd3pWd2J8eEN1EHd6VjE7PH5SY2EQbVR2KmR8T2NgYi-kWNj43PwMkOTs8Q3QUZ3tRaGFk... Show response
dmmzkfd82wayn.cloudfront.net/IUlJIZkYxPSYAeSY7LFt/ Frame 8A0C 935 B
917 B 159ms
159ms Script
text/plain 2600:9000:223e:4e00:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/IUlJIZkYxPSYAeSY7LFt/YGN9VH50ODsJKCJvLy4ACBE5VSkFMQpAMig2dVZgPjMmAXt0NyYFe2N0KQIkb2ZuEjY9OXUfKzYzJwIsJCMpQDMzbyUJPDs+JAdjYBR9SHZ3YHhOMTs8LAkxIXd6Vigmd3pWd2J8eEN1EHd6VjE7PH5SY2EQbVR2KmR8T2NgYi-kWNj43PwMkOTs8Q3QUZ3tRaGFkbVR2ejkgEis+d3olY2BiJA8tN3d6ViE3MSMJb3dgeAUuID0lA2NgFHFQaGJ8fFBwZnx8U2NgYjsHIDMgIUN0FGd7UWhhZG4Tew
Requested by: Host: dgmaplain.club
URL: https://dgmaplain.club/UlduM1ozNQ1eZTNqDBUvIDtTFmgUclx1Pj86FFg8Nm9cRDsrOUBQNj0iClUoPTkaHTQ3I0sBHBsCAnkTCDw3SwoBDi9WCQtgInUud2Uoah0cbjh7b2IYKkAQGRQkRRYrYy9wGBdiOGAxFBo/QxsfPgkBPgQNCWMwHzovay5iGRdqHDdlIAMRAx4FUWgIIitZA2sYNmY8GS03SRAlHh15GR8nP3cXKDUXZhACEx0WaBAdL1cwCxU8CgkaDV1qEjoYI2cpahsvWCIbDwoFDDswA1dpIgAKARBqMit9axcfCgUMOBJZYxJnBDcBHwM1OGFoGTo8Cw5gGQlqM388OX0wZmQ+RBc5GDpAYgNkP2YAYSM8Uh0UPAxlCGAyBFg9Fz4dFmgQM11cNgtlLFoQE28afWk2YThaH2EaPX4QMGQKVD8TAht6HmI7LwEUNREmdQszECQLPBQVGWk0Km87ARQ1DgRAEhsTI1QTBxledR02YDtkMjoNKQcONyBIWSk9OR4OPRoRNHArYTg5UBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:4e00:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: fea8b1edea561c548f9f09c23c24d4da0a6f0a8baca6493c3fb886f38e98d5ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dgmaplain.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:10 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 640
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
x-amz-cf-id: NTWdUps2Nm7ZPAPwPAcDkwwkWrc2WpKytg8uNlw93tJh1xnA5MfFKQ==

GET
H2 200 4RE5DV0YnIS0xeTAnJ2p+cX13Z3BiJDA4KDRzKicACSsFDg8QaDctInl+ZTsnKil+cSMqLX5mYCUqIWpyYjsiaisrNCo7KiVrcRFzan5mZXZsOSo5Iis5MHJ0dCA3cnR0f3N5dmF9AXJ0dDkqOXBwa3AVY3Z+O2FybWtxZyc0Pi8yMSEsKD4yYXwFYnVzYH-BhY3Z... Show response
dmmzkfd82wayn.cloudfront.net/ Frame F66F 177 B
457 B 158ms
158ms Script
text/plain 2600:9000:223e:4e00:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/4RE5DV0YnIS0xeTAnJ2p+cX13Z3BiJDA4KDRzKicACSsFDg8QaDctInl+ZTsnKil+cSMqLX5mYCUqIWpyYjsiaisrNCo7KiVrcRFzan5mZXZsOSo5Iis5MHJ0dCA3cnR0f3N5dmF9AXJ0dDkqOXBwa3AVY3Z+O2FybWtxZyc0Pi8yMSEsKD4yYXwFYnVzYH-BhY3Z+azwuMCMvcnQHa3FnKi0lJnJ0dCkmNC0rZ2ZldicmMTgrIWtxEX9yYHN5cnJ4d3lycWtxZzUlKCIlL2F8BWJ1c2BwYWAxcw
Requested by: Host: dgmaplain.club
URL: https://dgmaplain.club/amNXbVQLATQAawteNUshGA9qSGYsRmUrMAcOLQYyDltlGjUTDXkOOAUWMwsmBQ0jQzoPF3JfEl4xElgQPFMOAx05Uy8IACsNHV8kT1EVDgxbUA1eFgMpEyxgIScFFx8DABYuBxklEwpsOwITDiAjDTtIZig5Ax46IQo7SGYoAAQgJSY7YgANKTYmJAMaGg4HJwMCPh4mJCA4Wh8DNSUOBiwZNgNhBzkPNyclMDhYHQMQYiAcIFMzLhVZADk/ZAxQGVgwByVuLAwgUzMpPxssDy8jC1AWOw1ZOXJfFiVRERQ2PRcvNy0JUwcEbBMuBCgnISdjFA0yFBE0OjwZDiV5KAsOXg5PURUMLh0WGi4ZHAA5PBwLUBEDHwNTOyc6IFMzLj8HLRRdJjBRDQEwAwA6IAANER46IBImD1QtMysZWDcEKWMJZwYaNDogEjktODghIB4BGFglby8DIFI0XxYdOgAsLAkUcQcnBQ0nUD0aJRoIEjMqAw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:4e00:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6b1fe03fe0108811c24ae5a373bae986c474bb1c18acb0216b684916f6fa6a88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dgmaplain.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:10 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 180
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
x-amz-cf-id: oJ0FFPqCDVSBVqRhWrvgcGxYz-9pddTOPmcvkoyi5S3RLBCfptl9DA==

GET
H2 200 QQndwQmkhGB4kVjYeFH9Rd0REcl9kHQMtBzJKNwpYCUVCJQMQDwcsM2QDCiZUclEcIwclSlYnByFKQWQIJhVNdk83Fk0vBjgeHC4IZ0U2d0dyUkJyQTUeHiYGNQRVcFksA1VwWXNHXnJMcTVVcFk1Hh50XWdEMmdbcg9GdkBnRUAjGTIbFTUMIBwZNkxwMU-VxXmx... Show response
dmmzkfd82wayn.cloudfront.net/ Frame F96C 181 B
461 B 156ms
156ms Script
text/plain 2600:9000:223e:4e00:6:2e3c:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmmzkfd82wayn.cloudfront.net/QQndwQmkhGB4kVjYeFH9Rd0REcl9kHQMtBzJKNwpYCUVCJQMQDwcsM2QDCiZUclEcIwclSlYnByFKQWQIJhVNdk83Fk0vBjgeHC4IZ0U2d0dyUkJyQTUeHiYGNQRVcFksA1VwWXNHXnJMcTVVcFk1Hh50XWdEMmdbcg9GdkBnRUAjGTIbFTUMIBwZNkxwMU-VxXmxERmdbcl8bKh0vG1VwKmdFQC4AKRJVcFklEhMpBmtSQnIKKgUfLwxnRTZ7X2xHXnZfdENedlxnRUAxCCQWAitMcDFFcV5sREZkHH8
Requested by: Host: dgmaplain.club
URL: https://dgmaplain.club/YUw4akQALlsHewBxWkwxEyAFT3YnaQosIAwhQgEiBXQKHSUYIhYJKA45XAw2DiJMRCoEOB1YAjAdVg4zMCFTAgMjeFM8LjgpfiJ9MygIOAECIAEBDDABTCg+Kwd2HTQ4D208BysddTsAFi9LJ3YwCHsDHjQvVC8nKDtbBhcNFVYoPScHaT0VKAZQPAoFJwBZAgp8TiguBilwKXAoFgg/dgV8XBMRCgZBOxA0KXADHSYCaTgSAgpTGQVQGk89HC8EYAQOLC9sPBICClNbDAl5CDITBQl1ByADL19TAwUnegQWNA1SLRAoLn4+ESwFeh0eLydAHQk0YW4SHAw0fTgpBS5bBnwDB1BaMiZ9bh0PDCh+OwdVDXM4DjcvfgEoJCR1GgYMOGs7KigHcw0RBwBPEiozGGJdHFM0cDIqOypcLwoEKFQSKjMZeRIHIh1vKy0VAVsuAicvbl83MwliAQwpdB4ANw4iSFcDKX1zWHYGJmoSMw8W
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:4e00:6:2e3c:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bbff07654718224b25094fb8d7bb960bfad6b6c76a86448b255701184720782d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dgmaplain.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:10 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 184
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
x-amz-cf-id: aCZHfAV-Rucb6ATJ3W-i9-atARS-4FQ6SknplFPGBf-TEjAwUUhTzw==

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
136 B 285ms
92ms XHR
text/plain 34.193.25.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-25-178.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tumgir.com
date: Tue, 07 Dec 2021 08:37:10 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 42ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 07:43:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Dec 2021 08:37:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Dec 2021 08:37:10 GMT

GET
H2 200 hls.min.js Show response
player.avplayer.com/script/2/2.55/libs/ 247 KB
71 KB 32ms
7ms Script
application/javascript 2a02:26f0:6c00::210:bb91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:10 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 71831
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
server: UploadServer
etag: "7888b98658e8cef4a98786556ccdab66"
vary: Accept-Encoding
x-goog-hash: crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language: en
x-goog-generation: 1610290372874389
cache-control: public, max-age=300
x-goog-stored-content-length: 71831
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Dec 2021 08:42:10 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 238 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 9DC8 364 KB
103 KB 32ms
9ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 90b69c5f7668353e1ae5d266dba1f8a4b2dbbb254b6a2cf6e5b2d91381a714eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:10 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvM8Pl4fiI-ZbcE4PithR_rK-MeKxMp4OZZWD18zge6GsrKnlRzIkUA_rXDfr4ERs0JdXwI9UMEjKdEOuvM17w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 104652
last-modified: Wed, 01 Dec 2021 06:59:43 GMT
server: UploadServer
etag: "c090f073758d1a9717d1a9aa2c037cb5"
vary: Accept-Encoding
x-goog-hash: crc32c=bxmpzg==, md5=wJDwc3WNGpcX0amqLAN8tQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1638341983568684
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 104652
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Dec 2021 08:42:10 GMT

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
137 B 228ms
92ms XHR
text/plain 34.193.25.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-25-178.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tumgir.com
date: Tue, 07 Dec 2021 08:37:10 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 track
atrack.avplayer.com/ 0
71 B 292ms
91ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M16&cb=1638866230066&cid=60a0c4acce284b4c1059cbe8&VERSION=4.103.0&AV_PAGE_LOAD_UID=64130b52-6c39-48cf-94de-ba3773c7cb43&AV_CDIM4=64130b52-6c39-48cf-94de-ba3773c7cb43&AV_ABTEST_TEMPLATE_WIGHT=50&AV_CDIM6=50&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumgir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 327442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 13:39:48 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 92ms
91ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.tumgir.com&sn=&cd4=64130b52-6c39-48cf-94de-ba3773c7cb43&cd5=default&cd6=50&cd7=main&ic=0&tgt=0&app=&wi=531&he=299&test=&d36=6.1.2.90&apppkg=&fv=1&proto=https&pid=56ea678d181f46c76f8b45fb&cid=60a0c4acce284b4c1059cbe8&stagid=&stplid=&e=inventory&vi=100&cb=1638866230295
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
premiumsrv.aniview.com/api/adserver/tag/ 34 KB
4 KB 372ms
160ms XHR
application/json 75.101.235.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.103.0&AV_PAGE_LOAD_UID=64130b52-6c39-48cf-94de-ba3773c7cb43&AV_CDIM4=64130b52-6c39-48cf-94de-ba3773c7cb43&AV_ABTEST_TEMPLATE_WIGHT=50&AV_CDIM6=50&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=60a0c4acce284b4c1059cbe8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.tumgir.com&AV_DADPOS=1&d36=6.1.2.90&responsive=1&sver=1&avtoken=230295&AV_WIDTH=531&AV_HEIGHT=299&AV_DNT=0&cb=1638866230315
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.235.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-235-47.compute-1.amazonaws.com
Software: /
Resource Hash: 96f748294a357dcef405cdae577d5329b5ef0877982fc39df97556b9faf26ef0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:10 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 25 Nov 2021 18:50:30 GMT

GET
H/1.1 200
OK landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.m3u8 Show response
mcd.ex.co/video/upload/sp_hd/v1490095101/ 1 KB
2 KB 38ms
7ms XHR
application/x-mpegurl 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: edcd9a0c9c71f5ae341cd37ced9e2833a31bdc3ebf2dfa17f2c320cd8dcaa48e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Status: 200 OK
Connection: keep-alive
Content-Length: 1127
X-Request-Id: cf7a558d6737cb37b36e5dde5ecebe1c
X-Served-By: cache-wdc5524-WDC
Last-Modified: Wed, 13 Jan 2021 11:25:26 GMT
Server: cloudinary
X-Timer: S1610538425.650189,VS0,VE1
ETag: "4a274f98fb604f4a7ed6c4ad41eb2dd6"
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3229933
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

GET
H/1.1 200
OK index-fafc30d93898c907.js Show response
www.tumgir.com/_next/static/chunks/pages/ 3 KB
2 KB 97ms
96ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/index-fafc30d93898c907.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6cb77653f129d93e740f0303e5ee82f8565f7d432d4c4a1f4e85a128050967e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 16:55:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"bf0-17d2ed30b57"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK privacy-policy-1a7b93fcb52325c1.js Show response
www.tumgir.com/_next/static/chunks/pages/static/ 5 KB
2 KB 95ms
94ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/static/privacy-policy-1a7b93fcb52325c1.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a9d882997ec60e3829e71a8ec3c7f77e2ac8d8408aa26beb6ecc80dea0d9fcfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Nov 2021 22:31:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"13c8-17d1120c5f8"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK about-3501640c6fc85760.js Show response
www.tumgir.com/_next/static/chunks/pages/static/ 1 KB
1 KB 93ms
93ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/static/about-3501640c6fc85760.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 344a91e54490d605b83bf9c3a1b7d16ebcc61b6caa828c3aa2d7823b24ce8278

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Nov 2021 22:34:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"550-17d11230342"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 204 utx Show response
undhertobec.xyz/ 0
489 B 132ms
105ms XHR
text/plain 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://undhertobec.xyz/utx?tid=846710&top=www.tumgir.com&cb=3HefaZ6O0Mr2
Requested by: Host: mefagetobri.top
URL: https://mefagetobri.top/S1NDY3gwcTAUJz4hL0FCaTs3Fwg4aWxMDzwkbRcNJjQqEVYoPC5MCzx9KRBaZ3EwDh5paXJPWjg%2BNUFCaWdtU1pncTcCHxQ6J0FCaWt3VU96Y2FPWjgmITwRL2FhWVp7ayZWS3tiIU5AKmZ7TkwvY3FOGn42IE5OfjJ7Vkx9NSEGGX1xPg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:10 GMT
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: E6rWDLahzcPIAPqaOg_5xz_QDQy3w9AuNKvs2ffSRtux2RuGmfgeTg==

GET
H/1.1 200
OK %5Bname%5D-49c31a9cecc012b6.js Show response
www.tumgir.com/_next/static/chunks/pages/ 3 KB
2 KB 95ms
94ms Script
application/javascript 167.71.185.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumgir.com/_next/static/chunks/pages/%5Bname%5D-49c31a9cecc012b6.js
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/_next/static/chunks/main-6099a486a931d74e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.185.16 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3dece685b5f01b1a1a47c89706b9bb6e156edca56c99793271b13a82209a053b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 16:56:37 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"d93-17d2ed4300a"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive

POST
H2 200 / Show response
urgoldpie.club/ 0
37 B 313ms
106ms XHR
text/plain 107.22.28.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://urgoldpie.club/
Requested by: Host: mefagetobri.top
URL: https://mefagetobri.top/S1NDY3gwcTAUJz4hL0FCaTs3Fwg4aWxMDzwkbRcNJjQqEVYoPC5MCzx9KRBaZ3EwDh5paXJPWjg%2BNUFCaWdtU1pncTcCHxQ6J0FCaWt3VU96Y2FPWjgmITwRL2FhWVp7ayZWS3tiIU5AKmZ7TkwvY3FOGn42IE5OfjJ7Vkx9NSEGGX1xPg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-28-167.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
content-length: 0

GET
H/1.1 200
OK landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.m3u8 Show response
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1599034735/ 1 KB
2 KB 7ms
7ms XHR
application/x-mpegurl 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1599034735/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 7591a616f80e413b2a00783769302b6475c64ba7b26b3e3ec0d195cc630b641f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Last-Modified: Wed, 02 Sep 2020 08:19:03 GMT
Server: cloudinary
X-Timer: S1610538425.015702,VS0,VE1
ETag: "955b0624900985a22b01bb62d9b7c2fc"
X-Served-By: cache-wdc5524-WDC
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3229844
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 1331
X-Cache-Hits: 1

OPTIONS
H/1.1 200
OK landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1599034735/ Frame 0
0 7ms
6ms Preflight
text/html 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1599034735/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.tumgir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Tue, 07 Dec 2021 08:37:10 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H/1.1 206
Partial Content landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts Show response
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1599034735/ 212 KB
212 KB 11ms
11ms XHR
video/mp2t 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1599034735/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: e2ff6f15961fb4f4fe6e1f4af027be8b616034679e6415cbbfca9bd0e76cef4c

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-216763

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Content-Range: bytes 0-216763/972712
Connection: keep-alive
Content-Length: 216764
X-Served-By: cache-wdc5529-WDC
Last-Modified: Wed, 13 Jan 2021 11:25:06 GMT
Server: cloudinary
X-Timer: S1610538426.613095,VS0,VE0
ETag: "02e9241eacc0b7180540e7de923c9b82"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3229861
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

GET
BLOB 200
OK 05591722-286e-4daa-a18c-98b5767e5d5b
https://www.tumgir.com/ 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tumgir.com/05591722-286e-4daa-a18c-98b5767e5d5b
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H2

200

74db195f579f787102f10d49b73a2668ddd23fca.jpg
64.media.tumblr.com/e78cf7e37e31e18a594518f1564e3bd5/3cad3bbfce6bad19-b6/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/tokyogems.tumblr.com/avatar/128
https://64.media.tumblr.com/e78cf7e37e31e18a594518f1564e3bd5/3cad3bbfce6bad19-b6/s128x128u_c1/74db195f579f787102f10d49b73a2668ddd23fca.jpg

10 KB
11 KB

7ms
7ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/e78cf7e37e31e18a594518f1564e3bd5/3cad3bbfce6bad19-b6/s128x128u_c1/74db195f579f787102f10d49b73a2668ddd23fca.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b5d5f458a6d96e8d24fb8d475b18723bf03a2dcf88a891efbf859809be7c9cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 07 Dec 2021 08:37:10 GMT
last-modified: Sun, 28 Mar 2021 15:06:18 GMT
server: nginx
x-frames: 1
etag: "28a633096514c1dfd1165fb6bf72e65a-1498089600-0b5eada"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_e78cf7e37e31e18a594518f1564e3bd5_74db195f_128.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 10712

Redirect headers

date: Tue, 07 Dec 2021 08:37:10 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/e78cf7e37e31e18a594518f1564e3bd5/3cad3bbfce6bad19-b6/s128x128u_c1/74db195f579f787102f10d49b73a2668ddd23fca.jpg#_=_
x-rid: 5bda94e56554595f6cf64f1911764d5a
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

avatar_239966e78ef2_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/walking-geema.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_239966e78ef2_128.png

33 KB
33 KB

8ms
7ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_239966e78ef2_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

79764748539a922633396c54d45475318031da72758de7e0f4a8f7e3b8cdb268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Tue, 07 Dec 2021 08:37:10 GMT
last-modified: Wed, 09 Dec 2020 04:07:46 GMT
server: nginx
x-frames: 1
etag: "4be0da6ea1848460944c9d5efcd8dfb9-1498089600-0b5eada"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-disposition: inline; filename="avatar_239966e78ef2_128.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 33973

Redirect headers

date: Tue, 07 Dec 2021 08:37:10 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_239966e78ef2_128.png#_=_
x-rid: 7ad656558cba0777e6528509135d93dc
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

23449c0b6ffc1166a42187d0ea05b53f3d281f93.jpg
64.media.tumblr.com/846c9784ade78525020896a9ef9ec367/d93f7a14f2800149-17/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/tru-makes-quilts.tumblr.com/avatar/128
https://64.media.tumblr.com/846c9784ade78525020896a9ef9ec367/d93f7a14f2800149-17/s128x128u_c1/23449c0b6ffc1166a42187d0ea05b53f3d281f93.jpg

10 KB
10 KB

11ms
10ms

Image
image/jpeg

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/846c9784ade78525020896a9ef9ec367/d93f7a14f2800149-17/s128x128u_c1/23449c0b6ffc1166a42187d0ea05b53f3d281f93.jpg

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

baf3a4cb694536ee55053d20031d9e5806168c2de90bf0bec9bd6a579d4522e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Tue, 07 Dec 2021 08:37:10 GMT
last-modified: Sat, 02 Oct 2021 23:25:00 GMT
server: nginx
x-frames: 1
etag: "1f098e7cb5715e2a2f3ec3ba29dd7f01-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_846c9784ade78525020896a9ef9ec367_23449c0b_128.jpg"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 9921

Redirect headers

date: Tue, 07 Dec 2021 08:37:10 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/846c9784ade78525020896a9ef9ec367/d93f7a14f2800149-17/s128x128u_c1/23449c0b6ffc1166a42187d0ea05b53f3d281f93.jpg#_=_
x-rid: 53d6cbee698169daefa2ce8a1c5388ee
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

avatar_205684dff418_128.png
64.media.tumblr.com/
Redirect Chain

https://api.tumblr.com/v2/blog/curiouscatalog.tumblr.com/avatar/128
https://64.media.tumblr.com/avatar_205684dff418_128.png

7 KB
7 KB

7ms
6ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/avatar_205684dff418_128.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

43731c98177737b1eec4a69a9673c439d4d8176a0b50a990af7e21543f5fcf43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 07 Dec 2021 08:37:10 GMT
last-modified: Wed, 09 Dec 2020 14:29:19 GMT
server: nginx
x-frames: 1
etag: "75a54e97526f85583b8392b5c161a449-1498089600-c329bb0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-disposition: inline; filename="avatar_205684dff418_128.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 7096

Redirect headers

date: Tue, 07 Dec 2021 08:37:10 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/avatar_205684dff418_128.png#_=_
x-rid: 17356b34f8fcc621582534ba3bbb7117
content-type: application/json
content-length: 121
x-ua-compatible: IE=Edge,chrome=1

GET
H2

200

c95f4c71d9fca59133f37d3fc118b75c45098cab.png
64.media.tumblr.com/63968a5de9b97647f350bb4e12960f18/e557feb8eb083b27-7f/s128x128u_c1/
Redirect Chain

https://api.tumblr.com/v2/blog/gradienty.tumblr.com/avatar/128
https://64.media.tumblr.com/63968a5de9b97647f350bb4e12960f18/e557feb8eb083b27-7f/s128x128u_c1/c95f4c71d9fca59133f37d3fc118b75c45098cab.png

931 B
1 KB

7ms
6ms

Image
image/png

192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://64.media.tumblr.com/63968a5de9b97647f350bb4e12960f18/e557feb8eb083b27-7f/s128x128u_c1/c95f4c71d9fca59133f37d3fc118b75c45098cab.png

Requested by

Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes

Protocol

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d371acfbb007732e8f869a2548f349caf1b5d4fe19f899dd60fba34e276852dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Tue, 07 Dec 2021 08:37:10 GMT
last-modified: Thu, 10 Dec 2020 09:35:17 GMT
server: nginx
x-frames: 1
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="tumblr_63968a5de9b97647f350bb4e12960f18_c95f4c71_128.png"
strict-transport-security: max-age=31536000; preload
timing-allow-origin: *
content-length: 931

Redirect headers

date: Tue, 07 Dec 2021 08:37:10 GMT
server: nginx
x-cache-avatar: true
strict-transport-security: max-age=31536000; preload
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
location: https://64.media.tumblr.com/63968a5de9b97647f350bb4e12960f18/e557feb8eb083b27-7f/s128x128u_c1/c95f4c71d9fca59133f37d3fc118b75c45098cab.png#_=_
x-rid: 147506bc20652036c6153ed958782024
content-type: application/json
content-length: 204
x-ua-compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.m3u8 Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/ 1 KB
2 KB 9ms
9ms XHR
application/x-mpegurl 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 9045edf92f5b928cb307aa3f617906982fa27278683397a34265dae061c85fb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Last-Modified: Wed, 13 Jan 2021 11:25:10 GMT
Server: cloudinary
X-Timer: S1610538427.320708,VS0,VE1
ETag: "8c2446e9358a59260b32c2b9afee2be1"
X-Served-By: cache-wdc5548-WDC
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3229757
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 1455
X-Cache-Hits: 1

GET
H/1.1 206
Partial Content landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/ 208 KB
209 KB 10ms
9ms XHR
video/mp2t 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 40ec571550eb53ce8d479fab150a37bdce6a28771bdb207f3a12c81383ce1ed8

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-213379

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Content-Range: bytes 0-213379/1732984
Connection: keep-alive
Content-Length: 213380
X-Served-By: cache-wdc5524-WDC
Last-Modified: Thu, 31 Dec 2020 15:30:24 GMT
Server: cloudinary
X-Timer: S1610538429.395509,VS0,VE72
ETag: "fffe8a01c05b841238f9411aaeeae18d"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3229598
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0

OPTIONS
H/1.1 200
OK landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/ Frame 0
0 7ms
7ms Preflight
text/html 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.tumgir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Tue, 07 Dec 2021 08:37:10 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H3 200 popunder.gif
uknsyenerg.co/ 35 B
623 B 18ms
18ms Image
image/gif 2606:4700:3034::ac43:8a89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uknsyenerg.co/popunder.gif
Requested by: Host: www.tumgir.com
URL: https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8a89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 07 Dec 2021 08:37:10 GMT
cf-cache-status: HIT
last-modified: Mon, 06 Dec 2021 21:17:55 GMT
server: cloudflare
age: 40755
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDGXZakMzZPdR50PMRao4BF6pGSSApUCykppUrZ37faEI8ko06uELoyaJgnvVcIvUsF5w%2FA7ZiuN7rrx5684q3TldPDA2hPuGpS%2Fabx1lwV8M7b5wuZzdjA159rx1sQHx5Ik5LL1hO404IRX"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b9c6e344d5b693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 multi Show response
dgmaplain.club/ 3 KB
2 KB 190ms
190ms XHR
text/plain 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgmaplain.club/multi?cs=dk9wQ1lFeER7b0F8QnNuQX5Dc20&abt=0&red=1&sm=76&k=bodybuilders%20street%20clothes%20explore%20tumblr%20posts%20blogs%20tumgir&v=1.0.55.0&sts=0&prn=0&emb=0&tid=853405&u=508579716556380&fs=1&ref=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F96.0.4664.45%20safari%2F537.36&tzd=0&uloc=&if=0&_KNEE=1638866230461&crc=1
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 189d22cccfeb7df7629f25479c72c7a1a45690d4963cb0ca1a5c659c1b007fca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:10 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: text/plain
content-length: 1370
via: 1.1 da392114e7046bd9720a70f40c796f63.cloudfront.net (CloudFront)
x-amz-cf-id: v-N9Uh8zo5W8jB3oPiDkndZPfxYv1DeSvEJMCNFIIq5GZam3210sHQ==

POST
H3 204 cRM3ZmtlQTBaPglfcQFjA1NiQzNQWncBfEcTJUcvR1p2A2oDQS1dPFtadhUsCVdqC3QCSXQVLwlSdAtvA15zAmwBUnIAYgRBMEM7U1p1FSpAEygOawJUfAtsAlV3A24CVQ
uknsyenerg.co/RDNaNGdrDDlHWhcAEG0+dml/BiUWdGtgP3cCHVYhAmY/ 0
508 B 114ms
114ms Ping
text/plain 2606:4700:3034::ac43:8a89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uknsyenerg.co/RDNaNGdrDDlHWhcAEG0+dml/BiUWdGtgP3cCHVYhAmY/cRM3ZmtlQTBaPglfcQFjA1NiQzNQWncBfEcTJUcvR1p2A2oDQS1dPFtadhUsCVdqC3QCSXQVLwlSdAtvA15zAmwBUnIAYgRBMEM7U1p1FSpAEygOawJUfAtsAlV3A24CVQ
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8a89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Dec 2021 08:37:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtgFrC601lflnkU2rrOBFrCd%2B8U66KD1%2B%2BflNUpIt9NFeKG%2BFmmaep6eqPz9EY6PExpKEV3f0fEpsYoZF6Z3UfI3TAzP75zRL9HlaUtzFOvIaAff5EbEUGBlhsA6vjr3ZG%2Bi3OHbnKV74vhL"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6b9c6e346dac693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 floater Show response
dgmaplain.club/ 2 KB
2 KB 585ms
584ms XHR
text/plain 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgmaplain.club/floater?cs=V0NQdkNidWVGemF3ZERxZHpkRnE&abt=0&red=1&sm=83&k=bodybuilders%20street%20clothes%20explore%20tumblr%20posts%20blogs%20tumgir&v=0.8.6.0&sts=0&prn=0&emb=0&tid=852974&u=508579716556380&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F96.0.4664.45%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td1_oi1_&_tcYB=1638866230463&crc=1
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: ccc7ec35c235ac456107ff97103cac285044c66fb544d9790e3416c83c66e45c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:10 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tumgir.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: text/plain
content-length: 1474
via: 1.1 da392114e7046bd9720a70f40c796f63.cloudfront.net (CloudFront)
x-amz-cf-id: a6V9EDPirEtp-vrrIG5q122uOKmCHYMSMAUQ1UbHR9gVmLfCH4LH9w==

GET
H/1.1 206
Partial Content landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/ 174 KB
175 KB 9ms
8ms XHR
video/mp2t 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 7128a946a179f184d21b571095286e26f61c260d1a45096b44a1a7d3850efa51

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=213380-391791

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Content-Range: bytes 213380-391791/1732984
Connection: keep-alive
Content-Length: 178412
X-Served-By: cache-wdc5524-WDC
Last-Modified: Thu, 31 Dec 2020 15:30:24 GMT
Server: cloudinary
X-Timer: S1610538429.395509,VS0,VE72
ETag: "fffe8a01c05b841238f9411aaeeae18d"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3229598
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.tumgir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Tue, 07 Dec 2021 08:37:10 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
136 B 93ms
93ms XHR
text/plain 34.193.25.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-25-178.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tumgir.com
date: Tue, 07 Dec 2021 08:37:10 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.tumgir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Tue, 07 Dec 2021 08:37:10 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H/1.1 206
Partial Content landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/ 120 KB
120 KB 7ms
7ms XHR
video/mp2t 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: d00cd36cf4795feb18740ee11ae68b8dd497a53c0a110a1f61582edf8246c216

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=391792-514367

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Content-Range: bytes 391792-514367/1732984
Connection: keep-alive
Content-Length: 122576
X-Served-By: cache-wdc5524-WDC
Last-Modified: Thu, 31 Dec 2020 15:30:24 GMT
Server: cloudinary
X-Timer: S1610538429.395509,VS0,VE72
ETag: "fffe8a01c05b841238f9411aaeeae18d"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3229598
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-6103d59079bcdcec/ 1 KB
680 B 55ms
46ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-6103d59079bcdcec/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e552184493eea74a53b11e52b6e6eec9c35d90cece6592d9bdf6cf1090ad8c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:10 GMT
content-encoding: gzip
etag: 706338575--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=3, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 504

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 160ms
136ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61af1d3598b8a3ef&bkl=0&bl=1&pdt=962&sid=61af1d3598b8a3ef&pub=ra-6103d59079bcdcec&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tumgir.com&fp=tag%2Fbodybuilders%2520in%2520street%2520clothes&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1638866230598&jsl=0&uvs=61af1d353675ff88000&skipb=1&callback=addthis.cbs.jsonp__406388102006961960
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b2e63eaba04f14bba563633180f4bcfbe432cb9bd1b9f001dac5c6cd361b8026

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:10 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 58AC 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 1536 71 KB
26 KB 28ms
28ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 07 Dec 2021 08:37:10 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 206
Partial Content landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/ 184 KB
185 KB 8ms
7ms XHR
video/mp2t 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: a137cc1fe8c28a65cfbde6d0b529db774f1de6d375885b5d41767172485adce2

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=514368-703119

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Content-Range: bytes 514368-703119/1732984
Connection: keep-alive
Content-Length: 188752
X-Served-By: cache-wdc5524-WDC
Last-Modified: Thu, 31 Dec 2020 15:30:24 GMT
Server: cloudinary
X-Timer: S1610538429.395509,VS0,VE72
ETag: "fffe8a01c05b841238f9411aaeeae18d"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3229598
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.tumgir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Tue, 07 Dec 2021 08:37:10 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 11ms
11ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 07 Dec 2021 08:37:10 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H/1.1 206
Partial Content landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/ 135 KB
135 KB 14ms
13ms XHR
video/mp2t 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 0b01e6e76a90369cb516c29f18fd80d401e9060ccc5efe72e70c9d7bfbb0ee36

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=703120-841111

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Content-Range: bytes 703120-841111/1732984
Connection: keep-alive
Content-Length: 137992
X-Served-By: cache-wdc5524-WDC
Last-Modified: Thu, 31 Dec 2020 15:30:24 GMT
Server: cloudinary
X-Timer: S1610538429.395509,VS0,VE72
ETag: "fffe8a01c05b841238f9411aaeeae18d"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3229598
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0

OPTIONS
H/1.1 200
OK landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/ Frame 0
0 8ms
8ms Preflight
text/html 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.tumgir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Tue, 07 Dec 2021 08:37:10 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A62F 14 KB
5 KB 53ms
10ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D1%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=156159
expires: Thu, 09 Dec 2021 03:59:49 GMT
date: Tue, 07 Dec 2021 08:37:10 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

usermatch Show response
ssum.casalemedia.com/ Frame 5615
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D42%26key%3D
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D42%26key%3D&s=190719&C=1

2 KB
3 KB

19ms
19ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D42%26key%3D&s=190719&C=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 07d3ba20a6e3b9064e748b43c0d5a5da82e00539c3970bc085cabefe88de014b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|39|45|73|13|218|64
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1835
Expires: Tue, 07 Dec 2021 08:37:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 07 Dec 2021 08:37:10 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 379
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D42%26key%3D&s=190719&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 07 Dec 2021 08:37:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 07 Dec 2021 08:37:10 GMT
Connection: keep-alive

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0704
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east

281 B
554 B

32ms
7ms

Document
text/html

104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Dec 2021 08:37:10 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Date: Tue, 07 Dec 2021 08:37:10 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 204
No Content merge
ce.lijit.com/ Frame D632 0
0 77ms
23ms Document
text/plain 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=&3pid=1638866230583-954080010883-008696-015-001488&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D18%26key%3D%5BSOVRNID%5D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

Server: nginx
Date: Tue, 07 Dec 2021 08:37:10 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap6ams1

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
136 B 92ms
92ms XHR
text/plain 34.193.25.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-25-178.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tumgir.com
date: Tue, 07 Dec 2021 08:37:10 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame 9DC8 314 KB
98 KB 12ms
12ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 272a612f7fcefd5b1292d2b642a9a252c57ee1b6c97cdfaad321eecca2466dce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:10 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvqqILf_qwh7s9u-plstsc_Gp5PiW8jXwa7ZZBa5V-RYBlKEGcfpDbg4Mv24HJt7HqnBptCkMuVERSUizQpAs0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 99492
last-modified: Wed, 01 Dec 2021 06:58:16 GMT
server: UploadServer
etag: "58251031c6023dee10212742471f8135"
vary: Accept-Encoding
x-goog-hash: crc32c=V+UbGA==, md5=WCUQMcYCPe4QISdCRx+BNQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1638341896718566
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 99492
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Dec 2021 08:42:10 GMT

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/234705/0/ 168 B
378 B 80ms
28ms XHR
application/xml 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/234705/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&w=531&h=299&cbb=8866230702
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:10 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://www.tumgir.com
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/216843/0/ 168 B
378 B 66ms
15ms XHR
application/xml 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/216843/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&w=531&h=299&cbb=8866230704
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:10 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://www.tumgir.com
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/236691/0/ 168 B
378 B 66ms
14ms XHR
application/xml 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/236691/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&w=531&h=299&cbb=8866230705
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:10 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://www.tumgir.com
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H2 200 track
track1.aniview.com/ 0
70 B 92ms
92ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=62033&t=1638866230&cip=91.199.118.73&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1638866230583-954080010883-008696-015-001488&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=69549561902&cd4=64130b52-6c39-48cf-94de-ba3773c7cb43&cd5=default&cd6=50&cd7=main&cd1=4.103.0&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&nid=56ea678d181f46c76f8b45fb&ncid=60a0c4acce284b4c1059cbe8&e=request&cb=1638866230706&asid=5f8c4fcaf3eefc7b4d24fc09%2C60ebfe94ebe867570438e997%2C60a0c4aabd19fc3b905086bf%2C60c60c3b1731ed2b383f0908%2C60a0c4aafb68616f1841bc65%2C5fa2a98bba80693a416064d7%2C5ee3d57071193a26344a4076%2C604e0bb1f199b154cc115338%2C60ebfe86a4a7792110515aa4%2C604e0c8861e0794a7a3b232a%2C60a0c4aa7ae1cb4e6b0eca03%2C5fcdefa2d427f057da5608a9%2C5fbe5d4370a94c4b696b7ccc%2C61129c5f0e70e663bd7c5b71&ofpr=%2C%2C%2C%2C%2C%2C%2C2%2C%2C2%2C%2C%2C2.8%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
282 B 176ms
162ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
last-modified: Tue, 07 Dec 2021 08:00:00 GMT
server: nginx/1.15.8
date: Tue, 07 Dec 2021 08:37:10 GMT
content-type: application/json
access-control-allow-origin: https://www.tumgir.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
309 B 225ms
211ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&callback=_ate.cbs.rcb_lbpq0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

707f6313c4292c18c3ef98ed86dbacd2238af489b99b889b858f5240b388a2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
last-modified: Tue, 07 Dec 2021 08:37:10 GMT
server: nginx/1.15.8
date: Tue, 07 Dec 2021 08:37:10 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
309 B 197ms
183ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&callback=_ate.cbs.rcb_imbf0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

9608ab4d3a414bb8d3e07dcbf2eb8413f34ad56eea0934e70710b808cdcc98af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.tumgir.com/tag/bodybuilders%20in%20street%20clothes
last-modified: Tue, 07 Dec 2021 08:37:10 GMT
server: nginx/1.15.8
date: Tue, 07 Dec 2021 08:37:10 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
410 B 126ms
55ms XHR
application/json 18.197.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-28-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 09d26303d0c02c2c886f6d1d5993c8bd75bd59576c00b827f0708998495b771c

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:11 GMT
content-encoding: gzip
x-prebid: pbs-java/1.79.0
content-type: application/json
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H2 204 mvo Show response
tag.1rx.io/rmp/216551/0/ 0
170 B 72ms
5ms XHR
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/216551/0/mvo?z=1r&hbv=5.20,2.1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumgir.com
pragma: no-cache
date: Tue, 07 Dec 2021 08:37:10 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
408 B 138ms
68ms XHR
application/json 18.197.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-28-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1c45395358ed50d511a219a1d462af7543b00b05a5d69bb9eb49c2b0b0f7bec7

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:11 GMT
content-encoding: gzip
x-prebid: pbs-java/1.79.0
content-type: application/json
access-control-allow-origin: https://www.tumgir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 5615
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ya8dNi_IK4sLNSh0ajsjpQAABJYAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Ya8dNi_IK4sLNSh0ajsjpQAABJYAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAZYy-An6iM2jxhUhmFBNcI&google_cver=1

43 B
315 B

31ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAZYy-An6iM2jxhUhmFBNcI&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 08:37:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 07 Dec 2021 08:37:11 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAZYy-An6iM2jxhUhmFBNcI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 5615
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ya8dNi_IK4sLNSh0ajsjpQAABJYAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ya8dNi_IK4sLNSh0ajsjpQAABJYAAAAB&dcc=t

43 B
645 B

95ms
95ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ya8dNi_IK4sLNSh0ajsjpQAABJYAAAAB&dcc=t

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D42%26key%3D&s=190719&C=1

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 08:37:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QM24ZVWB0RWR8K1J8BH6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 08:37:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 24WFW303HDCD63XS5GQ8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ya8dNi_IK4sLNSh0ajsjpQAABJYAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 5615 70 B
265 B 114ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5615
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ya8dNi-IK4sLNSh0ajsjpQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4IcSAsGzkVthqBKDIeO8U&google_cver=1&gdpr=1

43 B
999 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4IcSAsGzkVthqBKDIeO8U&google_cver=1&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 08:37:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Dec 2021 08:37:11 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4IcSAsGzkVthqBKDIeO8U&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Ya8dNi_IK4sLNSh0ajsjpQAABJYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5615 43 B
870 B 129ms
37ms Image
image/gif 2a05:d018:d29:3601:6630:8239:d3f4:893e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Ya8dNi_IK4sLNSh0ajsjpQAABJYAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:6630:8239:d3f4:893e Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:11 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET indexexchange
sync.adotmob.com/cookie/ Frame 5615 0
0

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=Ya8dNi-IK4sLNSh0ajsjpQAA%261174
dpm.demdex.net/ Frame 5615 0
0 159ms
38ms Image
application/json 34.251.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Ya8dNi-IK4sLNSh0ajsjpQAA%261174?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.193.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-193-90.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5615
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1641458231

43 B
982 B

19ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1641458231
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 08:37:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Dec 2021 08:37:11 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:10 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1641458231
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 cookiesyncendpoint
sync.aniview.com/ Frame 5615 0
233 B 303ms
103ms Image
text/plain 18.208.85.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1638866230583-954080010883-008696-015-001488&biddername=42&key=Ya8dNi-IK4sLNSh0ajsjpQAA%261174
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.85.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-85-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:11 GMT
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0704 32 KB
10 KB 29ms
9ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a9209223bdd21d9460b0685c7b81a084e30e2dcbed566c59b1ad60475f98b2d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=29981
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9514
Expires: Tue, 07 Dec 2021 16:56:51 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A62F 0
42 B 83ms
13ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49382066&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638866230583-954080010883-008696-015-001488%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:11 GMT
content-length: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0704 284 B
536 B 51ms
16ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

GET
H/1.1 206
Partial Content landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/ 166 KB
167 KB 11ms
9ms XHR
video/mp2t 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 7d37e2a52cb4b24bb620e484d442c61aa75c0d3ec904ceefa06a5e66821417ed

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=841112-1011439

Response headers

Date: Tue, 07 Dec 2021 08:37:11 GMT
Content-Range: bytes 841112-1011439/1732984
Connection: keep-alive
Content-Length: 170328
X-Served-By: cache-wdc5524-WDC
Last-Modified: Thu, 31 Dec 2020 15:30:24 GMT
Server: cloudinary
X-Timer: S1610538429.395509,VS0,VE72
ETag: "fffe8a01c05b841238f9411aaeeae18d"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3229597
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0

OPTIONS
H/1.1 200
OK landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/ Frame 0
0 9ms
8ms Preflight
text/html 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1599034735/landscape7a72cf75-2019-44e7-9a5f-449c3a8e35b4_1599034588284.ts
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.tumgir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Tue, 07 Dec 2021 08:37:11 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H2 200 track
track1.aniview.com/ 0
70 B 95ms
94ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=62033&t=1638866230&cip=91.199.118.73&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1638866230583-954080010883-008696-015-001488&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=69549561902&cd4=64130b52-6c39-48cf-94de-ba3773c7cb43&cd5=default&cd6=50&cd7=main&cd1=4.103.0&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&nid=56ea678d181f46c76f8b45fb&ncid=60a0c4acce284b4c1059cbe8&e=bid&cb=1638866231028&asid=5f8c4fcaf3eefc7b4d24fc09%2C60ebfe94ebe867570438e997%2C60a0c4aabd19fc3b905086bf%2C60a0c4aafb68616f1841bc65%2C5fa2a98bba80693a416064d7%2C5ee3d57071193a26344a4076%2C60ebfe86a4a7792110515aa4%2C60a0c4aa7ae1cb4e6b0eca03&ofpr=%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9DC8 374 KB
124 KB 48ms
25ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126291
x-xss-protection: 0
expires: Tue, 07 Dec 2021 08:37:11 GMT

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8632 595 KB
193 KB 25ms
10ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Fri, 03 Dec 2021 15:45:53 GMT
expires: Sat, 03 Dec 2022 15:45:53 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 319878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 9DC8 44 KB
17 KB 672ms
638ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Dec 2021 08:37:11 GMT

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3843 595 KB
193 KB 11ms
9ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Fri, 03 Dec 2021 15:45:53 GMT
expires: Sat, 03 Dec 2022 15:45:53 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 319878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E766 595 KB
193 KB 28ms
26ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Fri, 03 Dec 2021 15:45:53 GMT
expires: Sat, 03 Dec 2022 15:45:53 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 319878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4CB1 595 KB
193 KB 33ms
32ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Fri, 03 Dec 2021 15:45:53 GMT
expires: Sat, 03 Dec 2022 15:45:53 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 319878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 05D9 595 KB
193 KB 33ms
32ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Fri, 03 Dec 2021 15:45:53 GMT
expires: Sat, 03 Dec 2022 15:45:53 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 319878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9DC8 107 B
549 B 85ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumgir.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 08:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1269 37 KB
13 KB 38ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 09:35:06 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FBD8 37 KB
13 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 09:35:06 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 65A1 37 KB
13 KB 35ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 09:35:06 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CBAC 37 KB
13 KB 42ms
25ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 09:35:06 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 18C7 37 KB
13 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 09:35:06 GMT

POST
H/1.1 200 371.json Show response
id5-sync.com/g/v2/ 212 B
531 B 88ms
19ms XHR
application/json 51.89.42.86
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/371.json

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.42.86 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p26.id5-sync.com

Software

Resource Hash

f51bf14edec6ba915274aedf06cbce5d7144227c348665e64cb2a43408c056b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumgir.com
Date: Tue, 07 Dec 2021 08:37:01 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8632 72 KB
15 KB 519ms
464ms XHR
text/xml 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4055029149530561&sdkv=h.3.490.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=333335710&sdk_apis=2%2C8&sid=B864FABB-BBF3-4B70-A949-CCB0F5D2157A&nel=0&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&dt=1638866231801&cookie_enabled=1&scor=1263171320855956&ged=ve4_td2_er152.534.302.834_vi0.0.1200.1600_vp100_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9c0169f9168499179a1024c8f501f43a47be5199007d384a010cb3d26b6f7749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14953
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3843 156 B
236 B 470ms
417ms XHR
text/xml 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1236693305352530&sdkv=h.3.490.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3336733521&sdk_apis=2%2C8&sid=B864FABB-BBF3-4B70-A949-CCB0F5D2157A&nel=0&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&dt=1638866231805&cookie_enabled=1&scor=1263683189920442&ged=ve4_td2_er152.534.302.834_vi0.0.1200.1600_vp100_ts0_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E766 1 KB
852 B 99ms
55ms XHR
text/xml 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22651381276%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_tumgir.com_3&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&cust_params=publisher_name%3Dtumgir.com&env=vp&correlator=3163445430522813&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=What%20Your%20Favorite%20Superhero%20Says%20About%20You&vid_d=46&vid_kw=silhouette%2Csuperhero%2Czack%20snyder%2Cwolverine%2Cflash%2Cwonder%20woman%2Cclip%20art%2Cpostage%20stamp%2Cbats%2Cbat&sdkv=h.3.490.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3655730091&sdk_apis=2%2C8&sid=B864FABB-BBF3-4B70-A949-CCB0F5D2157A&nel=0&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&dt=1638866231813&cookie_enabled=1&scor=455683498271525&ged=ve4_td2_er152.534.302.834_vi0.0.1200.1600_vp100_ts0_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

622ded03b3c605b0860294a5021a5e4479e301672f0e5fab5fd6e5ffdadda3ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 778
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4CB1 1 KB
1 KB 91ms
50ms XHR
text/xml 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22651381276%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_tumgir.com_5&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&cust_params=publisher_name%3Dtumgir.com&env=vp&correlator=4115884115801170&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=What%20Your%20Favorite%20Superhero%20Says%20About%20You&vid_d=46&vid_kw=silhouette%2Csuperhero%2Czack%20snyder%2Cwolverine%2Cflash%2Cwonder%20woman%2Cclip%20art%2Cpostage%20stamp%2Cbats%2Cbat&sdkv=h.3.490.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1846007618&sdk_apis=2%2C8&sid=B864FABB-BBF3-4B70-A949-CCB0F5D2157A&nel=0&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&dt=1638866231817&cookie_enabled=1&scor=3917208343085456&ged=ve4_td2_er152.534.302.834_vi0.0.1200.1600_vp100_ts0_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

0a9247f2c9853f8796f191f53933e69c6d14b4f36da24ee6379c3d4161602e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 777
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 05D9 80 KB
15 KB 476ms
439ms XHR
text/xml 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3530043630728331&sdkv=h.3.490.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=548367149&sdk_apis=2%2C8&sid=B864FABB-BBF3-4B70-A949-CCB0F5D2157A&nel=0&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&dt=1638866231820&cookie_enabled=1&scor=4100659558975194&ged=ve4_td2_er152.534.302.834_vi0.0.1200.1600_vp100_ts0_eb24168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

3363c13f3615af54d0e9be12fc9ec1700f930a165c3109ae6e1324df141201d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15637
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame B05B 28 B
54 B 22ms
21ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c96dfd3/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_bEwMNzaWVw?feature=oembed&enablejsapi=1&origin=https://safe.txmblr.com&wmode=opaque
X-YouTube-Client-Version: 1.20211205.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtiUEYtNFY2RFF2WSi1uryNBg%3D%3D
X-YouTube-Ad-Signals: dt=1638866229555&flash=0&frm=2&u_tz&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C356%2C200&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 07 Dec 2021 08:37:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 07 Dec 2021 08:37:11 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E766 27 KB
7 KB 250ms
236ms XHR
text/xml 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_tumgir.com_3&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dtumgir.com&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&min_ad_duration=0&max_ad_duration=30000&ppos=1&lip=true&sid=B864FABB-BBF3-4B70-A949-CCB0F5D2157A&adk=3655730091&cookie_enabled=1&correlator=3163445430522813&dt=1638866232025&ged=ve4_td2_tt0_pd2_la2000_er152.534.451.1065_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&osd=2&scor=455683498271525&sdk_apis=2%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&vis=1&u_so=l&hl=en&frm=0&sdki=44d&sdkv=h.3.490.0&sdr=1&vid_d=46&nel=0&afvsz=200x200%2C450x50%2C468x60%2C480x70&cnc=22651381276&kfa=0&tfcd=0&ctv=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

41144d8a2cb48b0babd1dc9351c86d6e260aa2145098476082ab3f2869ea4b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6873
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
136 B 92ms
91ms XHR
text/plain 34.193.25.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-25-178.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tumgir.com
date: Tue, 07 Dec 2021 08:37:12 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 track
atrack.avplayer.com/ 0
70 B 94ms
94ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M20&cb=1638866232174&cid=60a0c4acce284b4c1059cbe8&VERSION=4.103.0&AV_PAGE_LOAD_UID=64130b52-6c39-48cf-94de-ba3773c7cb43&AV_CDIM4=64130b52-6c39-48cf-94de-ba3773c7cb43&AV_ABTEST_TEMPLATE_WIGHT=50&AV_CDIM6=50&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:12 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame E766 30 KB
14 KB 106ms
52ms XHR
text/xml 64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Aw9a1QKRGECHWXBdq_fF0mtthoaeXQWtvQhB8dSB97GmuYjP_OcPI2P5Bd4lrZ8FTErdZV02XYQ8o6zniDUtymlw2-pQ&cry=1&dbm_d=AKAmf-C16Ic2Lel9j77sNk4g1M31fyvVckLRRcqTPpZ2K6D1STuibUOBiKMf6Jn2A6XxcS5ty7_ukjhZZhosMmYR0rOKl2BTmUSkf8jygXlw0KNJu27xwsG2LKqgmdL1HmKZaHncCpP0qQGmdb45VJjeM7JeKNrHRfh6CANUTBDq4IF-NpifP_Nja8-jq-7mcndOuLE2Zyxmv4aIu9-BbcvHs_5X9vqlRYs28hwD0AB6jywT9VYZyW5e7fktZwIrnIvQKznsZNolqQbZdS5OymWodqdyNngrjVw5T13mu80tRNYXMz6LMlRRdpsnNbySmGLX6Q7IhYR4EDqUHAScDwU0bqWgq9IxxFUwXPCTQ3vh-7gr8cFKPKcGGyV704oZUdHoKP1SssHAbBEr7UqOHQO5YE-u7jrU3z_U8_pHsB6kik9ZYVKle5gw4uNonpjU7RP6OZo1iW2jEZvlxyAIDADFQAX6XyoncdvtziU1CXaEGmwC5IJdDWIpD5EffD30zXwSjaJwiAcqR61Tmz7d-zg41g3waFGXTo3okV8etjo9qy4f3F_mvFlD7qhlEzQcnMKjz_7jxHlx4WUxfvsMOj-zF0VnNZXb3--0dIyIZCcg9hsUkC3wLKTpvbbQj6J0SPP66Hhu5JzneFB6SgFgBlNI2bHwV7tZuzEMCa8QX5TT9wwpXJQJ750I8DbsgLGbUjiHy0cjc7XgTHfndVRI-FmL5Eg9-k8J90aSApOL5XtMYGGNStLeeuwzjt_bzZYIaY7WPJUDRP5km2rMesfFC9cd1Aj90KiyjvhyXtceeDJOVezRcoa2wPu6Q5mWnLmRHpqV-mhVeIPZn4N8Mf6LgpF1rYydetLgIsKKQ29lkKj4AAOSHC-minuk-J-dIQVN5cAwh_lOXI5kuwIC0VPfOQ5LKx9HgyCDr80BKabMD8jlN0NyEJ2rWWZJKh50ZZHcyaiOD9FTxHHCsz0OFq-oHhVqULqJEP_ed02_fF5Uz5jbFWvcrdJ194gI73uRyOHsJI501brj4DAZsaaXlYId0Wy9uwxo1K7Uo2xdG_32Tl8hvTpNkWSBSE6hUpxpDnlz6ZTPuOzVIMAt0uhVSgFP7qbvYyqmHsES0sTcLCDl-DjMseHNLUDzhj-ZrIqG0ukFi77SNz9HcCc2BZO8B_dOKIYs7fumlFBBe4uyuYgyEFaBElYY_OcKOsL7CIN5y1T8OxYorWWjn6QrwfJ_4hGusBCyp7uL9YfA__9ZI33tvQSpCSxrkbmSbWX6Iq7DX-Mnvobk77d1EPCDsdzDV6WcacDDEwoPY9G8NoZ3u5ox0mdIUMJklq4psDH_6iKJ1t1lhTNKnnn0hMxf-gIhed7LKkTxuQK7ASej7OvJC0sUihw535gTn2zl0Njm52mQ6IaQsgK5vwdHnkZBJmyTHuCxz46O4WcvSo7PNaJ0aEZhD9UWPfUmLYQizTti4ExY_WXYLjPibv9u33OmkeVjRxiuYgrrE9b-EKRmBOhWrNzdoDZnlrOpd1p7WZ6HoDt29TZ41LqKB6pvhoT_6OBEWcsFMD1wZHAbC1MBjPLs6FCKAr1VL7TWDuIWKUTUkbP7Kx0N_cx_KSUEMt3xhlI9tqr0N4yVp62TGys8Qb_D2hEkUNo2BOFDAUagjRnyxcx1-pQVbPKgiTpvq2hay1npkFSZ8LBIn1dPCl3rxMQdtgHVRQnTQmvpeldjOWY0zlEHvfQt7pGQqOLqEfzjd9PEDzTch_guv-CK-oQZQXrAtwE8XG8MSn6i5FBMjj6PrthbIdP16Wn3bldofD5zV8ddNHvLfEejUZNoiFhFDz9V44wShpJfCvGdv0hv7ICnMn-NGD428GlDMxUh8dK8o91pybZiY02xDq5fMRnaT7nVk26dCUB4Z-hYD2UlAzNi5VkHKdqzOmYpXFJsrT_avQarYO09qK-P7_IJP9UyTXzX_qjf3kNj1a1S7U1YagS5y0jqNqZq1Le7Q-N-hsXTfBSxW-K1nvWk5hVDCrhNX6Dnuw4yG1_dGcAvcwSzpei46-YUp3-PxfAdQLMNY5ZVyeiLnBflMLD6NDpEPw9NQXyF2uTihLyuQoggQ7YzaplL7jmeSVUeF6z6c-cIoqYcDYr2Y-kO99wq3vz1tklbonoa71X3QkUlE5ulGgCgZP0IBdCdDMMuw9gB-8ktpp-taA9hS9dN2jqAHGrpJgop8Ia604qrf4GP_SCBGUp3AIvkaHu8qzAn_7vA6aLEbK_mjT4zK-rgH8Ls4UkW5kL_xOt-NSGJ41p_TEjTCPE6PS1Ej0-_1wDqMXFkoGARqba78oG-jkX5mCpj2mpaBlh_eVfv6hUt3DXprHgB1J4K06dOXjZ1ZXWSw803nQZrocCK483hR8bqzkwPHsiJRS-sHc-E-nPtoKCxFb3uLN-9NtOq1aTsdWFwdLl0KIe0wmvUyk1HdDy_OI7P3tqelioGKuPbFvuLgivTMPdguzvsb5hzLR5cecM6edMcFUV3sZmmbEzaD8rMFwQKwSWZfXRxT-VeX4eRA9vg-ViD3lrMm-deS7mrO9SrXrQT817Kpqs1lgNZfYzEM487WL3NnYxudgcVBNrlStJDQph8wKn1HHPTvpNZCDc4dfCPEtHF8JQyOdsNG6Wl19zX8B7InaQjuIUlEuo8comL8AQqxLC0ux1oS8vTAMr_12bjslFaUXzgOoBaDoOrubUkjuwsqrG42BHF5yUJiwcIHlHoETarvfsW7W2ds5wWQWdO-fr09_KRfpSpXV34aeQAWjdjUlBZE__Fm9cF4kfvdZwRNevLWZ2bWrp88YGGvrG1mUqWgW1OkMr5a0zcQDKhyjar-_njNd5PTddYfKPM7jg0WIZAnYHyl3QrNtrSsGvRaO38XT-ouD3N62DRMbZ_FugO30qSBBfzdHYc8NRB5KI80fNV8aUuTngdy4tJk_scYIlsOs_yB40RFI8LWqygCaewKFx1Hzb084dJycMYaRCpNIPhJnywmRY6QrCKbQ8Nd1EsV0Smk1fjkJ-Tfod9y4syydJRSRDbLvqUTbbKUuf3vLPdT83jjAx50KGuyjRkAhs_CSW680XvF6B5QlRQRq72Q1C2IfYNRO2MvDNMCOBk_-NdNvoIih01q8RXAdPzKjAXNiPVvd-A0Xr4YZsCr6ypEH0nvlLt0rPAoZt1pq3564NZe9_UL5gWKVNvLLnDZmi4f78wGU79s0uWr6jo2p2HaLMmbcBs6EmJS3vhhpyHLxnGwF8YrEL5wIZNq7a2LKIrwdL1hOqQyD_a556msB8pfSQW_cMev01pKAx0KVxQIb5Y23nIpHKh2mw-NUYG-4hd1YDFqywJdxxKMznFLDiJ8JLC3g&cid=CAASEuRoaLc8uhJTb3kquQjcymuyVA&sdkv=h.3.490.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3655730091&sdk_apis=2%2C8&sid=B864FABB-BBF3-4B70-A949-CCB0F5D2157A&nel=0&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&dt=1638866232305&ged=ve4_td2_tt0_pd2_la2000_er152.534.451.1065_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f154.1e100.net

Software

cafe /

Resource Hash

6fb75cd2e2a1ba0aeeae225785dda7b4df8dc5c4b7f9f347e10ca14626176ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14032
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 326ms
122ms XHR
text/plain 34.194.106.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=62033&t=1638866230&cip=91.199.118.73&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1638866230583-954080010883-008696-015-001488&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=69549561902&cd4=64130b52-6c39-48cf-94de-ba3773c7cb43&cd5=default&cd6=50&cd7=main&cd1=4.103.0&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.106.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-106-25.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 08:37:12 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 14DD 595 KB
193 KB 11ms
11ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Fri, 03 Dec 2021 15:45:53 GMT
expires: Sat, 03 Dec 2022 15:45:53 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 319879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9DC8 107 B
122 B 38ms
18ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumgir.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 08:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E44B 37 KB
13 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 09:35:06 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E766 0
327 B 517ms
179ms Ping
image/gif 2607:f8b0:4007:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kwvun1i6&c=3967623308791&slotId=1983811654395.5&qqid=CJPg47yk0fQCFXPHuwgdMYEL_A&gqid=OB2vYf_wArGtlQfho6_4BA&fb=ima_html5-lima&sdkv=h.3.490.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&wta=1&vmfc=17&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E766 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame E766 0
0 50ms
50ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=COL01OB2vYZPkBPOO7_UPsYKu4A_J67mbZpy1nrXkDveUj9C2KhABILmNjihglYKAgLQHyAEFqAMBmAQAqgT8AU_Qxk-lWqOc6qDtZRqzge9cJVx-QdKFgnNFUQ2N7DCDoMy2N9EZNAv32FFBWa-zZ65SQeyJiGQcjFHj3j6InISZXAEg6Fjovvgw3-BOOcbtTTXUzkMpY_vrXSz-Ir2QvAi64qb13oN8PGagSsyBtOuPvnPWF1Y813aod8Yvzj2KvOUJTQt8kPZ38m0D2gNDLTgen6PwhSd4tNgVcMD_yuySWkwYXvjvIs_K490A0dc8FPGJ7xhD26ZQLb5bp3WJoFDbKS4-M5G2suifpBBXg4vAKuVZpEwjrdJS2VBP6DD8ug8LpHmHiDwsZ8UCONiN7TJVSRO3_5jiFPUWEMAEjN7P7uED4AQDiAX83py1OJIFBggDEAIYAZIFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHjZCiuwKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChD-_1QYkefJuQHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ5Mzc3Nzg0NDk3Mzk4NjmACgPICwGwE8eglQ3IE7Wy3N4D0BMA2BMKiBTCCdgUAdAVAYAXAbIXHgocCAASFHB1Yi05NzkwNzYyODExMDU3Njk5GNHVEw&sigh=pd8FfjlfqmA&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&cid=CAQSPACNIrLMox034oTEhMhBQY2qf6tI9g-ZB_KKDTifqOjQPVSHdIVSnx9rA7enU8lDIIZgww0vrlejN7_3SA&vt=10&sdkv=h.3.490.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTgzNjU5NTY1NDRAgAIKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTEzNjIxNzYyCTE2MDY1ODIzOUBvUjMI3AcQDyUAAHBBKAE6CzM4OTE4MjM1My0xQgRHREJNUABaEC14UDVyOFJCSElId2VraTUYAQ..
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 9DC8 0
54 B 491ms
179ms Ping
image/gif 2607:f8b0:4007:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kwvun14r&c=3967623308791&slotId=1983811654395.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

48
r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/d777e158b7a17cd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1670402232/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip...
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/d777e158b7a17cd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1670402232/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/d777e158b7a17cd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1670402232/sparams/acao,ctier,expire,id,ip,ipbits,ita...

2 MB
2 MB

53ms
8ms

Media
video/mp4

2a00:1450:4001:19::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/d777e158b7a17cd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1670402232/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/28B822FC6CAB1C5CCBBE2C13EDEC9202439E8C00.0C0AB700CA2EC90CDD0F539822D0681B4C12DDE4/key/cms1/cms_redirect/yes/mh/_b/mip/2a0f:9441:5:0:e5::1/mm/42/mn/sn-4g5ednds/ms/onc/mt/1638865142/mv/u/mvi/2/pl/48?cpn=-xP5r8RBHIHweki5&file=file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:19::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

534236e381149de6107703637ce63d1052cc12f4c93b2d10b47baca87f641023

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 08:37:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Nov 2021 07:19:52 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2226516/2226517
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2226517
Expires: Tue, 07 Dec 2021 08:37:12 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/d777e158b7a17cd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1670402232/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/28B822FC6CAB1C5CCBBE2C13EDEC9202439E8C00.0C0AB700CA2EC90CDD0F539822D0681B4C12DDE4/key/cms1/cms_redirect/yes/mh/_b/mip/2a0f:9441:5:0:e5::1/mm/42/mn/sn-4g5ednds/ms/onc/mt/1638865142/mv/u/mvi/2/pl/48?cpn=-xP5r8RBHIHweki5&file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 674
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 14DD 156 B
142 B 256ms
256ms XHR
text/xml 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3065106740583063&sdkv=h.3.490.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=368703145&sdk_apis=2%2C8&sid=B864FABB-BBF3-4B70-A949-CCB0F5D2157A&nel=0&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&dt=1638866232525&cookie=ID%3D0907439ade2ce41d%3AT%3D1638866231%3AS%3DALNI_MZvcZu26kKON33zWDqNENnve_5I9A&scor=4358642313731359&ged=ve4_td3_tt1_pd3_la3000_er152.534.302.834_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E766 42 B
64 B 34ms
33ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame E766 41 KB
16 KB 137ms
26ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 15:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 03 Dec 2022 15:45:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E766 0
20 B 66ms
65ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E766 0
571 B 185ms
75ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuusqcbLYup-CzvSay_zJD2xK0Z5wZR46ZjIXTu9XWlGHTjl8-6T3wRBAr3m6PgiNbNfMocWdtSTvulY4jphmYB8IqPHEpXYC_Fn6kOHJvKiRruDWygKvWNilGYJho6OcyjvIblgux6qFmYH9zncqbzE7THAf2M--kmDquGoB2fPbWJdTRbS8fQfrzoLp1prQic20dqe59EQmJqercEpnNGRZdy4wP-IPRLBCqTblV1Ih3kGxQonEhDAvD_gBVFNK1lapqI8oLXL-0zTegoAd679rJEy5Wptlu-ornDTKFBILaV1DSvehqqStNphfh8QhiqAwzrsb6xDADyJRksmT0XYCcMI0FeV4mlCdpWUCEIzYMuOBagG597POS30_Bey0JWUgc4EFuNeqOvJRgg1ifYWpi_fzCyb4CNBTV8aLc9imZ7X0sVEchZiH26reDdsupaTRVI1N-2ybKfVOUVMbDq4LO1omagCn7GErK3Y0YFYvm8MkO9fpz6e3STYNNLCvC-ktOO54jUH9gMpytBLt2nwhHzhW7cFlTyYoubMU_US7G1FInIqZHthgvnXFjH2gk4njCFuLv3GtImPw84a9skaPwl-5-TrwhNDEVbXa5ahyqn83Xh7JEwRVjkj-mpjC5ITlSdTQjGojo5utrlwQQIOoyen26o_zOVKrnSkQ5t2aRosSHEf2Sk-eLGrKWWlcGWAAlQuxFJLTGYea1eoauX-rvvNU97ozJNrfI15Wf3_5yTr_26opu1hV8Tgb5eSYvBWKTJpkP4Id_g28VvFA4Yxj5YVap5DafUnC_VMzACc52jCBsEAUAMF-YW448lHPmHLeKtrrfHQHvE4FRLGhBf8RlTyh0fgEgbCoStevrCpUKNMXv8u5aRyJn6JQKUzLwXIAfV3G1CJkzHp-cg-7M66_icyOispyM0b-9LA9nTTueThhxSsGXmDgbuU0GfwlFWAqANeIcwqXetZhwyhvG1OdlyyO2m5eb7ZSBfYWEUbFlZYkixTMz5dlhhgp1pA8R4S_gMeXMOb2v1FM_Pl9nrxCV09D-rDWyszRJXFJ52l5LV4QGgWkvR1H42QAFYXA1k0J_KGkAyG3X5o44VmYyJiSABAWHWNlqNr61Bqq_f-2qEw8Au60hm2WE1O10-9u0DaDPoH8TW9BY_eAnimQ69OTtWsqj7dYEGdh2t32cWqz0FdZVtMpwTD_PavInxG7NCcBGL&sai=AMfl-YQShQpBPaF6JG2JLuOs1wkgprvRU5GBslIJrpMfi5rmFP9IEL_e77Da8u-ilW2VuiGY7QlwF2VZjGtzz64YkW0YewvgJxXGAJEEyVmyU9R8zXXU2b9JKllbB0OquZqEnlXC61OY-yNtsKCc7XQPct11B39JFw&sig=Cg0ArKJSzNuHSfWEJVgBEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.490.0&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 07 Dec 2021 08:37:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

B26669393.318110559;dc_pre=CLiWi72k0fQCFdHouwgdPnkIYA;dc_trk_aid=510889360;dc_trk_cid=160209688;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N947918.279382DBMFACEBOOKINC-GB/ Frame E766
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N947918.279382DBMFACEBOOKINC-GB/B26669393.318110559;dc_trk_aid=510889360;dc_trk_cid=160209688;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N947918.279382DBMFACEBOOKINC-GB/B26669393.318110559;dc_pre=CLiWi72k0fQCFdHouwgdPnkIYA;dc_trk_aid=510889360;dc_trk_cid=160209688;ord=[timestamp];dc_lat=;dc_rd...

42 B
63 B

44ms
30ms

Image
image/gif

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N947918.279382DBMFACEBOOKINC-GB/B26669393.318110559;dc_pre=CLiWi72k0fQCFdHouwgdPnkIYA;dc_trk_aid=510889360;dc_trk_cid=160209688;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Protocol

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N947918.279382DBMFACEBOOKINC-GB/B26669393.318110559;dc_pre=CLiWi72k0fQCFdHouwgdPnkIYA;dc_trk_aid=510889360;dc_trk_cid=160209688;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame E766 0
0 38ms
36ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOUxwIQmKfDuwIYkefJuQEgATAB&v=APEucNVT2-I7WoKk0SfECKCKXUTiy2By7NCdewyyfrzNpML0P7jF8hVkWc72xK42EMO65HuiQumVNPckBDYJeKKzibVDNqbjBQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E766 42 B
64 B 39ms
37ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxHOvOB2vYZPkBPOO7_UPsYKu4A_J67mbZpy1nrXkDveUj9C2KhABILmNjihglYKAgLQHyAEFqAMByAMTmAQAqgT_AU_Qxk-lWqOc6qDtZRqzge9cJVx-QdKFgnNFUQ2N7DCDoMy2N9EZNAv32FFBWa-zZ65SQeyJiGQcjFHj3j6InISZXAEg6Fjovvgw3-BOOcbtTTXUzkMpY_vrXSz-Ir2QvAi64qb13oN8PGagSsyBtOuPvnPWF1Y813aod8Yvzj2KvOUJTQt8kPZ38m0D2gNDLTgen6PwhSd4tNgVcMD_yuySWkwYXvjvIs_K490A0dc8FPGJ7xhD26ZQLb5bp3WJoFDbKXY_qWQlIK8NO9us1Ws7NU3PzOG16CDhnKLUXQbUsyYTcMsJ4JGY29EsICFnRnen2K-j04B_6xZA8CpcLcAEjN7P7uED4AQDkAYBoAZ2gAeNkKK7AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2OYAKA8gLAeALAYAMAbATx6CVDcgTtbLc3gPQEwDYEwqIFMIJ2BQB0BUBgBcB&sigh=keMWfZ3nD9g&label=vast_creativeview&ad_mt=0&acvw=sv%3D908%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D810%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D595104334%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1450%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.08%26t%3D1638866232454&sdkv=h.3.490.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTgzNjU5NTY1NDRAgAIKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTEzNjIxNzYyCTE2MDY1ODIzOUBvUjYI3AcQDyUAAHBBKAE6CzM4OTE4MjM1My0xQgRHREJNSLcBUABaEC14UDVyOFJCSElId2VraTUYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI1O_1vKTR9AIVvkQdCR2pBQPSEAAYACC_5s1MOhoImKfDuwIQjN7P7uEDGLWy3N4DIJy1nrXkDkITCJPg47yk0fQCFXPHuwgdMYEL_A;dc_rmcid=CAASEuRoaLc8uhJTb3kquQjcymuyVA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D908%26cb%3D...
ade.googlesyndication.com/ddm/activity/ Frame E766 42 B
107 B 103ms
69ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1O_1vKTR9AIVvkQdCR2pBQPSEAAYACC_5s1MOhoImKfDuwIQjN7P7uEDGLWy3N4DIJy1nrXkDkITCJPg47yk0fQCFXPHuwgdMYEL_A;dc_rmcid=CAASEuRoaLc8uhJTb3kquQjcymuyVA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D908%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D810%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D595104334%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1451%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.08%26t%3D1638866232454;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E766 42 B
64 B 70ms
68ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstX3KKRZP61r11qEMrWbzR47ptaajyLJJhFoFExkRnPGx_Icpmb5exDyNkTdaVPqJi4kFjG8q9a9l89_5Sjqvd9LkAmI0L36YXm99kZ&sai=AMfl-YRgPQLZu7queUxiV6aFkrb43qxUlw3se8LMFJe-WGOjWr9E59Fg_aIV9RUgMHz4hi7Z3s16lsgW5VOPa2pgNPV9r5puu5WzxIZxHek-9aSjrA0VeWCbMqxnrEny&sig=Cg0ArKJSzMIYWiTId_OyEAE&cid=CAASEuRoaLc8uhJTb3kquQjcymuyVA&id=lidarv&acvw=sv%3D908%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D810%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D595104334%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1451%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.08%26t%3D1638866232454&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1O_1vKTR9AIVvkQdCR2pBQPSEAAYACC_5s1MOhoImKfDuwIQjN7P7uEDGLWy3N4DIJy1nrXkDkITCJPg47yk0fQCFXPHuwgdMYEL_A;dc_rmcid=CAASEuRoaLc8uhJTb3kquQjcymuyVA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D908%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D810%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D595104334%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1452%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.08%26t%3D1638866232454;dc_rfl=1,https%253A%252F%252Fwww.tumgir.com%252Ftag%252Fbodybuilders%252520in%252520street%252520clothes%240;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E766 42 B
64 B 39ms
38ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxHOvOB2vYZPkBPOO7_UPsYKu4A_J67mbZpy1nrXkDveUj9C2KhABILmNjihglYKAgLQHyAEFqAMByAMTmAQAqgT_AU_Qxk-lWqOc6qDtZRqzge9cJVx-QdKFgnNFUQ2N7DCDoMy2N9EZNAv32FFBWa-zZ65SQeyJiGQcjFHj3j6InISZXAEg6Fjovvgw3-BOOcbtTTXUzkMpY_vrXSz-Ir2QvAi64qb13oN8PGagSsyBtOuPvnPWF1Y813aod8Yvzj2KvOUJTQt8kPZ38m0D2gNDLTgen6PwhSd4tNgVcMD_yuySWkwYXvjvIs_K490A0dc8FPGJ7xhD26ZQLb5bp3WJoFDbKXY_qWQlIK8NO9us1Ws7NU3PzOG16CDhnKLUXQbUsyYTcMsJ4JGY29EsICFnRnen2K-j04B_6xZA8CpcLcAEjN7P7uED4AQDkAYBoAZ2gAeNkKK7AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2OYAKA8gLAeALAYAMAbATx6CVDcgTtbLc3gPQEwDYEwqIFMIJ2BQB0BUBgBcB&sigh=keMWfZ3nD9g&label=part2viewed&ad_mt=0&acvw=sv%3D908%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D810%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D595104334%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1452%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.08%26t%3D1638866232454&sdkv=h.3.490.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTgzNjU5NTY1NDRAgAIKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTEzNjIxNzYyCTE2MDY1ODIzOUBvUjYI3AcQDyUAAHBBKAE6CzM4OTE4MjM1My0xQgRHREJNSLcBUABaEC14UDVyOFJCSElId2VraTUYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI1O_1vKTR9AIVvkQdCR2pBQPSEAAYACC_5s1MOhoImKfDuwIQjN7P7uEDGLWy3N4DIJy1nrXkDkITCJPg47yk0fQCFXPHuwgdMYEL_A;dc_rmcid=CAASEuRoaLc8uhJTb3kquQjcymuyVA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D908%26cb%3D...
ade.googlesyndication.com/ddm/activity/ Frame E766 42 B
207 B 102ms
69ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1O_1vKTR9AIVvkQdCR2pBQPSEAAYACC_5s1MOhoImKfDuwIQjN7P7uEDGLWy3N4DIJy1nrXkDkITCJPg47yk0fQCFXPHuwgdMYEL_A;dc_rmcid=CAASEuRoaLc8uhJTb3kquQjcymuyVA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D908%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D10,0,0,0,0%26mtos%3D10,10,10,10,10%26amtos%3D0,0,0,0,0%26mcvt%3D10%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D10%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D10%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D10%26dfvs%3D10%26dvpt%3D10%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D810%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D595104334%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1455%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.08%26t%3D1638866232454;ecn1=1;etm1=0;eid1=16;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E766 42 B
64 B 38ms
37ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxHOvOB2vYZPkBPOO7_UPsYKu4A_J67mbZpy1nrXkDveUj9C2KhABILmNjihglYKAgLQHyAEFqAMByAMTmAQAqgT_AU_Qxk-lWqOc6qDtZRqzge9cJVx-QdKFgnNFUQ2N7DCDoMy2N9EZNAv32FFBWa-zZ65SQeyJiGQcjFHj3j6InISZXAEg6Fjovvgw3-BOOcbtTTXUzkMpY_vrXSz-Ir2QvAi64qb13oN8PGagSsyBtOuPvnPWF1Y813aod8Yvzj2KvOUJTQt8kPZ38m0D2gNDLTgen6PwhSd4tNgVcMD_yuySWkwYXvjvIs_K490A0dc8FPGJ7xhD26ZQLb5bp3WJoFDbKXY_qWQlIK8NO9us1Ws7NU3PzOG16CDhnKLUXQbUsyYTcMsJ4JGY29EsICFnRnen2K-j04B_6xZA8CpcLcAEjN7P7uED4AQDkAYBoAZ2gAeNkKK7AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2OYAKA8gLAeALAYAMAbATx6CVDcgTtbLc3gPQEwDYEwqIFMIJ2BQB0BUBgBcB&sigh=keMWfZ3nD9g&label=admute&ad_mt=0&acvw=sv%3D908%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D10,0,0,0,0%26mtos%3D10,10,10,10,10%26amtos%3D0,0,0,0,0%26mcvt%3D10%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D10%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D10%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D10%26dfvs%3D10%26dvpt%3D10%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D810%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D595104334%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1455%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.08%26t%3D1638866232454&sdkv=h.3.490.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTgzNjU5NTY1NDRAgAIKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTEzNjIxNzYyCTE2MDY1ODIzOUBvUjYI3AcQDyUAAHBBKAE6CzM4OTE4MjM1My0xQgRHREJNSLcBUABaEC14UDVyOFJCSElId2VraTUYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatvideo.js Show response
z.moatads.com/vidplaybuzzjs491747965698/ 314 KB
106 KB 24ms
23ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/vidplaybuzzjs491747965698/moatvideo.js
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 93e9c4317361abd8e3b1e4cdca77b7cf3cb28d30c98ca5cde95fa284c868874b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:12 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:45:40 GMT
server: AmazonS3
x-amz-request-id: XC20H203W21Q4ZXE
etag: "9f399490414322be18fe99a0b0c27b0c"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=6713
accept-ranges: bytes
content-length: 107720
x-amz-id-2: aA5Xw2J78Mv8AffwokojrHJbgkpPUWcmGIXPWnv9LnY11KZoXvhY9YtM12XopQBnkw99AYcHvuk=

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
136 B 112ms
112ms XHR
text/plain 34.193.25.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-25-178.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tumgir.com
date: Tue, 07 Dec 2021 08:37:12 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
136 B 113ms
113ms XHR
text/plain 34.193.25.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/b4763d50-e3a3-4c94-87b6-682aed526c7f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-25-178.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tumgir.com
date: Tue, 07 Dec 2021 08:37:12 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 track
track1.aniview.com/ 0
70 B 112ms
112ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=62033&t=1638866230&cip=91.199.118.73&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1638866230583-954080010883-008696-015-001488&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=69549561902&cd4=64130b52-6c39-48cf-94de-ba3773c7cb43&cd5=default&cd6=50&cd7=main&cd1=4.103.0&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&asid=60a0c4aabd19fc3b905086bf&pid=56ea678d181f46c76f8b45fb&cid=60a0c4acce284b4c1059cbe8&h=63b9f3ea3c685627005d85f67882233e65fdb704&d9=1000&ad=15&vi=100&ofpr=1.98268&imid=7bc06969857f311e91ddc15fc2510315_172316066_24439428&e=impression&cb=1638866230702&ad=15&vi=100&d4=1&d5=2&d1=vpaid&fv=1&cb=1638866230708
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:12 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
atrack.avplayer.com/ 0
70 B 113ms
113ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=playerLoaded&cb=1638866232626&cid=60a0c4acce284b4c1059cbe8&VERSION=4.103.0&AV_PAGE_LOAD_UID=64130b52-6c39-48cf-94de-ba3773c7cb43&AV_CDIM4=64130b52-6c39-48cf-94de-ba3773c7cb43&AV_ABTEST_TEMPLATE_WIGHT=50&AV_CDIM6=50&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:12 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 113ms
113ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=62033&t=1638866230&cip=91.199.118.73&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1638866230583-954080010883-008696-015-001488&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=69549561902&cd4=64130b52-6c39-48cf-94de-ba3773c7cb43&cd5=default&cd6=50&cd7=main&cd1=4.103.0&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&asid=60a0c4aabd19fc3b905086bf&pid=56ea678d181f46c76f8b45fb&cid=60a0c4acce284b4c1059cbe8&h=63b9f3ea3c685627005d85f67882233e65fdb704&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=1.98268&imid=7bc06969857f311e91ddc15fc2510315_172316066_24439428&e=start&d1=vpaid&fv=1&cb=1638866230708
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:12 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 17ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PLAYBUZZJSVIDEO1&hp=1&wf=1&ra=2&pxm=6&vz=-&zp=0&sgs=2&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1638866232739&de=424189563722&m=0&ar=553ffc12ef5-clean&iw=edcd517&q=2&cb=0&ym=0&cu=1638866232739&ll=4&lm=0&ln=0&r=0&em=0&en=0&d=www.tumgir.com%3A60a0c4acce284b4c1059cbe8%3A%3A&zMoatAdSource=-&zMoatAdvertiser=-&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&id=1&ii=4&bo=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&bd=&zMoatOrigSlicer1=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&zMoatOrigSlicer2=N%2FA&gw=vidplaybuzzjs491747965698&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1292%3A1292%3A2562%3A1121&fs=195402&na=1340427443&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 08:37:12 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E766 0
54 B 180ms
180ms Ping
image/gif 2607:f8b0:4007:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kwvun23o&c=3967623308791&slotId=1983811654395.5&qqid=CJPg47yk0fQCFXPHuwgdMYEL_A&gqid=OB2vYf_wArGtlQfho6_4BA&fb=ima_html5-lima&sdkv=h.3.490.0&mrd=4&aab=1&itv=1&gpm_i=17&gpm_c=17&gpm_a=14&smb=1000&br=988&mt=video%2Fmp4&vs=640x360&webm=4&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2F3gpp%2Cvideo%2F3gpp%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&met.4=ff.kwvun296
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=2&pxm=6&vz=-&zp=0&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=1&rk=0&tk=1&ak=https%3A%2F%2Fwww.tumgir.com%2F%2Ftag%2F-&i=PLAYBUZZJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mdNRc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-hTUy9DU1NqKUTA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=kw%60E*Y%7B!%2Fuo%2FmC7L!ks1t)JTG&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=299&w=531&fy=534.28125&gp=152&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&id=1&ii=4&f=0&j=&t=1638866232739&de=424189563722&cu=1638866232739&m=83&ar=553ffc12ef5-clean&iw=edcd517&cb=0&ym=0&ll=4&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=152&lb=92849&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1292%3A1292%3A2562%3A1121&as=0&ag=32&an=0&gf=32&gg=0&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=32&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=64&cd=0&ah=64&am=0&dq=64&dr=0&ds=64&dt=0&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&rf=0&re=0&cl=0&at=0&d=www.tumgir.com%3A60a0c4acce284b4c1059cbe8%3A%3A&bo=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&bd=&gw=vidplaybuzzjs491747965698&zMoatOrigSlicer1=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&zMoatOrigSlicer2=N%2FA&zMoatAdSource=-&zMoatAdvertiser=-&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1670395336&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 08:37:12 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame A7F8 23 KB
9 KB 28ms
10ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Fri, 03 Dec 2021 15:45:55 GMT
expires: Sat, 03 Dec 2022 15:45:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 319877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4E5C 595 KB
193 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Fri, 03 Dec 2021 15:45:53 GMT
expires: Sat, 03 Dec 2022 15:45:53 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 319879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9DC8 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumgir.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 08:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&wf=1&ra=2&pxm=6&vz=-&zp=0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=1&rk=0&tk=1&ak=-&i=PLAYBUZZJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mdNRc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-hTUy9DU1NqKUTA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=kw%60E*Y%7B!%2Fuo%2FmC7L!ks1t)JTG&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=299&w=531&fy=534.28125&gp=152&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&id=1&ii=4&f=0&j=&t=1638866232739&de=424189563722&cu=1638866232739&m=85&ar=553ffc12ef5-clean&iw=edcd517&cb=0&ym=0&ll=4&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=152&lb=92849&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1292%3A1292%3A2562%3A1121&as=0&ag=32&an=32&gf=32&gg=32&ez=1&aj=1&pg=100&pf=100&ib=0&cc=0&bw=32&bx=32&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=64&cd=64&ah=64&am=64&dq=64&dr=64&ds=64&dt=64&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ef=1&rf=0&re=0&cl=0&at=0&d=www.tumgir.com%3A60a0c4acce284b4c1059cbe8%3A%3A&bo=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&bd=&gw=vidplaybuzzjs491747965698&zMoatOrigSlicer1=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&zMoatOrigSlicer2=N%2FA&zMoatAdSource=-&zMoatAdvertiser=-&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=646118436&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 08:37:12 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1303 37 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 09:35:06 GMT

GET
H3 200 ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame A7F8 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 17:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13522
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 17:27:31 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4E5C 156 B
142 B 355ms
354ms XHR
text/xml 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_450&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=847434680567232&sdkv=h.3.490.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3470103541&sdk_apis=2%2C8&sid=B864FABB-BBF3-4B70-A949-CCB0F5D2157A&nel=0&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&dt=1638866233047&cookie=ID%3Dea6c6c3f21c2d4b2%3AT%3D1638866232%3AS%3DALNI_MbEP4ZzCvOBSLLapYTly9x0qbbPdQ&scor=3852197754831046&ged=ve4_td3_tt1_pd3_la3000_er152.534.302.834_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 CQInDWUjIA8pDQMCfw0+P38HKRUNBjMSJzMlB3INESciCj4VPAUAHhIRARkBHxMLLx0QJD4PFzB7Ki4SFxEkLz4reSErNhd+JSEXM30ELWRfeA1mYzklPC84X3wKdmRMfXx7ZEJ8e3psSXJ8dGNPfG81aUplcW1iVHtvNmlPe3F2Y0N8eHVhT316e2RcPzkiM0d6b...
uknsyenerg.co/SUNUektmfDcJdhMpGggGJC8AOB19AAE8CgEbIzgpHxIkHAolMHIOIi1+bE95cHRgXDsgJ2lJeW8wIBs/PDBpSHt5dnITJS8saUh7eXVkSn17e3FNCCE3IAo4bHAVX3kPZmY8IiQkehkvJ208FT46JnFIDSAuM1Q7ITNxSQ0/Zmc+eWxxYhMvbHA... 0
502 B 114ms
114ms Ping
text/plain 2606:4700:3034::ac43:8a89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uknsyenerg.co/SUNUektmfDcJdhMpGggGJC8AOB19AAE8CgEbIzgpHxIkHAolMHIOIi1+bE95cHRgXDsgJ2lJeW8wIBs/PDBpSHt5dnITJS8saUh7eXVkSn17e3FNCCE3IAo4bHAVX3kPZmY8IiQkehkvJ208FT46JnFIDSAuM1Q7ITNxSQ0/Zmc+eWxxYhMvbHAQHzIDMw1IcjwKPhUiBykSEhEOEi43HxsoDj4GeBk9TzwrLjcTBwoJZRscGCobEB55DhAzOAAuGgoRCgpiNCEAcRkQIDAPFzA9KjodTAYdEiczJgM6NkkvMxkMMyIGKRFOBwoJPhh4HzYwMgF8Cj4VegcqIxMpegE4GSYPczZJAiAMPhF+Bhc/CQInDWUjIA8pDQMCfw0+P38HKRUNBjMSJzMlB3INESciCj4VPAUAHhIRARkBHxMLLx0QJD4PFzB7Ki4SFxEkLz4reSErNhd+JSEXM30ELWRfeA1mYzklPC84X3wKdmRMfXx7ZEJ8e3psSXJ8dGNPfG81aUplcW1iVHtvNmlPe3F2Y0N8eHVhT316e2RcPzkiM0d6bzMgDid0cmJJc3F1Ykh4enNsTg
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8a89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Dec 2021 08:37:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anleHuLABoe2ppkAXJE3lAiTayYM2opR4S9xM06KdKSwBZf272qC0ZqUu8loE%2BSVsmBmaJFOv7RAiKqR4s9UouxycuLxtEvPVNuHoPA9FnFcAio4mjyHoass5N44iigdKyVGpj%2FjyfEtThW3"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6b9c6e44c99f693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET img.php
img.cdn.house/ 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A7F8 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.490.0&bgai=BGnCyOB2vYdTzFr6J9fgPqYuMkA0AAAAAOAHgBAI&bg=!l5SllNDNAAaQHwIOkB87ACkAdvg8WuyqAxS3eUy2I_-55kZcfMuesfeExV64YHm7nB2Ep6g1p3e7kgIAAABrUgAAAApoAQeZAvCzjweq4RetTpk_zulX5FnWHVzDBxWUu5NvV1swBIoUvS4vGyYaAayzlyKgvWqhd6iAXMRAudnx_YhEE38GoQteE3lqio29rjW0jGxvgO6MlATRktDp4UQo3utyVWauoDIBcO9sWLzMStXXmhPGLu3nAEYih8m6AfgvEZgk9fT9jR1f4chXIaj9fws-zyDXMplaVtFRoRzXilWUo45sUvinEWxrZ7yrJZA1OjGMhWNB0W9ks3ST3k7gCLLYP0WShAk6N2GPl5H5grIHigB0YiF5iFqcQn-UjnCY38DfbqIDYcuOYevgEtr-uJmuQFcNBekZGBUY-q8k3_oN6m_OSLSGmG72yFCGjO-yq_-ZZkantuT0-okDXgI7MiaQA6zOKux2uWyxaLla2R496V5TI47zBNLJiL-_JGdiXn6oqyCVynUXBW9iL_U-EfcW1WB1gbouQ8D_Y-Z5wfS4X3Om-FmE52N_YgpUn320VKf2Zc-ho_Zhw2uyF05arrfdHmujfzslMoAKdRdTtmhAgJTUfRrIXK7SstR6mcLrg8Axg-qjrf5CdqPGCMwLxkPwuAWIq3aYDaCZb8SoJ0ClFK-m5f9IXwsH-ZqWz61tlG8dZ7ulYqsFBP07alDcm0Cdd5gjNDmd-XQuhz0H8ZRZNkRdodXAFZKuaEgDAj1hMJaSnL4fQ_Ux4L8eOcEz8d2LWmrFeVtzAEWZFPMqNe4RWhTmc3rhDBjn33GAI5Kl-M0KOOMlvKJlhmG_s9MOaBYPHSByhqAnysUAUNcXUPrCnH3g1V4XGURNgr23aGMlJHXxmMppvFjs5O-X1M5gzli1s-_BnVaqeVr4voZZapwqUU4eHgxSxUjlgdUDQyL7nFQg1UrJ1HDWyMqSq8nI-0iBOLWj5mvLQrBAgPX0AXqGWjahOiaE8oxNQ9vejKsX-c5mxwcPMoEiM-oe3aC2EvAWtHujRzVWGAq53nYWMy_hydWu9eYLh_d2J3-OoSGln-dBOemNsw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.php
img.cdn.house/ Frame 90A6 3 KB
3 KB 327ms
24ms Image
image/webp 46.4.32.130
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.cdn.house/img.php?v=2&id=eyJpY29uIjoiNjFhZGQzMTRkZDM1Zi5wbmciLCJ1aWQiOjU0MDIsImNpZCI6NjI2MjkyLCJvcyI6MTQsImJyb3dzZXIiOjE4LCJjb3VudHJ5Ijo1Niwib3BlcmF0b3IiOjk5OTksInN1YkFjYyI6NjE4NjAwMzQsInN1YklkIjowLCJhZHZUeXBlIjowLCJ0cmFmZmljQ2hhbm5lbCI6Mn0=
Requested by: Host: d18g6t7whf8ejf.cloudfront.net
URL: https://d18g6t7whf8ejf.cloudfront.net/?hwtgd=852974
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.32.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.130.32.4.46.clients.your-server.de
Software: nginx /
Resource Hash: 6dc022148b3343bfda3b4c8f35c5836de03777c744adf84b206adea0a42f0cd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:13 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified: Mon, 06 Dec 2021 09:13:19 GMT
server: nginx
accept-ranges: bytes
content-length: 2586
content-type: image/webp

GET
DATA 200
OK truncated
/ Frame 90A6 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 90A6 814 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2062 595 KB
193 KB 9ms
8ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Fri, 03 Dec 2021 15:45:53 GMT
expires: Sat, 03 Dec 2022 15:45:53 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 319880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9DC8 107 B
122 B 24ms
24ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumgir.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 08:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CE6B 37 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 09:35:06 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2062 1 KB
807 B 54ms
54ms XHR
text/xml 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22651381276%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_tumgir.com_9&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&cust_params=publisher_name%3Dtumgir.com&env=vp&correlator=3533087178627756&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=What%20Your%20Favorite%20Superhero%20Says%20About%20You&vid_d=46&vid_kw=silhouette%2Csuperhero%2Czack%20snyder%2Cwolverine%2Cflash%2Cwonder%20woman%2Cclip%20art%2Cpostage%20stamp%2Cbats%2Cbat&sdkv=h.3.490.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2630311310&sdk_apis=2%2C8&sid=B864FABB-BBF3-4B70-A949-CCB0F5D2157A&nel=0&url=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&dt=1638866233549&cookie=ID%3Dea6c6c3f21c2d4b2%3AT%3D1638866232%3AS%3DALNI_MbEP4ZzCvOBSLLapYTly9x0qbbPdQ&scor=2698622205795150&ged=ve4_td4_tt2_pd4_la4000_er152.534.302.834_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

fde2001ad01991b00479e61431b11afc38e713a27abb396735a60aee5f75453e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 780
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=2&pxm=6&vz=-&zp=0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=1&rk=0&tk=1&ak=-&i=PLAYBUZZJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mdNRc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-hTUy9DU1NqKUTA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=kw%60E*Y%7B!%2Fuo%2FmC7L!ks1t)JTG&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=299&w=531&fy=534.28125&gp=152&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&id=1&ii=4&f=0&j=&t=1638866232739&de=424189563722&cu=1638866232739&m=1236&ar=553ffc12ef5-clean&iw=edcd517&cb=0&ym=0&ll=4&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=152&lb=92849&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1292%3A1292%3A2562%3A1121&as=1&ag=1191&an=32&gi=1&gf=1191&gg=32&ez=1&kw=1022&aj=1&pg=100&pf=100&ib=0&dw=1&cc=1&bw=1191&bx=32&jz=1022&dj=1&dx=1&aa=1&ad=1083&cn=0&gn=1&gk=1083&gl=0&cp=1022&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=64&ah=1022&am=64&dq=1022&dr=64&ds=1022&dt=64&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=0&vt=22&vd=0&zMoatSRE=0.0826921875&zMoatVSD=30&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&du=11&eb=1&ec=4786&ef=1&rf=0&re=0&cl=0&at=0&d=www.tumgir.com%3A60a0c4acce284b4c1059cbe8%3A%3A&bo=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&bd=&gw=vidplaybuzzjs491747965698&zMoatOrigSlicer1=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&zMoatOrigSlicer2=N%2FA&zMoatAdSource=-&zMoatAdvertiser=-&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=836733565&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 08:37:13 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=2&pxm=6&vz=-&zp=0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=1&rk=0&tk=1&ak=-&i=PLAYBUZZJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mdNRc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-hTUy9DU1NqKUTA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=kw%60E*Y%7B!%2Fuo%2FmC7L!ks1t)JTG&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=299&w=531&fy=534.28125&gp=152&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&id=1&ii=4&f=0&j=&t=1638866232739&de=424189563722&cu=1638866232739&m=1238&ar=553ffc12ef5-clean&iw=edcd517&cb=0&ym=0&ll=4&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=152&lb=92849&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1292%3A1292%3A2562%3A1121&as=1&ag=1191&an=1191&gi=1&gf=1191&gg=1191&ez=1&kw=1022&aj=1&pg=100&pf=100&ib=0&dw=1&cc=1&bw=1191&bx=1191&jz=1022&dj=1&dx=1&aa=1&ad=1083&cn=1083&gn=1&gk=1083&gl=1083&cp=1022&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=1022&ah=1022&am=1022&dq=1022&dr=1022&ds=1022&dt=1022&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=22&vt=22&vd=0&zMoatSRE=0.0826921875&zMoatVSD=30&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&du=11&eb=1&ec=4786&ef=1&rf=0&re=0&cl=0&at=0&d=www.tumgir.com%3A60a0c4acce284b4c1059cbe8%3A%3A&bo=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&bd=&gw=vidplaybuzzjs491747965698&zMoatOrigSlicer1=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&zMoatOrigSlicer2=N%2FA&zMoatAdSource=-&zMoatAdvertiser=-&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=618521308&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 08:37:13 GMT

GET
H3 200 dc_oe=ChMI1O_1vKTR9AIVvkQdCR2pBQPSEAAYACC_5s1MOhoImKfDuwIQjN7P7uEDGLWy3N4DIJy1nrXkDkITCJPg47yk0fQCFXPHuwgdMYEL_A;dc_rmcid=CAASEuRoaLc8uhJTb3kquQjcymuyVA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D908%26cb%3D...
ade.googlesyndication.com/ddm/activity/ Frame E766 42 B
63 B 51ms
50ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1O_1vKTR9AIVvkQdCR2pBQPSEAAYACC_5s1MOhoImKfDuwIQjN7P7uEDGLWy3N4DIJy1nrXkDkITCJPg47yk0fQCFXPHuwgdMYEL_A;dc_rmcid=CAASEuRoaLc8uhJTb3kquQjcymuyVA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D908%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D2064,0,0,0,0%26mtos%3D2064,2064,2064,2064,2064%26amtos%3D0,0,0,0,0%26mcvt%3D2064%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2064%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D438%26pst%3D452%26dur%3D15018%26vmtime%3D1955%26dtos%3D2064%26dtoss%3D1%26dvs%3D2054%26dfvs%3D2054%26dvpt%3D2054%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D810%26femvt%3D0%26emc%3D11%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D595104334%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D3509%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2064;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.08%26t%3D1638866232454;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E766 42 B
64 B 49ms
49ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstX3KKRZP61r11qEMrWbzR47ptaajyLJJhFoFExkRnPGx_Icpmb5exDyNkTdaVPqJi4kFjG8q9a9l89_5Sjqvd9LkAmI0L36YXm99kZ&sai=AMfl-YRgPQLZu7queUxiV6aFkrb43qxUlw3se8LMFJe-WGOjWr9E59Fg_aIV9RUgMHz4hi7Z3s16lsgW5VOPa2pgNPV9r5puu5WzxIZxHek-9aSjrA0VeWCbMqxnrEny&sig=Cg0ArKJSzMIYWiTId_OyEAE&cid=CAASEuRoaLc8uhJTb3kquQjcymuyVA&id=lidarv&acvw=sv%3D908%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D2064,0,0,0,0%26mtos%3D2064,2064,2064,2064,2064%26amtos%3D0,0,0,0,0%26mcvt%3D2064%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2064%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D438%26pst%3D452%26dur%3D15018%26vmtime%3D1955%26dtos%3D2064%26dtoss%3D1%26dvs%3D2054%26dfvs%3D2054%26dvpt%3D2054%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D810%26femvt%3D0%26emc%3D11%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D595104334%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D3509%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2064&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.08%26t%3D1638866232454

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=62033&t=1638866230&cip=91.199.118.73&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1638866230583-954080010883-008696-015-001488&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=69549561902&cd4=64130b52-6c39-48cf-94de-ba3773c7cb43&cd5=default&cd6=50&cd7=main&cd1=4.103.0&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&asid=60a0c4aabd19fc3b905086bf&pid=56ea678d181f46c76f8b45fb&cid=60a0c4acce284b4c1059cbe8&h=63b9f3ea3c685627005d85f67882233e65fdb704&d9=1000&ad=15&vi=100&ofpr=1.98268&imid=7bc06969857f311e91ddc15fc2510315_172316066_24439428&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=1&cb=1638866230708
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=2&pxm=6&vz=-&zp=0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=1&rk=0&tk=1&ak=-&i=PLAYBUZZJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mdNRc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-hTUy9DU1NqKUTA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=kw%60E*Y%7B!%2Fuo%2FmC7L!ks1t)JTG&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=299&w=531&fy=534.28125&gp=152&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&id=1&ii=4&f=0&j=&t=1638866232739&de=424189563722&cu=1638866232739&m=2242&ar=553ffc12ef5-clean&iw=edcd517&cb=0&ym=0&ll=4&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=152&lb=92849&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1292%3A1292%3A2562%3A1121&as=1&ag=2197&an=1191&gi=1&gf=2197&gg=1191&ez=1&ck=2197&kw=1022&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=2197&bx=1191&ci=2197&jz=1022&dj=1&dx=1&undefined=1&aa=1&ad=2089&cn=1083&gn=1&gk=2089&gl=1083&co=2089&cp=1022&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2028&cd=1022&ah=2028&am=1022&dq=2028&dr=1022&ds=2028&dt=1022&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=22&vt=41&vd=0&zMoatSRE=0.0826921875&zMoatVSD=30&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&du=11&eb=1&ec=4786&ef=1&rf=0&re=0&cl=0&at=0&d=www.tumgir.com%3A60a0c4acce284b4c1059cbe8%3A%3A&bo=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&bd=&gw=vidplaybuzzjs491747965698&zMoatOrigSlicer1=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&zMoatOrigSlicer2=N%2FA&zMoatAdSource=-&zMoatAdvertiser=-&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1639044391&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 08:37:14 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 10ms
10ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=2&pxm=6&vz=-&zp=0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=1&rk=0&tk=1&ak=-&i=PLAYBUZZJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mdNRc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-hTUy9DU1NqKUTA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=kw%60E*Y%7B!%2Fuo%2FmC7L!ks1t)JTG&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=299&w=531&fy=534.28125&gp=152&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&id=1&ii=4&f=0&j=&t=1638866232739&de=424189563722&cu=1638866232739&m=2243&ar=553ffc12ef5-clean&iw=edcd517&cb=0&ym=0&ll=4&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=152&lb=92849&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1292%3A1292%3A2562%3A1121&as=1&ag=2197&an=2197&gi=1&gf=2197&gg=2197&ez=1&ck=2197&kw=1022&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=2197&bx=2197&ci=2197&jz=1022&dj=1&dx=1&undefined=1&aa=1&ad=2089&cn=2089&gn=1&gk=2089&gl=2089&co=2089&cp=1022&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2028&cd=2028&ah=2028&am=2028&dq=2028&dr=2028&ds=2028&dt=2028&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=41&vt=41&vd=0&zMoatSRE=0.0826921875&zMoatVSD=30&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&du=11&eb=1&ec=4786&ef=1&rf=0&re=0&cl=0&at=0&d=www.tumgir.com%3A60a0c4acce284b4c1059cbe8%3A%3A&bo=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&bd=&gw=vidplaybuzzjs491747965698&zMoatOrigSlicer1=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&zMoatOrigSlicer2=N%2FA&zMoatAdSource=-&zMoatAdvertiser=-&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=80192490&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 08:37:14 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 92ms
91ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=62033&t=1638866230&cip=91.199.118.73&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1638866230583-954080010883-008696-015-001488&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=69549561902&cd4=64130b52-6c39-48cf-94de-ba3773c7cb43&cd5=default&cd6=50&cd7=main&cd1=4.103.0&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&asid=60a0c4aabd19fc3b905086bf&pid=56ea678d181f46c76f8b45fb&cid=60a0c4acce284b4c1059cbe8&h=63b9f3ea3c685627005d85f67882233e65fdb704&d9=1000&ad=15&vi=100&ofpr=1.98268&imid=7bc06969857f311e91ddc15fc2510315_172316066_24439428&e=sec3&vi=100&d1=vpaid&fv=1&cb=1638866230708
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:15 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1O_1vKTR9AIVvkQdCR2pBQPSEAAYACC_5s1MOhoImKfDuwIQjN7P7uEDGLWy3N4DIJy1nrXkDkITCJPg47yk0fQCFXPHuwgdMYEL_A;dc_rmcid=CAASEuRoaLc8uhJTb3kquQjcymuyVA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D908%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D3997,0,0,0,0%26mtos%3D3997,3997,3997,3997,3997%26amtos%3D0,0,0,0,0%26mcvt%3D3997%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3997%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D838%26pst%3D452%26dur%3D15018%26vmtime%3D3955%26dtos%3D1933%26dtoss%3D2%26dvs%3D1933%26dfvs%3D1933%26dvpt%3D1933%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3997,3997,3997,3997,3997%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D810%26femvt%3D0%26emc%3D21%26emuc%3D0%26emb%3D21,0,0,0,0%26avms%3Dexc%26qi%3D595104334%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D5441%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3997;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.08%26t%3D1638866232454;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E766 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxHOvOB2vYZPkBPOO7_UPsYKu4A_J67mbZpy1nrXkDveUj9C2KhABILmNjihglYKAgLQHyAEFqAMByAMTmAQAqgT_AU_Qxk-lWqOc6qDtZRqzge9cJVx-QdKFgnNFUQ2N7DCDoMy2N9EZNAv32FFBWa-zZ65SQeyJiGQcjFHj3j6InISZXAEg6Fjovvgw3-BOOcbtTTXUzkMpY_vrXSz-Ir2QvAi64qb13oN8PGagSsyBtOuPvnPWF1Y813aod8Yvzj2KvOUJTQt8kPZ38m0D2gNDLTgen6PwhSd4tNgVcMD_yuySWkwYXvjvIs_K490A0dc8FPGJ7xhD26ZQLb5bp3WJoFDbKXY_qWQlIK8NO9us1Ws7NU3PzOG16CDhnKLUXQbUsyYTcMsJ4JGY29EsICFnRnen2K-j04B_6xZA8CpcLcAEjN7P7uED4AQDkAYBoAZ2gAeNkKK7AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2OYAKA8gLAeALAYAMAbATx6CVDcgTtbLc3gPQEwDYEwqIFMIJ2BQB0BUBgBcB&sigh=keMWfZ3nD9g&label=videoplaytime25&ad_mt=3955&acvw=sv%3D908%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D3997,0,0,0,0%26mtos%3D3997,3997,3997,3997,3997%26amtos%3D0,0,0,0,0%26mcvt%3D3997%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3997%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D838%26pst%3D452%26dur%3D15018%26vmtime%3D3955%26dtos%3D1933%26dtoss%3D2%26dvs%3D1933%26dfvs%3D1933%26dvpt%3D1933%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3997,3997,3997,3997,3997%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D810%26femvt%3D0%26emc%3D21%26emuc%3D0%26emb%3D21,0,0,0,0%26avms%3Dexc%26qi%3D595104334%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D5441%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3997&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.08%26t%3D1638866232454&sdkv=h.3.490.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTgzNjU5NTY1NDRAgAIKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTEzNjIxNzYyCTE2MDY1ODIzOUBvUjYI3AcQDyUAAHBBKAE6CzM4OTE4MjM1My0xQgRHREJNSLcBUABaEC14UDVyOFJCSElId2VraTUYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 92ms
92ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=62033&t=1638866230&cip=91.199.118.73&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1638866230583-954080010883-008696-015-001488&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=69549561902&cd4=64130b52-6c39-48cf-94de-ba3773c7cb43&cd5=default&cd6=50&cd7=main&cd1=4.103.0&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&asid=60a0c4aabd19fc3b905086bf&pid=56ea678d181f46c76f8b45fb&cid=60a0c4acce284b4c1059cbe8&h=63b9f3ea3c685627005d85f67882233e65fdb704&d9=1000&ad=15&vi=100&ofpr=1.98268&imid=7bc06969857f311e91ddc15fc2510315_172316066_24439428&e=firstQuartile&ad=15&vi=100&d1=vpaid&fv=1&cb=1638866230708
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:16 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 114ms
113ms XHR
text/plain 34.194.106.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=62033&t=1638866230&cip=91.199.118.73&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1638866230583-954080010883-008696-015-001488&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=69549561902&cd4=64130b52-6c39-48cf-94de-ba3773c7cb43&cd5=default&cd6=50&cd7=main&cd1=4.103.0&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.106.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-106-25.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumgir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 08:37:17 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=30&q=0&hp=1&wf=1&ra=2&pxm=6&vz=-&zp=0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=1&rk=0&tk=1&ak=-&i=PLAYBUZZJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mdNRc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-hTUy9DU1NqKUTA%3D%3D&sc=1&os=1-Hw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=kw%60E*Y%7B!%2Fuo%2FmC7L!ks1t)JTG&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=6&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=299&w=531&fy=534.28125&gp=152&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&id=1&ii=4&f=0&j=&t=1638866232739&de=424189563722&cu=1638866232739&m=5069&ar=553ffc12ef5-clean&iw=edcd517&cb=0&ym=0&ll=4&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=152&lb=92849&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1292%3A1292%3A2562%3A1121&as=1&ag=5023&an=2197&gi=1&gf=5023&gg=2197&ez=1&ck=2197&kw=1022&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=5023&bx=2197&ci=2197&jz=1022&dj=1&dx=1&undefined=1&aa=1&ad=4915&cn=2089&gn=1&gk=4915&gl=2089&co=2089&cp=1022&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5055&cd=2028&ah=5055&am=2028&dq=5055&dr=2028&ds=5055&dt=2028&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=41&vt=95&vd=0&zMoatSRE=0.0826921875&zMoatVSD=30&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&du=11&eb=1&ec=4786&ek=1&ef=1&rf=0&re=0&cl=0&at=0&d=www.tumgir.com%3A60a0c4acce284b4c1059cbe8%3A%3A&bo=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&bd=&gw=vidplaybuzzjs491747965698&zMoatOrigSlicer1=https%3A%2F%2Fwww.tumgir.com%2Ftag%2Fbodybuilders%2520in%2520street%2520clothes&zMoatOrigSlicer2=N%2FA&zMoatAdSource=-&zMoatAdvertiser=-&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=48840959&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 08:37:17 GMT

GET
H2 200 track
atrack.avplayer.com/ 0
70 B 93ms
93ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M18&cb=1638866240075&cid=60a0c4acce284b4c1059cbe8&VERSION=4.103.0&AV_PAGE_LOAD_UID=64130b52-6c39-48cf-94de-ba3773c7cb43&AV_CDIM4=64130b52-6c39-48cf-94de-ba3773c7cb43&AV_ABTEST_TEMPLATE_WIGHT=50&AV_CDIM6=50&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1O_1vKTR9AIVvkQdCR2pBQPSEAAYACC_5s1MOhoImKfDuwIQjN7P7uEDGLWy3N4DIJy1nrXkDkITCJPg47yk0fQCFXPHuwgdMYEL_A;dc_rmcid=CAASEuRoaLc8uhJTb3kquQjcymuyVA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D908%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D7758,0,0,0,0%26mtos%3D7758,7758,7758,7758,7758%26amtos%3D0,0,0,0,0%26mcvt%3D7758%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7758%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1641%26pst%3D452%26dur%3D15018%26vmtime%3D7711%26dtos%3D3761%26dtoss%3D3%26dvs%3D3761%26dfvs%3D3761%26dvpt%3D3761%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3761,3761,3761,3761,3761%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D810%26femvt%3D0%26emc%3D40%26emuc%3D0%26emb%3D40,0,0,0,0%26avms%3Dexc%26qi%3D595104334%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26ptlt%3D9202%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7758;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.08%26t%3D1638866232454;ecn1=1;etm1=0;eid1=18;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E766 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxHOvOB2vYZPkBPOO7_UPsYKu4A_J67mbZpy1nrXkDveUj9C2KhABILmNjihglYKAgLQHyAEFqAMByAMTmAQAqgT_AU_Qxk-lWqOc6qDtZRqzge9cJVx-QdKFgnNFUQ2N7DCDoMy2N9EZNAv32FFBWa-zZ65SQeyJiGQcjFHj3j6InISZXAEg6Fjovvgw3-BOOcbtTTXUzkMpY_vrXSz-Ir2QvAi64qb13oN8PGagSsyBtOuPvnPWF1Y813aod8Yvzj2KvOUJTQt8kPZ38m0D2gNDLTgen6PwhSd4tNgVcMD_yuySWkwYXvjvIs_K490A0dc8FPGJ7xhD26ZQLb5bp3WJoFDbKXY_qWQlIK8NO9us1Ws7NU3PzOG16CDhnKLUXQbUsyYTcMsJ4JGY29EsICFnRnen2K-j04B_6xZA8CpcLcAEjN7P7uED4AQDkAYBoAZ2gAeNkKK7AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDkzNzc3ODQ0OTczOTg2OYAKA8gLAeALAYAMAbATx6CVDcgTtbLc3gPQEwDYEwqIFMIJ2BQB0BUBgBcB&sigh=keMWfZ3nD9g&label=videoplaytime50&ad_mt=7712&acvw=sv%3D908%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D152,534,451,1065%26tos%3D7758,0,0,0,0%26mtos%3D7758,7758,7758,7758,7758%26amtos%3D0,0,0,0,0%26mcvt%3D7758%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7758%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1641%26pst%3D452%26dur%3D15018%26vmtime%3D7711%26dtos%3D3761%26dtoss%3D3%26dvs%3D3761%26dfvs%3D3761%26dvpt%3D3761%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3761,3761,3761,3761,3761%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D810%26femvt%3D0%26emc%3D40%26emuc%3D0%26emb%3D40,0,0,0,0%26avms%3Dexc%26qi%3D595104334%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26ptlt%3D9202%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7758&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.08%26t%3D1638866232454&sdkv=h.3.490.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTgzNjU5NTY1NDRAgAIKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTEzNjIxNzYyCTE2MDY1ODIzOUBvUjYI3AcQDyUAAHBBKAE6CzM4OTE4MjM1My0xQgRHREJNSLcBUABaEC14UDVyOFJCSElId2VraTUYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 08:37:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 93ms
93ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.tumgir.com&rs=www.tumgir.com&sid=62033&t=1638866230&cip=91.199.118.73&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=531&he=299&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1638866230583-954080010883-008696-015-001488&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=69549561902&cd4=64130b52-6c39-48cf-94de-ba3773c7cb43&cd5=default&cd6=50&cd7=main&cd1=4.103.0&d9=1000&d37=realtime&AV_WIDTH=531&AV_HEIGHT=299&asid=60a0c4aabd19fc3b905086bf&pid=56ea678d181f46c76f8b45fb&cid=60a0c4acce284b4c1059cbe8&h=63b9f3ea3c685627005d85f67882233e65fdb704&d9=1000&ad=15&vi=100&ofpr=1.98268&imid=7bc06969857f311e91ddc15fc2510315_172316066_24439428&e=midpoint&ad=15&vi=100&d1=vpaid&fv=1&cb=1638866230708
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tumgir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:37:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: sync.adotmob.com
URL: https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1

Domain: img.cdn.house
URL: https://img.cdn.house/img.php?v=2&id=eyJpY29uIjoiNjFhZGQzMTRkZDM1Zi5wbmciLCJ1aWQiOjU0MDIsImNpZCI6NjI2MjkyLCJvcyI6MTQsImJyb3dzZXIiOjE4LCJjb3VudHJ5Ijo1Niwib3BlcmF0b3IiOjk5OTksInN1YkFjYyI6NjE4NjAwMzQsInN1YklkIjowLCJhZHZUeXBlIjowLCJ0cmFmZmljQ2hhbm5lbCI6Mn0=

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.tumgir.com/tag	1970-01-19 23:57:38	Name: exco-uid Value: 3a7fv3875viqe0a9
.tumgir.com/	1970-01-20 16:45:38	Name: _ga Value: GA1.2.680246704.1638866229
.tumgir.com/	1970-01-19 23:15:52	Name: _gid Value: GA1.2.2116556345.1638866229
.tumgir.com/	1970-01-19 23:14:26	Name: _gat_gtag_UA_134279593_1 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: RYDuuJCGJls
.youtube.com/	1970-01-20 03:33:38	Name: VISITOR_INFO1_LIVE Value: bPF-4V6DQvY
www.tumgir.com/	1970-01-20 08:44:40	Name: __atuvc Value: 1%7C49
www.tumgir.com/	1970-01-19 23:14:28	Name: __atuvs Value: 61af1d353675ff88000
.addthis.com/	1970-01-20 08:44:40	Name: uvc Value: 1%7C49
.aniview.com/	1970-01-19 23:28:50	Name: aniC Value: 1638866230583-954080010883-008696-015-001488
.casalemedia.com/	1970-01-20 08:00:02	Name: CMID Value: Ya8dNi-IK4sLNSh0ajsjpQAA
.casalemedia.com/	1970-01-20 01:24:02	Name: CMPS Value: 5224
.casalemedia.com/	1970-01-20 01:24:02	Name: CMPRO Value: 1174
www.tumgir.com/	1970-01-19 23:57:38	Name: _pbjs_userid_consent_data Value: 3524755945110770
.addthis.com/	1970-01-20 08:44:40	Name: loc Value: MDAwMDBFVURFUlAyMjkyMTg4NDAwMzAwMDBDSA==
.casalemedia.com/	1970-01-19 23:15:52	Name: CMST Value: Ya8dNmGvHTcA
.doubleclick.net/	1970-01-20 08:36:02	Name: IDE Value: AHWqTUkNpY52LUnYNOjHD4DugwWN64wEbpMpxrfWxTm4t4kujR_USZEnPKYotO4xP5s
.casalemedia.com/	1970-01-20 08:00:02	Name: CMRUM3 Value: e661af1d362760&0d61af1d3605a0&4061af1d372760no-consent&da61af1d362760&2d61af1d3605a0&4961af1d3605a0&f161af1d3605a0&2761af1d360b40
.yahoo.com/	1970-01-20 08:00:23	Name: A3 Value: d=AQABBDcdr2ECEAx2aQ9ZDOcHeD2O-BUTvjcFEgEBAQFusGG5YQAAAAAA_SMAAA&S=AQAAAvj86hKIlVR50McagAfDaRc
.aniview.com/	1970-01-19 23:15:52	Name: 2_C_42 Value: Ya8dNi-IK4sLNSh0ajsjpQAA&1174
sync.aniview.com/	1970-01-19 23:15:52	Name: 2_C_42 Value: Ya8dNi-IK4sLNSh0ajsjpQAA&1174
.tumgir.com/	1970-01-20 08:36:02	Name: __gads Value: ID=ea6c6c3f21c2d4b2:T=1638866232:S=ALNI_MbEP4ZzCvOBSLLapYTly9x0qbbPdQ

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb(Line 2) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 Message: Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64.media.tumblr.com
accounts.google.com
ad.doubleclick.net
ade.googlesyndication.com
ads.pubmatic.com
adservice.google.com
api-public.addthis.com
api.tumblr.com
atrack.avplayer.com
bid.g.doubleclick.net
ce.lijit.com
cm.g.doubleclick.net
csi.gstatic.com
d18g6t7whf8ejf.cloudfront.net
dgmaplain.club
dmmzkfd82wayn.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
img.cdn.house
m.addthis.com
match.adsrvr.org
mcd.ex.co
mefagetobri.top
pagead2.googlesyndication.com
pixel-sync.sitescout.com
player.aniview.com
player.avplayer.com
player.ex.co
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid-server.rubiconproject.com
premiumsrv.aniview.com
pubads.g.doubleclick.net
px.moatads.com
r2---sn-4g5ednds.c.2mdn.net
s.amazon-adsystem.com
s0.2mdn.net
s7.addthis.com
secure-assets.rubiconproject.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.doubleclick.net
sync.adotmob.com
sync.aniview.com
tag.1rx.io
tag.targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
uknsyenerg.co
undhertobec.xyz
urgoldpie.club
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.tumgir.com
www.youtube.com
z.moatads.com
img.cdn.house
s7.addthis.com
sync.adotmob.com
104.117.200.100
104.75.88.126
107.22.28.167
13.32.121.38
142.250.185.130
142.250.186.34
142.250.186.66
142.250.186.70
151.101.66.132
167.71.185.16
18.197.28.238
18.208.85.173
18.66.139.32
18.66.92.75
192.0.77.3
192.0.77.40
198.47.127.19
2.16.186.139
2.18.233.180
2.18.234.21
2.18.235.40
2.19.35.65
209.54.180.3
213.19.147.42
213.19.147.43
216.52.2.30
2600:9000:223e:4e00:6:2e3c:5fc0:21
2606:4700:3030::6815:2dcf
2606:4700:3034::ac43:8a89
2607:f8b0:4007:816::2003
2a00:1450:4001:19::7
2a00:1450:4001:803::2002
2a00:1450:4001:803::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::200d
2a00:1450:4001:811::2002
2a00:1450:4001:811::2006
2a00:1450:4001:811::200a
2a00:1450:4001:813::2001
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:831::2008
2a00:1450:4001:831::200e
2a02:26f0:6c00:28a::2c79
2a02:26f0:6c00::210:bb91
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3601:6630:8239:d3f4:893e
3.229.193.232
34.193.25.178
34.194.106.25
34.251.193.90
44.195.137.121
46.4.32.130
51.89.42.86
52.223.40.198
64.233.167.154
66.155.71.150
69.173.144.138
75.101.235.47
01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
07d3ba20a6e3b9064e748b43c0d5a5da82e00539c3970bc085cabefe88de014b
095cee6dc55f1d1833be98903191ee38cc34be3df1c45fb859fba0018479125a
0998d576612a64fe9a9fdcc255988c0793221ef6b54254a8ce46275bcad889a5
09d26303d0c02c2c886f6d1d5993c8bd75bd59576c00b827f0708998495b771c
0a9247f2c9853f8796f191f53933e69c6d14b4f36da24ee6379c3d4161602e5c
0b01e6e76a90369cb516c29f18fd80d401e9060ccc5efe72e70c9d7bfbb0ee36
0c8ee899acc9664a47e59d51cfbbeabf4862f14fc77e8c3968a0357285966292
0c97b928a706496e912e3a9063270187ec27433e0e986a2ec9e055c8f21bed79
0e68201459707040dd6b3d187c2a10b2d5f0a357062f71e21998a11c84ef45dc
11cf4254b119227028458bf86875364956cd47ede046bce1aedf40ad57cdb9ae
15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55
189d22cccfeb7df7629f25479c72c7a1a45690d4963cb0ca1a5c659c1b007fca
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1c45395358ed50d511a219a1d462af7543b00b05a5d69bb9eb49c2b0b0f7bec7
1cbd5b2d9b9ed23c65355015dba8b310e3e9139c9017f571da039252ee6f6212
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e552184493eea74a53b11e52b6e6eec9c35d90cece6592d9bdf6cf1090ad8c0
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1ff34b121d6c1fa4b24f29946b90c06b78c3caaa4651aec7a4d881c3cf0c6f87
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
272a612f7fcefd5b1292d2b642a9a252c57ee1b6c97cdfaad321eecca2466dce
30c142202faacc5bc92ccb49615dfb3028f4e38d8056e51f2e18cf8456f478cc
3363c13f3615af54d0e9be12fc9ec1700f930a165c3109ae6e1324df141201d4
344a91e54490d605b83bf9c3a1b7d16ebcc61b6caa828c3aa2d7823b24ce8278
347c90607e898c1ff584b19fd53e7355661d378019a6c42cb56e49555a8a4c04
394ddf9d52192abd51cceb5730108e9b5dc715b8c6d08a0d8abe94762ed395aa
3b8b30f4fd41a227f288e6d1c33eb5b16353901a8172964021666f547eaa134c
3d4e27c191d9de1ccec1510dc06f5f736daa5578117f1a863bad688c6f88a332
3dece685b5f01b1a1a47c89706b9bb6e156edca56c99793271b13a82209a053b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e992d0bb8452871862bfca8a1c01993e6e73225c873025294af9b57ad2ccf7c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ec571550eb53ce8d479fab150a37bdce6a28771bdb207f3a12c81383ce1ed8
41144d8a2cb48b0babd1dc9351c86d6e260aa2145098476082ab3f2869ea4b8a
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
43731c98177737b1eec4a69a9673c439d4d8176a0b50a990af7e21543f5fcf43
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7
45243edf740eae18b5ca88e044e3d257835e15ccb13bc428828b4e764d5b365b
473139c85473daa13724d7c0c9a99ed3cc7ba671cb59fc71e9ad7fef8a0fb0ae
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4bb77ef61f9d7c29cfa1535ecdc73c2f6ede6f8d8f8873060348d85da4844de3
534236e381149de6107703637ce63d1052cc12f4c93b2d10b47baca87f641023
55110586d3719c3e8bdaa21f06e4cc1c0a7451abbae662344cbd4411536b585f
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
60f66ff79d0cadc4aae260df4515924c5712757b759f660de5e0598029925481
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
622ded03b3c605b0860294a5021a5e4479e301672f0e5fab5fd6e5ffdadda3ce
63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0
6403b55fbcc31374203db19d4f0ef96b7bd90553f14598ae280d820655614db9
6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374
66a34432227b1ff41f4b319f0b6490b1590dd51d42fdcdac4c1682bed282ef21
677bd36bb82a28d9a189c121c93dfab9f5d151d670e5695d90f96e35ed713e3b
6b1fe03fe0108811c24ae5a373bae986c474bb1c18acb0216b684916f6fa6a88
6b200cf45f7191ebf219089ede9aae770a265617b6b5aca30e70c2173eae9718
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c78d4d42163da7aef3fce3d00f133df3af4107d9f7dc3f85dc7b8afa35a7e59
6cb77653f129d93e740f0303e5ee82f8565f7d432d4c4a1f4e85a128050967e9
6dc022148b3343bfda3b4c8f35c5836de03777c744adf84b206adea0a42f0cd4
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6fb1718798cb8d8ebfcb32870f06abc447bd8534b73d6e8554e87379f3bb4026
6fb75cd2e2a1ba0aeeae225785dda7b4df8dc5c4b7f9f347e10ca14626176ba4
701197b0b745d493f2433cb70b0aba2915fb9b7232131f47b5aa32dda4feb554
707f6313c4292c18c3ef98ed86dbacd2238af489b99b889b858f5240b388a2ec
7128a946a179f184d21b571095286e26f61c260d1a45096b44a1a7d3850efa51
7591a616f80e413b2a00783769302b6475c64ba7b26b3e3ec0d195cc630b641f
79764748539a922633396c54d45475318031da72758de7e0f4a8f7e3b8cdb268
7a0e81f077cebea6036a4172cf892fb80802ab6e8025832564a8e70c70e45103
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7d37e2a52cb4b24bb620e484d442c61aa75c0d3ec904ceefa06a5e66821417ed
8235b90c6b8459347fcbcb1d5ae3044115e5c02abb2dda0b5dbe950b48d64cca
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bf5b98721ba135b243f64ed9a99f35f744a2378380b77461506cf9e755dad2
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
88b7b60abfbcd15997d22d2839830aa4593142a21fc2b7be01f6896ac3d27310
898924cffa528dbc88634a2dc37fd765e6f9d968d96b3d02890f373cd742f5d8
8c382d76b7f3c936b789e587ff26a8383cb504a1b7c7f6183f80a45d2a464c9d
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9045edf92f5b928cb307aa3f617906982fa27278683397a34265dae061c85fb3
90b69c5f7668353e1ae5d266dba1f8a4b2dbbb254b6a2cf6e5b2d91381a714eb
91ee1ba799a4df7c9c24b4fc4b264ef35fb7fb62f72516f1330e5424bdab53ca
93e9c4317361abd8e3b1e4cdca77b7cf3cb28d30c98ca5cde95fa284c868874b
9608ab4d3a414bb8d3e07dcbf2eb8413f34ad56eea0934e70710b808cdcc98af
96f748294a357dcef405cdae577d5329b5ef0877982fc39df97556b9faf26ef0
9c0169f9168499179a1024c8f501f43a47be5199007d384a010cb3d26b6f7749
a137cc1fe8c28a65cfbde6d0b529db774f1de6d375885b5d41767172485adce2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6ec215ae1f79058f76e3ac67a8637b37baadf10dabcd5450b0cc8d0fa97934a
a8fce760f6cad4883e5c9c37604f05589d5aab70f9368cba2915f0c92923abd5
a9209223bdd21d9460b0685c7b81a084e30e2dcbed566c59b1ad60475f98b2d2
a986c26c40febdfac5074b57a925fe2d7b901e75b7bcad4a19a5cbe3987b51bf
a9d882997ec60e3829e71a8ec3c7f77e2ac8d8408aa26beb6ecc80dea0d9fcfe
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e63eaba04f14bba563633180f4bcfbe432cb9bd1b9f001dac5c6cd361b8026
b38011ebc9fe67ad5e75cdee894685da770185926991603cad35cf043771dbff
b40fa874a033e49ba4cdb2698e8a0140c4f04e4993f5ff46c49835dcd8195d16
b5498bc67ac496a3fc5af517d67021c41a5c96115e91bf953fc4d3e754b41ba7
b5d5f458a6d96e8d24fb8d475b18723bf03a2dcf88a891efbf859809be7c9cf9
b6fd174ccdb628c214c6c36c6acb44b9265303140dd1106354ab611de4b7c425
b93b39fd383144ab623ad11cc218b165dc254b3df285252cf87a52e7faff05b3
baf3a4cb694536ee55053d20031d9e5806168c2de90bf0bec9bd6a579d4522e2
bbff07654718224b25094fb8d7bb960bfad6b6c76a86448b255701184720782d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c9ab31533bc30c9fb9eb7fb85ea16b1d8ad44f758dc0aa421a4c87ddfe537984
ca02673228be32bc38105f3255c4356477afcb7210a0c7797b790d10757a8a59
ca2e426d8dddb23a5a9781c40d19121c23db9de10a0f50a44fd8112f0b62ac9d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccc7ec35c235ac456107ff97103cac285044c66fb544d9790e3416c83c66e45c
ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7d423030590331283f7500f04e2ff867a536e491ad94bd84517998d5ce8adc
d00cd36cf4795feb18740ee11ae68b8dd497a53c0a110a1f61582edf8246c216
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d371acfbb007732e8f869a2548f349caf1b5d4fe19f899dd60fba34e276852dd
d41b4df437b5651c44f2373bcf30cb9926215a7927dfde6ff1576e8dccd9ebc7
d7392e0bc0b6ceca61f2efe0cad9ec6e4f09b30901a18378a0b782c66f386ada
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8a19a2d30a95f39fb4a88bf48d8b9ab1e07f8488513cd3ce1ef0a0259a0c156
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
db80ed2cc8a62558bb3759cd3be2a90690d504ea9a55344c012e3041ac9b6ab7
dd9a4af9b79e6a7e20fe40bdf2ebff93b829fbceba33abc76f3fcb0cbb0a9083
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e0332c86b12e10d7fd7c4647bcef028086fe2cfe8e29ca9c9c31b241b1fa745d
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2ff6f15961fb4f4fe6e1f4af027be8b616034679e6415cbbfca9bd0e76cef4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e776c2db1c187e1cf52b26ca3576751b9b0a3fd685b9c83c6e7625f966e3b5dd
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
edcd9a0c9c71f5ae341cd37ced9e2833a31bdc3ebf2dfa17f2c320cd8dcaa48e
ee3d842cb2faf63bd4b1de8afa5db4ccf0b7398fc77b59578dde2488289b0180
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b6ee93d65d7b713cf0cf6eaa1c5f02e8fbfac6814ca35678efdc6c87d31116
f51bf14edec6ba915274aedf06cbce5d7144227c348665e64cb2a43408c056b1
f6eb9373a823e0cadc07731b17f6a98f1e0320c9af119920033d705603e464d2
f9b2c3e3c47fbfb98f792ac26492a19242bd400756a355bc1748264604adda58
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fde2001ad01991b00479e61431b11afc38e713a27abb396735a60aee5f75453e
fea8b1edea561c548f9f09c23c24d4da0a6f0a8baca6493c3fb886f38e98d5ab

www.tumgir.com Open in urlscan Pro 167.71.185.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

252 Requests

94 %HTTPS

38 %IPv6

39 Domains

69 Subdomains

57 IPs

4 Countries

11499 kBTransfer

20497 kBSize

22 Cookies

1 Outgoing links

Redirected requests

252 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tumgir.com Open in urlscan Pro
167.71.185.16 Public Scan

Screenshot
Live screenshot

Full Image

252
Requests

94 %
HTTPS

38 %
IPv6

39
Domains

69
Subdomains

57
IPs

4
Countries

11499 kB
Transfer

20497 kB
Size

22
Cookies

252 HTTP transactions
11 data transactions